Data Risk Intelligence
Automated Data Mapping
Do Not Sell/Do Not Share
Cookie Banner Solutions
Consent & Preferences
Data Rights RequestsBusiness Roundtable Releases Data Privacy Framework
Business Roundtable released its recommended approach for consumer data privacy following comments earlier this week by the organization’s President & CEO that the association would release a policy framework for national privacy legislation. Business Roundtable is an organization representing CEOs of leading companies across the economy. Business Roundtable submitted comments to the U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA)
The four objectives of a national consumer privacy law according to Business Roundtable are:
1. Champion Consumer Privacy and Promote Accountability:
Provide robust protections for personal data and enhance consumer trust while demonstrating US leadership.
2. Facilitate Innovation:
Take a technology neutral approach that can handle an evolving technology landscape.
3. Harmonize Regulations:
Eliminate fragmentation of laws within the United States
4. Achieve Global Interoperability:
Facilitate international transfers of personal data.
Business Roundtable identified the following components of a national consumer privacy law:
1. Applicability:
Create a national consumer privacy law that applies to the collection, use and sharing of consumer personal data by private organizations.
2. Comprehensive: Apply a consistent, uniform framework to the collection, use and sharing of personal data across industry sectors, harmonizing certain sector-specific laws to bring them in line with a national privacy law.
3. Recognize Consumer Rights:
Provide consumers rights with respect to their personal data including the right to transparency; the right to control collection, use and sharing of their data; the opportunity to control sales of their personal information to third-parties; the reasonable right to correct inaccuracies; and the ability to delete their personal data with certain limited exceptions.
4. Governance and Accountability:
Companies should have appropriate contracts with vendors to protect personal data. Companies should have mechanisms in place to handle inquiries or complaints about data practices.
5. Risk-Based Privacy Practices:
Companies should leverage risk-based privacy practices to apply greater protections to practices that may present higher risks to individuals.
6. Address Data Security:
Companies should implement reasonable administrative, technical and physical safeguards to reasonably protect against unauthorized access or disclosure of personal information. A comprehensive federal standard should be implemented to ensure that consumers are notified within a reasonable timeframe if there is a data breach that presents a significant risk of financial harm.
7. Effective, Consistent Enforcement:
Support the Federal Trade Commission (FTC) as the primary consumer privacy enforcement agency with adequate funding. There should be no private right of action.
The announcement follows up the proposal by Intel earlier this week as well as the discussion draft the week before from Senator Ron Wyden (D-OR) called the Consumer Data Protection Act.
Other Blog Posts on Proposed Federal Privacy Law Changes:
NIST Voluntary Privacy Framework
NTIA Global Privacy Priorities
Media Reports White House Considering Privacy Law Changes
Intel Draft Privacy Law
ITI FAIR Privacy Framework
US Chamber of Commerce Privacy Principles
Contact Clarip for Help with Your Privacy Program
The Clarip privacy software and team are available to help improve privacy practices at your organization. Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo or speak to a member of the Clarip team.
If you are working towards GDPR compliance, we can help through our modular GDPR software. Whether you are starting the process with GDPR data mapping automation, need privacy impact assessment software, or looking to meet ePrivacy requirements with cookie management software, Clarip can help strengthen your privacy program.
If CCPA compliance in 2020 is on your radar, ask us about our California Consumer Privacy Act software. Improve efficiency of responses to data subject access requests with our DSAR software, or provide the right to opt out of the sale of personal information with our consent management platform.
Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo and speak to a member of the Clarip team.
