CRS Report: Data Protection Law: An Overview

From the summary of Data Protection Law: An Overview (R45631, Mar. 25, 2019):

Should the 116th Congress consider a comprehensive federal data protection law, its legislative proposals may involve numerous decision points and legal considerations. Points of consideration may include the conceptual framework of the law (i.e., whether it is prescriptive or outcome-based), the scope of the law and its definition of protected information, and the role of the FTC or other federal enforcement agency. Further, if Congress wants to allow individuals to enforce data protection laws and seek remedies for the violations of such laws in court, it must account for standing requirements in Article III, Section 2 of the Constitution.  Federal preemption also raises complex legal questions — not only of whether to preempt state law, but what form of preemption Congress should employ. Finally, from a First Amendment perspective, Supreme Court jurisprudence suggests that while some privacy, cybersecurity, or data security regulations are permissible, any federal law that restricts protected speech, particularly if it targets specific speakers or content, may be subject to more stringent review by a reviewing court.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.