Incidents such as the Facebook-Cambridge Analytica data scandal and the dizzying number of data breaches have made consumer privacy a key issue among elected officials from both sides of the aisle.
The trade bodies—Interactive Advertising Bureau, Internet Association, Retail Industry Leaders Association, The Software Alliance and the 21st Century Privacy Coalition, which represents telecom interests—met with lawmakers on Wednesday during a Senate committee hearing titled "Policy Principles for a Federal Data Privacy Framework in the United States."
The groups unanimously agreed that preempting California's Privacy Act with federal regulation would best serve consumers.
Had California not passed its privacy act, these trade bodies wouldn't have called for federal regulation, believes Daniel Jaye, founder and head of product of Aqfer, a customer data platform. "It's been forced upon them," he says. "They want to have a seat at the table to negotiate a soft landing."
Missing the 2020 deadline will result in other states adopting their own privacy laws, and they will likely use California's privacy legislation or the E.U.'s Global Data Protection Regulation, or GDPR, as a foundation.
Having a patchwork of privacy laws for each of the 50 states might result in a regulatory nightmare for both ad tech and marketers who wish to target consumers with data. Observing more than one regulatory regime might not only be burdensome, but also expensive; a company seeking compliance with the E.U.'s General Data Protection Regulation, or GDPR, likely need to spend at least $1 million, for example.
"We caution Congress not to rely on the frameworks set forth in Europe's General Data Privacy Regulation or California's Consumer Privacy Act as examples of the ways in which a national privacy standard should function," Randall Rothenberg, CEO of the IAB, said in prepared remarks to senators Wednesday. "These frameworks are not new approaches, only more restrictive versions of the existing privacy paradigm … These laws also display a misguided antagonism toward online advertising and fail to recognize the various ways in which digital advertising subsidizes the rich online content and services that consumers want."
Rothenberg pointed to other federal regulations, such as those in the automotive industry that deal with safety and the Child Online Protection Act, or COPPA, as examples of why blanketing the U.S. with a single regulation is what would serve consumers best.
David Carroll, a privacy advocate and professor at Parsons School of Design, previously thought it would be inconceivable to hear Rothenberg ask for federal regulation. "The Cambridge Analytica scandal was the turning point," he says. "There is a high-pressure rush to beat the California Privacy Act from coming into effect." In an email to Ad Age, however, Rothenberg disputes this. "We have long supported appropriate regulation, always in a balance with self-regulation," he wrote. "This is a matter of public record, going back to the establishment of IAB's Public Policy Office in 2007."
~ ~ ~
CLARIFICATION: An earlier version of this article said that the ad groups' move to support federal regulation was a "complete reversal" of their earlier stance, which was to favor only self-regulation. In fact, the groups have in the past supported both federal and self-regulation in combination.