We Need a Federal Privacy Law

The growing patchwork of state privacy laws is confusing consumers and having a chilling effect on our economy, especially for small businesses that are struggling to keep up with an ever-changing compliance landscape. Resources that could go towards innovation and job creation are instead being spent on compliance costs and legal bills. Since 2018, 46 states have introduced 183 different, often conflicting, privacy laws. Thirteen states have passed their own privacy law.

Now is the time for Congress to Act.

Learn More

KEY STATS

U.S. State Privacy Legislation - 2018-2023 Updated 11.2023

86 percent of Democrats and 81 percent of Republicans said Congress should make privacy a “top” or “important” priority. (Morning Consult, 2021)

The average privacy spend of small businesses (50-249 employees) is $2 million, up from $1.1 million in 2020. (Cisco, 2023)

Since 2018, 185 comprehensive privacy bills have been considered across 46 states.

In 2023, 62 comprehensive privacy bills have been filed across 30 states.

13 states have passed comprehensive privacy bills: California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia.

Failure to pass a federal privacy law would cost our economy more than $1 trillion over 10 years, with more than $200 billion being paid by small businesses. (ITIF, 2022)

The enactment of the California Consumer Privacy Act (CCPA) in 2020 has resulted in nearly 200 lawsuits involving companies that sell to customers in California despite being located elsewhere. (ITIF, 2022)

The California Consumer Privacy Act created a $78 billion annual economic burden on the U.S. economy. (ITIF, 2022)

MUST WATCH

Now is the Time for a Federal Privacy Law

Industries are United for Privacy

Why Do We Need a Federal Privacy Law?

Lawmakers Agree: Protecting Privacy is a Priority

Why Do We Need a Federal Privacy Law?

A Federal Privacy Law Has Bipartisan Support

“The potential of a patchwork of state laws on data privacy is very real and the confusion that it would cause for consumers. I do not see where it would help build trust and confidence that individuals and consumers would believe that their personal data privacy is being protected. For companies, a patchwork of laws is really impossible. The potential for conflict in what the law and standards are from state to state makes it impossible for companies to operate when we all recognize that the internet doesn’t have any boundaries.”
____________________________________

Rep. Cathy McMorris Rodgers (R-WA), Chair of the House Energy and Commerce Committee

"Every American knows it is long past time for Congress to protect their data privacy and security. The modern world demands it. The American Data Privacy and Protection Act meets the moment with essential compromises that protect consumers while ensuring American businesses remain innovative and globally competitive. There is no time to wait on protecting Americans' privacy and data security and providing certainty to American businesses."

_________________________________

Rep. Frank Pallone (D-NJ), Ranking Member of the House Energy and Commerce Committee

"With the recent increase in cyberattacks on our nation’s critical infrastructure and the ongoing efforts to expand internet services to every American, the need for federal privacy legislation is imperative. We risk losing consumers’ confidence in the internet marketplace and undermining our national security and technological leadership abroad without a federal privacy law."

____________________________________

Sen. Roger Wicker (R-MS), Ranking Member of the Senate Commerce, Science, and Transportation Committee