California Privacy Protection Agency Opposes Federal Data Privacy Law

California’s data privacy actThe agency opposes the federal law because of measures that would preempt California’s data privacy act and compromise the mandates it has to fulfill under that act.

08/17/2022 1:30 P.M.

3 minute read

The California Privacy Protection Agency (CCPA) is opposing federal data privacy legislation that would preempt California’s data privacy act and other state privacy laws, it announced this week.

The CPPA sent a letter to House Speaker Nancy Pelosi and Minority Leader Kevin McCarthy opposing H.R. 8152, the American Data Privacy and Protection Act, specifically for its measures that would replace California’s law, the California Consumer Privacy Act, with “weaker protections” and compromise the ability of the agency to fulfill its mandates under the state law, according to a news release.

H.R. 8152 advanced out of the House Energy and Commerce Committee in July.

U.S. Reps. Frank Pallone Jr., D-N.J. and Cathy McMorris Rodgers, R-Wash., chairman and ranking member of the House Committee on Energy and Commerce, and U.S. Sen. Roger Wicker, R-Miss., ranking member of the Senate Committee on Commerce, Science, and Transportation, released the discussion draft of a comprehensive national data privacy and data security framework this summer, ACA International previously reported.

On July 28, 2022, the CPPA Board of Directors voted unanimously to oppose H.R. 8152 and any other bill that seeks to preempt the California Consumer Privacy Act (CCPA). The board, however, voted to support a privacy framework that would set a “true floor” on privacy and allow states to further innovate on those protections.

The CPPA, created and funded in 2020 by California voters, is the first data protection authority in the U.S., and its sole focus is the protection of California residents’ privacy rights.

U.S. Reps. Anna Eshoo, D-Calif., and Nanette Barragán, D-Calif., both members of the House Energy and Commerce Committee, voted against H.R. 8152 at last month’s markup. Every member of the California delegation voted in favor of an amendment that would allow the states to pass stronger laws, which Eshoo proposed, according to the CPPA.

ACA Advocacy  

ACA continues to advocate for federal data privacy legislation that avoids creating a patchwork of requirements for regulated entities that may also conflict with existing regulations.

The American Data Privacy and Protection Act, would, among other changes:

  • Establish a strong national framework to protect consumer data privacy and security.
  • Grant broad protections for Americans against the discriminatory use of their data.
  • Require covered entities to minimize, on the front end, individuals’ data they need to collect, process, and transfer so that the use of consumer data is limited to what is reasonably necessary, proportionate, and limited for specific products and services.

“ACA appreciates that the legislation is designed to preempt many state privacy laws because all Americans deserve to receive a uniform level of privacy protections,” said ACA CEO Scott Purcell in a letter to McMorris Rodgers and Pallone. “Nonetheless, there are specific exceptions contemplated in this legislation that will result in an unnecessary and complicated patchwork of privacy protections.”

Those exceptions include:

  • State data breach laws, including California’s private right of action for data breaches.
  • Employee and student privacy laws.
  • Facial recognition laws.
  • The Illinois Biometric Information Privacy Act and Genetic Information Privacy Act.
  • Fraud, identity theft, cyberstalking and cyberbullying.
  • Public records laws.
  • Laws regarding credit reports, financial information and financial regulations.

“The sheer breadth of these exceptions will, unfortunately, limit and undermine the effectiveness of the preemption provision under consideration,” Purcell said. “Without question, the legislation and preemption as they currently stand will confuse and complicate compliance in a number of states. Given these realities, ACA respectfully urges ​the sponsors to eliminate or, at a minimum, narrow these exceptions to the preemption provision (except in instances of ​criminal behavior).”

Read ACA’s complete letter to the committee here.

If you have executive leadership updates or other member news to share with ACA, contact our communications department at [email protected]. View our publications page for more information and our news submission guidelines here.




Training Zone

This site uses cookies. By continuing to use our site, you are agreeing to our use of cookies. Review our Privacy Policy for more information. You may change your preferences on how cookies are stored by reviewing the settings on your browser.

The content on this site is presented for educational, general reference, and informational purposes only; is not intended to serve as legal or other advice; is not intended to be a full and exhaustive explanation of the law in any area; and should not replace the advice of your own legal counsel. By continuing to use our site, you are agreeing to the legal disclaimers in our Terms of Use. Review our Terms of Use for more information.

Friendly Reminder

Get continued access to ACA International’s wide array of resources, which can help you become more profitable, compliant and successful.

Renew your membership today to take advantage of tools you won’t find anywhere else:

  • Discounts on seminars, products, services and events
  • Resources to strengthen your compliance department
  • Industry-specific risk management products and services
  • Participation in ACA’s online community, The Hub
    Members-only website content
  • Professional development and training opportunities, and so much more!

If you have completed your renewal, please disregard this reminder.