Edited by Donell Newkirk. Photos courtesy of Reuters and Getty.
Could there ever be a US version of GDPR? For the last few months senators here in Washington have been drafting a bill that could become the country's first-ever national data privacy law. But for months we've been told to expect a draft text within weeks, and still we've seen nothing.
I've spent some time recently in Silicon Valley, where technology executives think that the chances of getting a national data privacy bill passed in the next couple of years are receding. One person put the chance to me at around 30 per cent, and that was one of the more optimistic predictions I heard.
Part of the problem, I've been told, is that Democrats in Congress are digging in their heels about how tough it should be. Senator Brian Schatz in particular, I'm told, is keen for the bill to include the right for private citizens to sue companies that fail to protect their data. That's something the industry hates.
There is an impending deadline here. Next year, the State of California puts into force a separate, wide-ranging data privacy bill of its own. The industry hates that bill so much that it has been trying to get Congress to create a national rule which will then overrule it.
That gives data privacy campaigners and their allies here in Congress the upper hand. They can simply sit back and wait for the California law to come in knowing that most major technology companies will have to roll out those standards nationwide.
If I were a technology company executive or a lobbyist for one of those companies, I might actually switch my attention now from campaigning for a national law to override the California bill to focusing on how I might be able to change the terms of the California bill itself.