March 27, 2019
Sen. Jerry Moran, Chairman
Sen. Richard Blumenthal, Ranking Member
Subcommittee on Manufacturing, Trade, and Consumer Protection
512 Dirksen Senate Building
Washington, DC 20510
Dear Chairman Moran and Ranking Member Blumenthal:
Thank you for convening a hearing to bring greater attention to “Small Business Perspectives on a Federal Data Privacy Framework.” Our organizations – the Small Business and Entrepreneurship Council, Small Business Roundtable, and Connected Commerce Council – held an event late last year on this timely issue and are ready and willing to work with you as you construct a national privacy bill.
It’s no secret that we live in an increasingly data-driven world. Collecting and analyzing data influences everything in our society, from the ads we see on TV to the products our favorite brands sell. However, despite data being at the core of the twenty-first century economy and the U.S. leading the world in technology and innovation, we lack a clear national regulatory framework for protecting data and consumer privacy.
Instead of a national privacy law, America has a confusing mix of state laws, unclear and ill-defined legislative proposals that should terrify small businesses, and industry-specific policies that at best don’t help consumers and at worst actually compound problems. California already passed privacy legislation that goes into effect in 2020, and 26 states are considering privacy legislation.
Small businesses cannot afford to navigate a unique privacy regulation for each state, and their ability to grow and compete is undermined by the morass of state laws that require armies of compliance lawyers. Even America’s biggest companies will be overwhelmed if more than half of the country has new privacy laws.
It’s time for Congress to act. We need one privacy law that protects all Americans, including those who operate businesses that use data. As the conversation on Capitol Hill around privacy legislation continues, it will be important to take into account recent missteps in the European Union and in California — especially about the unintended consequences that have disproportionately harmed small businesses.
America needs a national privacy law that’s simple but strong, with one set of rules that every company must follow and every consumer can understand. Our privacy law should punish bad actors while allowing innovative small businesses and startups to grow, and penalties should recognize the difference between a billion-dollar tech giant with customized and proprietary software, and mom-and-pop businesses that work with out-of-the-box solutions and third-party providers.
Small businesses compose 99.9 percent of all American businesses and employ 47.5 percent of our workforce. A privacy bill that ignores the impact on small business is bound to harm hardworking families and innovators looking to make their mark in the digital age. Privacy legislation that does not preempt inconsistent state laws could slow the growth of online commerce and chill innovation and our digital economy.
Thank you for the time and attention you are bringing to this critical issue. The data driven age is here to stay, and it’s time for Congress to act. Privacy should be one of the top priorities for Congress, both to protect American consumers and to promote the success of digital small businesses.
President and CEO of Small Business and Entrepreneurship Council
Co-Executive Director of Small Business Roundtable
President of Connected Commerce Council