Top U.S. Businesses Call for More Government Regulation - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Data Management // Big Data Analytics
07:00 AM
Todd Wright, Head of Data Privacy Solutions, SAS
Todd Wright, Head of Data Privacy Solutions, SAS

Top U.S. Businesses Call for More Government Regulation

So, what's the catch? There's a very real possibility that most states will develop their own data privacy laws, causing chaos that will benefit no one.

Image: md3d -
Image: md3d

A CEO of a major company asking for government regulation is not a common occurrence and not something that most of us are accustomed to seeing. So recently when CEOs of more than 50 leading U.S. businesses, including Walmart, Amazon and AT&T, signed a letter to Congress urging the passage of a comprehensive federal data privacy law, it had some thinking: What’s the catch? Don’t most companies do all they can to avoid further regulation or oversight?

Chaos avoidance’

Before this letter can be dismissed outright as an attempt by companies to write their own regulations, let’s not forget two significant factors U.S. companies currently face: 

  1. Congress has already drawn the line with data privacy by stating that any federal bill that represents a watered-down version of the California Consumer Protection Act will not pass with the needed votes.
  2. The majority, if not all, of major U.S. based companies already must adhere to the very strict regulations found within the General Data Protection Regulation (GDPR). Adhering to data privacy is not something new for U.S. companies.

If the motive of these CEOs isn’t to dilute an imminent state law and data privacy on a large scale is something these companies are already dealing with, then why was the letter necessary? In two words: chaos avoidance. There is a very real possibility that most U.S. states will develop their own data privacy laws, causing chaos that will benefit no one.

As this article regarding different state laws/bills  points out, there are 13 different states currently in pursuit of data privacy laws. With amendments ranging from how to deal with automated decision making to the right to portability, each state seemingly is taking a different path to what they consider privacy rights.

Risky business

Achieving proper data privacy practices at a company is in alignment with a well-run data governance program. The need for data stewards, access to data, data quality, metadata management, etc., are all similar, but 13 different privacy laws -- and the growing potential for more -- throws a wrench in all of it.

Imagine the complexity involved (some would say chaos) of having customer data from different states and needing to determine which ones need to opt-in as opposed to opt-out, which ones can’t have automated decision making applied and which ones prohibit the sale of personal information about the consumer to third parties.

Can these things be accomplished technically? Sure, they can. But is it a best practice that most benefits consumers the laws are trying to protect? Not even close. Data governance, and now the blending of privacy, are tough enough to do right: adding in the additional complexity of different state regulations is risky business. 

Hope first, then act

It is often said that hope is not a strategy, but in this case, we need to begin with it. Hope that one fair and strict data privacy law is enacted that covers all the aspects that are important to consumers. Hope that numerous state laws don’t make the prospect of data privacy unattainable.

But beyond hope, there are also actions that can be achieved today: 

  • Build privacy by design into all processes. Start software development with privacy in mind – not after the fact.
  • Ensure that all individuals within a company know their role in keeping customer data secure and safe. It is often the rogue employee that causes companies to be in violation. Think of the numerous times that employees transitioning to a new company potentially bring “their records” with them that include the personal information of customers.
  • Treat data privacy as an extension of data governance, not separate. As mentioned, the requirements for proper data governance and privacy are interchangeable -- make the initiatives part of one big umbrella.

We all want (or hope for) data privacy and protection. How we get there via regulation is still an open book in the U.S. Multiple state laws that could potentially cause chaos or one federal law that leads everyone in one cohesive direction, will make all the difference if the U.S. is successful in securing the data of its residents.

Todd Wright is Head of Data Privacy Solutions at SAS. He is a respected expert on data privacy and management. You’ll find his insights on the topic featured in publications like the Wall Street Journal, InformationWeek, Datanami, insideBIGDATA, Tech Republic and more.


The InformationWeek community brings together IT practitioners and industry experts with IT advice, education, and opinions. We strive to highlight technology executives and subject matter experts and use their knowledge and experiences to help our audience of IT ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

New Storage Trends Promise to Help Enterprises Handle a Data Avalanche
John Edwards, Technology Journalist & Author,  4/1/2021
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
How to Submit a Column to InformationWeek
InformationWeek Staff 4/9/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll