What’s next for privacy on the Hill?

New bills and discussion about the recent Epsilon data breach have made privacy a popular talking point on the Hill. But a lot of politics stands between the talk and actual movement on legislation.

Four major privacy proposals have been floated on the Hill this session. In February, Reps Bobby Rush (D-IL) and Jackie Speier (D-CA) each introduced privacy legislation. Earlier this week, Sens John Kerry (D-MA) and John McCain (R-AZ) and Reps Cliff Stearns (R-FL) and Jim Matheson (D-UT) offered privacy bills for each chamber. The privacy bills have some key differences. Stearns’s bill promotes industry self-regulation and requires companies to notify consumers about privacy policies and data use. The bill from Sens Kerry and McCain encourages self-regulation but also requires an opt-in measure to share sensitive personal information, or information that could harm a person if released, depending on the situation. Rush’s reintroduced bill requires companies to provide an opt-out option before they can share data with other companies. Speier’s privacy package includes the only proposed legislation with a do-not-track measure; the other bill is aimed at protecting financial information. Having bipartisan bills in the House and Senate is a key step forward, said Justin Brookman, a privacy expert from the Center for Democracy and Technology. That at least gives this week’s bills a chance to move along, he said. Even that, though, might not be enough.