Wiley Rein Spotlight Interview: Partner Peter Hyun on Congressional and State Approaches to Privacy
Privacy in Focus®
PIF: Tell us about your background prior to coming to Wiley Rein.
Peter: Before joining the firm 7.5 months ago, I was Chief Counsel to U.S. Senator Dianne Feinstein, where I advised her on a multitude of issues, including cybersecurity and tech issues as they related to law enforcement functions – such as Section 230 of the Communications Decency Act and the Stored Communications Act. By virtue of working for the Senator – who held senior positions on the Judiciary and Intelligence committees – I was able to get briefed on those topics by top government, public-sector, and private-sector folks. So I was quite spoiled and learned as much as I could. Before going to the Hill, I was a white collar civil fraud AUSA at the U.S. Attorney’s office for the Eastern District of Virginia, and before that I was an Assistant Attorney General in the New York State Attorney General’s office.
PIF: What actions have you seen states take on privacy issues?
Peter: Generally speaking, many states have been extremely active in policymaking and enforcing privacy laws. During the 2018 election, many incumbents and challengers in State AG races hammered the consistent message that they were going to prioritize enforcement of privacy violations and data breaches. And in fact, they have – with record-setting settlements reached in cases involving data breaches, violations of the Children’s Online Privacy Protection Act (COPPA), and other privacy-related matters. These high-profile actions have put individuals and entities on notice that states are actively monitoring this space for compliance.
PIF: Congress has been looking at passing privacy legislation and also pushing agencies to investigate privacy issues more. What are the key Committees on these issues?
Peter: While the Senate Commerce and House Energy and Commerce Committees typically run point on data breach and other consumer issues, theoretically, nearly every other Committee in Congress can make an argument for why privacy issues are squarely within their jurisdiction – whether it’s the Judiciary Committee, Intelligence Committee, Homeland Security Committee, etc. The fact is, getting privacy legislation accomplished in Congress will require broad buy-in from a multitude of committees, and not just one.
PIF: Do you think we’ll see Congress investigate data privacy and security issues directly?
Peter: Absolutely. The investigative power of Congress is premised upon its Article I legislative power – and with policymakers grappling right now with how to write federal privacy legislation, we can expect Congress to investigate and “fact-find” in a thorough manner to better inform the process. And going back to the previous question – because nearly every Committee in Congress can lay claim to privacy being within its jurisdiction, it would not surprise me if nearly every Committee’s oversight priorities have some sort of privacy nexus.
© 2019 Wiley Rein LLP