Megan Brown and Kathleen Scott Co-Author Privacy Guide for State Legislators Published by U.S. Chamber Institute for Legal Reform

January 30, 2020

Washington, DC – Wiley partner Megan L. Brown and associate Kathleen E. Scott, members of Wiley’s Privacy, Cyber & Data Governance Practice, recently co-authored a comprehensive and timely privacy guide for state legislators, published by the U.S. Chamber Institute for Legal Reform (ILR). In the absence of a unified federal approach to consumer and privacy issues in the United States, this guide – “Mapping a Privacy Path: Liability and Enforcement Recommendations for States” – offers solutions to help make state legislation work better for consumers and businesses alike. By using these bedrock procedural protections in state legislation, policymakers can avoid the unintended consequences of a patchwork, state-by-state approach and avoid unnecessary litigation. Wiley associates Boyd Garriott and Stephen J. Conley contributed to the guide.

The Wiley authors observe that “for consumers to reap the benefits of data-driven innovation, it is important that they can trust that their personal information is being protected.” While there is a pressing need for a unified national data privacy framework, the U.S. Congress has not yet acted. In the meantime, a growing number of states are taking action, with more than half of state legislatures having introduced or considered data privacy laws in the past year, according to the report.

The guidance for state legislators includes the following policy recommendations:

• Preclude private rights of action
• Include notice and cure periods
• Offer safe harbors
• Include damage and civil penalty caps
• Define enforcement actors
• Limit attorneys’ fees
• Curtail municipality litigation

Wiley’s Privacy, Cyber & Data Governance team advocates for clients in the United States and abroad across the spectrum of emerging data security and privacy laws. This includes advising on federal requirements in the health care, telecommunications, government contracting, and financial services industries. The firm also counsels clients on state cybersecurity and privacy laws, such as online privacy legislation, automated vehicle legislation, and state breach notification legislation, among other areas.

Ms. Brown will address details of the guide in a conference session called “Clairvoyant Sight: Privacy Liability in the States” at ILR’s Summit 2020: Future in Focus, held Wednesday, April 1, at the U.S. Chamber of Commerce headquarters in Washington, D.C.

The complete “Mapping a Privacy Path” guide can be viewed here.