18 Association of Research Libraries Research Library Issues 297 2019 transparency are critical features of any privacy law, in order to make these elements meaningful, users must be able to easily access and understand what data is being collected and how it is being used prior to such collection. One issue that has been hotly debated is whether opt-out systems should satisfy consent requirements, or whether default opt-in provisions should be required. Another question is whether terms of service that are framed as a take-it-or-leave-it policy allow for meaningful consent. Who will enforce the legislation and what remedies should be provided? Most stakeholders agree that the Federal Trade Commission (FTC) is the most logical agency to enforce violations of a federal consumer privacy framework. Indeed, bills such as Senator Ron Wyden’s draft (discussed more below), would provide for increased hiring at the FTC to investigate and enforce violations. The fines that the FTC could impose and whether criminal sanctions are appropriate are issues that policy makers will debate. Additionally, policy makers must determine whether to leave enforcement solely in the hands of government agencies, or whether to create a private right of action that allows citizens to bring companies to court for failure to comply with federal privacy laws. What safe harbors should be granted to companies for complying with legislation? Depending on the remedies provided in federal legislation, some stakeholders have noted that safe harbors may be necessary to provide assurances for companies that, as long as they comply with particular requirements, they will not face extensive penalties for security or other breaches. Should the federal baseline be a floor or ceiling? Preemption is another issue that policy makers must confront and determine whether any federal legislation should be a floor or a ceiling. If federal legislation serves as a ceiling, states would be prohibited
Previous Page Next Page