Would You like a feature Interview?
All Interviews are 100% FREE of Charge
With public trust in big tech companies at an all-time low, Congress is once again considering comprehensive data privacy legislation. But the rise of blockchain technology and the nascent decentralized web means that these overarching proposals are already outdated. Without significant amendments, these legislative proposals risk suffocating decentralized technology in the cradle.
The 118th Congress has held many hearings on data privacy, and it’s important that lawmakers consider how their proposals will affect innovation. To properly balance the conflict between the right of individuals to control their information and the need for innovation, legislators should abandon one-size-fits-all proposals in favor of a well-established sectoral approach to data privacy. should support
There are several comprehensive data privacy bills floating around the Capitol, but the bill with the most momentum is the US Data Privacy Protection Act (ADPPA). The bill would tighten down how businesses collect, process, or transfer user data by requiring businesses to minimize data collection and give consumers the right to opt out of data collection, among other things. manage.
Related: Did regulators deliberately crack down on banks?
ADPPA is a bona fide law aimed at giving consumers more control over their information. The bill also reflects the desire of many lawmakers to avoid a patchwork approach to data privacy by creating a comprehensive national standard for privacy protection.
Unfortunately, the past is prologue when it comes to data privacy rules. A similar approach to comprehensive data privacy protection fails to account for nascent technologies such as blockchain networks, greatly slowing innovation. See the European Union’s General Data Privacy Regulation (GDPR) for proof of this.
Not only does GDPR stifle investment and innovation in the traditional tech industry, it is also completely incompatible with decentralized technologies such as blockchain that lack centralized controllers. In fact, the European Parliamentary Research Service admits as much in his 2019 report. One of the biggest discrepancies between GDPR and blockchain technology is the question of which entities are regulated.
For more traditional Internet companies, it’s relatively easy to identify who is collecting, processing, and transferring data. Decentralized systems like blockchain networks make that question very difficult to answer. With thousands of computers manipulating open source code to validate public transactions, who or what is collecting, processing, or transferring covered data? Silent not only on this issue, but also on many other questions about how decentralized networks should be compliant.
The EU’s response to such discrepancies in the GDPR is that innovators must build technology that complies with the law, despite the fact that it is virtually impossible to do so. This onerous requirement contributes to a lack of innovation across Europe. The same could happen here if the US enforces her ADPPA to writing. Many blockchain projects have moved offshore or shut down entirely, offering great potential for economic growth and innovation.
Fortunately, there are alternative approaches the United States can take that can simultaneously limit the problems of the patchwork approach to data privacy law and give flexibility to innovative technologies. The answer is to split the overarching data privacy proposal into nuanced, sector-specific bills. For example, Congress passed legislation establishing data privacy rules specifically for e-commerce sites and social media services, or updated existing laws such as the Children’s Online Privacy Protection Act, which regulates the collection of data from minors. Instead of making it omnibus and one-size-fits-all, rules that fit all.
Related: Lawmakers must confirm SEC wartime consigliere with law
Historically, this is the US approach to data privacy in other industries. From financial information laws to health information, policy makers have traditionally crafted data privacy rules that are tightly tailored to specific circumstances. For example, the Health Insurance Portability and Accountability Act governs the flow of medical information, and the Gramm-Leach-Bliley Act is designed to protect consumers’ financial privacy. These rules in most cases preempt state-level rules and are more politically acceptable than one-size-fits-all laws.
Through a sectoral approach to data privacy law, legislators can create rules for different situations that harmonize with blockchain technology. If legislators believe that sectoral approaches do not work well enough to protect consumer information, comprehensive data privacy legislation should be introduced, at least in a way that does not harm innovation or force innovators abroad. should be drafted. After all, most of the best and brightest engineers choose to live, work, and build in the United States for a reason. It would be foolish to push them and their innovations away with short-sighted laws.
Luke Hogg He is policy manager for the Lincoln Network, a nonprofit organization in Washington, DC, focusing on the intersection of emerging technologies and public policy.
The views, thoughts and opinions expressed herein are those of the author only and do not necessarily reflect or represent the views or opinions of Cointelegraph.