U.S. Senator Jerry Moran (R-Kan.) – Chairman of the Commerce Subcommittee on Consumer Protection – today introduced the Consumer Data Privacy and Security Act to strengthen the laws that govern consumers’ personal data and create clear standards and regulations for American businesses that collect, process and use consumers’ personally identifiable data.

“Americans need to be able to count on strong baseline responsibilities that businesses must uphold when collecting, processing and protecting their personally identifiable information,” said Sen. Moran. “While our economy has benefited from the use of data, these advancements should not be traded for an individual’s right to have control over their personal information. We have witnessed unauthorized activities and security breaches from bad actors attempting to access and process consumers’ personal data and sensitive information in unfair and deceptive ways. Without action from Congress, consumers will continue to be vulnerable to future threats against their personal data, and innovators and job creators will be plagued with regulatory uncertainty resulting from a growing patchwork of state laws.”

“It is clear that Congress needs to act to provide consumers and companies with a clear federal standard that lays out robust protections for consumers’ personal data, and I encourage my colleagues to support the Consumer Data Privacy and Security Act as the federal standard for comprehensive privacy legislation,” continued Sen. Moran.

The Consumer Data Privacy and Security Act would:

• establish a clear federal standard for data privacy protection, giving businesses a uniform standard rather than a patchwork of confusing state laws.

• provide consumers with control over their own data to access, correct and erase their personal data.

• require businesses that collect and process a significant amount of personal data to take extra precautionary steps to protect and responsibly process that data.

• prohibit companies from collecting data without consumers’ consent with limited and specific exceptions.

• require businesses to develop and implement robust data security programs to protect personal data from unauthorized access and disclosure.

• equip the Federal Trade Commission (FTC) and state attorneys general with authority to uniformly enforce federal consumer privacy protections while providing the FTC the resources necessary to carry out those authorities.