Summarized from Tom Quaadman, executive vice president of the U.S. Chamber of Commerce’s Chamber Technology Engagement Center (C_TEC)
As the country contends with the impact of the COVID-19 crisis, tech companies are leveraging data to develop insights, track the spread of the virus, and identify and aid vulnerable communities. The use of this information has benefited everyday people and the economy, but it has also intensified the debate around privacy.
Congressional Democrats and Republicans have both introduced privacy legislation aimed at protecting consumers by requiring all companies to obtain affirmative consent from individuals before collecting, processing, or transferring personal health data for the purposes of tracking the spread of COVID-19.
The Republican bill can be viewed here while the Democrats version is available here. The latter version goes further, requiring that any data collected for public health be deleted by companies within 60 days of the end of the public health emergency and prohibiting companies from using that data for other applications. These limits would also apply to employers and include a private right of action.
To help businesses understand the differences between the two privacy bills, C_TEC had made a comparison available on its website.
The U.S. Chamber of Commerce is working with member companies to develop privacy principles for COVID-19 data. The organization supports a national privacy law that treats all Americans equally and believes that any privacy bill should create a single standard, avoid class-action lawsuits, and exempt workplace data.