The Honorable Maria Cantwell
Chair, Committee on Commerce, Science, & Transportation
The Honorable Frank Pallone
Chairman, Committee on Energy & Commerce
The Honorable Roger Wicker
Ranking Member, Committee on Commerce, Science, & Transportation
The Honorable Cathy McMorris Rodgers
Ranking Member, Committee on Energy & Commerce
Dear Chairs Cantwell and Pallone and Ranking Members Wicker and Rodgers:
Trust and responsibility have been the foundation of IBM’s culture for more than a century. Our commitment to responsible stewardship of data and technology is grounded in our long-held values, and our Principles of Trust and Transparency.
In keeping with those values and principles, IBM has for years urged Congress to pass strong, bipartisan privacy legislation. American consumers deserve a single and consistent set of privacy rights established through a comprehensive national law that champions consumer privacy while fostering innovation, competitiveness, and accountability.
But a private right of action would undermine those objectives. Inclusion of a private right of action in a privacy bill is unnecessary, unprecedented and would not benefit consumers. IBM will oppose any legislation which includes it.
Given the expansive application of a federal privacy bill to virtually every business in the United States, a private right of action – even a limited one – will result in a massive number of abusive lawsuits. That means Americans could look forward to many more billboards of lawyers offering to sue somebody, but not to better protection of their online data.
A private right of action would also create a permanent state of uncertainty for consumers and businesses. Clarity and consistency in the law would splinter as courts across the country continually reinterpret the law, creating differences from court to court, circuit to circuit, and state to state.
Indeed, a private right of action would thwart the intent of Congress to create uniform privacy standards by delegating to private plaintiffs and myriad courts key decisions on privacy law, resulting in a massive fragmentation of privacy standards across hundreds of jurisdictions in the United States.
The best way to avoid the many pitfalls of a private right of action is to not include it. Limits won’t work.
Instead, Congress should strengthen and empower government agencies with the expertise to enforce privacy laws. IBM has long supported strong and consistent privacy enforcement by providing exclusive authority to the Federal Trade Commission (FTC) and state attorneys general. This includes providing the FTC with the ability to immediately levy fines for harm to consumers as well as sufficient resources to do its work.
The FTC and state law enforcement officials are better suited to enforce privacy rights because these organizations have the mission of protecting consumers, rather than profiting from them. And this uniform, predictable approach would give consumers a better understanding of their rights as well as the ability to obtain redress. It would also provide businesses with clear, implementable rules for protecting consumers.
The stakes are high, and more precision is needed to get the legislation right. A private right of action, even a limited one, will jeopardize America’s continued innovation leadership. We strongly urge Congress not to include a private right of action in final privacy legislation.
Sincerely,
Christopher Padilla
Vice President
Government and Regulatory Affairs
Share this post:
- More Articles
-
IBM Statement on the EU-US Data Privacy Framework Adequacy Decision
-
IBM and 30+ CEOs Send Letter to Congress Urging Full Funding of National Science Foundation
-
3 practical ways to strengthen EU-US trade and generate near-term benefits for the transatlantic economy
-
IBM Welcomes Sen. Klobuchar's Protect Elections from Deceptive AI Act