It’s been almost a year since GDPR went into effect in the European Union. GDPR forced companies to be transparent about the data they are collecting from users, how the data is being used, and provide users with complete control over their own data. And on the first anniversary of GDPR, Microsoft is calling for US government to introduce something similar.
Julie Brill, a CVP and Deputy General Counsel at Microsoft, called for a new framework for a privacy law that works for everyone. Brill is asking Congress to introduce new privacy laws based on the GDPR that puts the responsibility for privacy on tech companies. “Like GDPR, this framework should uphold the fundamental right to privacy through rules that give people control over their data and require greater accountability and transparency in how companies use the personal information they collect,” Brill said.
Brill praised some of the state laws–like the upcoming California Consumer Privacy Act–that is coming into effect to protect user’s privacy, but believes federal law will be more effective at protecting user’s privacy by holding companies responsible for user data.
“This is important because the prevailing opt-in/opt-out privacy model in the United States forces consumers to make a decision for every website and online service they visit. This places an unreasonable—and unworkable—burden on individuals. Strong federal privacy should not only empower consumers to control their data, it also should place accountability obligations on the companies that collect and use sensitive personal information,” Brill wrote.
The idea for a privacy framework like the GDPR is very sensible, especially with companies like Facebook that aren’t really paying the price for essentially messing with users’ data. Microsoft’s Julie Brill is also calling for a unified system that works with GDPR so that companies do not have to build a separate system to abide by the new laws.