Statement of Nuala O’Connor, President and CEO Center for Democracy & Technology
before the United States Senate Committee on Commerce, Science, and Transportation
Consumer Data Privacy: Examining Lessons From the European Union’s General Data Protection Regulation and the California Consumer Privacy Act
October 10, 2018
On behalf of the Center for Democracy & Technology (CDT), thank you for the opportunity to testify about the state of consumer privacy law, lessons learned from recent state law efforts, and opportunities for a federal privacy law. CDT is a nonpartisan, nonprofit 501(c)(3) charitable organization dedicated to advancing the rights of the individual in the digital world. CDT was founded in 1994 by pioneering internet advocates Jerry Berman, Janlori Goldman, Jonah Seiger, Deirdre Mulligan, and Danny Weitzner. CDT’s founding coincides with the dawn of the commercial internet, and CDT continues to focus on the critical issues of protecting and elevating individual privacy, freedom of expression, and freedom from surveillance, while also seeking to advance innovation and preserve a global, open Internet. CDT has offices in Washington, D.C., and Brussels, and is funded by foundation grants for research and writing, corporate donations for general operating and program support, and individual program and event donations.
I have been honored to serve CDT and the public interest for the past five years as President and CEO. My viewpoints today are not only informed by the research, analysis, and advocacy of the lawyers, policy analysts and technologists at the Center for Democracy & Technology, but also by almost 30 years of professional experience, much in the privacy and data realm. While in the private practice of law, I counseled some of the internet’s earliest commercial websites; I have served as a corporate privacy leader at General Electric, Amazon, and DoubleClick; and was honored to have served as the chief privacy officer for two federal government agencies – the U.S. Department of Commerce and the U.S. Department of Homeland Security. When I was appointed by President George W. Bush as the first chief privacy officer at the Department of Homeland Security under Secretary Tom Ridge, I was the first statutorily mandated CPO in the federal service.
CDT submits this testimony and engages in this work informed by the underlying belief that internet-enabled technologies have the power to change lives for the better. And yet, nearly 25 years on from the dawn of the commercial internet, it is appropriate that we take stock of where we are, and where we are going. As with many new technological advancements and emerging business models, we have seen exuberance and abundance, and we have seen missteps and unintended consequences. International bodies and U.S. states have responded by enacting new laws, and it is time for the U.S. federal government to pass omnibus federal privacy legislation to protect individual digital rights and human dignity, and to provide certainty, stability, and clarity to consumers and companies in the digital world.