Privacy & Information Security Law Blog

On July 28, 2022, the California Privacy Protection Agency (“CPPA”) Board held a special public meeting to discuss agency staff’s recommendations that the Board formally oppose the draft federal American Data Privacy and Protection Act (“ADPPA”). The latest version of the ADPPA recently was voted out of the U.S. House Energy and Commerce Committee, and is set to advance to the House Floor.

During the meeting, Board members expressed concern that the ADPPA, and bills with similar preemption provisions, would set a ceiling for privacy protections in California. As described by CPPA Deputy Director of Policy and Legislation, Maureen Mahoney, the ADPPA in some cases would provide fewer privacy protections than those available under the California Consumer Privacy Act (“CCPA”)/California Consumer Privacy Act (“CPRA”). For example, the right to opt out of automated-decision (including profiling), is not included in the ADPPA.

CPPA Board member Chris Thompson expressed that the bill presented a “false choice,” viewing privacy rights as though they are in “limited supply.” Thompson expressed support for a federal floor that would allow for states to continue policy innovation, and would maintain California’s strong protections, while providing a privacy framework for other states on which to build. Board members unanimously voted to oppose the ADPPA as currently drafted, as well as any federal bill that seeks to preempt the CCPA/CPRA, or to provide substantially weaker protections than the CCPA/CPRA. The Board also voted to authorize agency staff to support any federal bill that does not preempt the CCPA/CPRA, or that in general creates a true floor to protect the privacy rights offered under the CCPA/CPRA.