As the Internet became an integral part of daily life, the average user began to realize that many aspects of their personal privacy were being compromised by each click, Google search and purchase transaction. Applications that collected personal information were often lax in protecting the data and the hacking of corporate databases containing personal data became too common. Some users became victims of abuse and anguish resulting from the unauthorized publication of intimate photos or videos on Internet sites. In response, a few states began passing laws to protect personal privacy and personal data.

California initiated the first privacy statute with the California Consumer Privacy Act. Other states followed, including Virginia, Colorado, Utah and Connecticut. While each state’s legislation covered similar issues of data and personal privacy, none were identical in terms of definitions and scope of coverage. Compliance with multiple standards has become complex and confusing for even the most responsible companies. While the need for federal legislation to protect privacy on the Internet has been recognized for many years, the contentious partisan gridlock in Congress has made progress difficult. These delays are in marked contrast to about 150 countries world-wide which have already adopted strong data protection laws.

The House Bill