Midlands Voices: How California’s data privacy rules could impact Nebraska businesses

With its growing number of tech firms, startups and incubators, Omaha is proof that innovation is not exclusive to the coasts, and that’s why the U.S. Chamber brought its TecNation tour to the Cornhusker state this week. The city’s tech boom is creating new jobs and expanding opportunity throughout the state — but continued growth is not guaranteed. For businesses in Nebraska and across the nation to reap the full benefits of the digital revolution, Congress must pass a national data privacy standard.

Finding the right balance on data privacy and innovation is essential for companies working to develop the technologies of tomorrow. As Omaha’s entrepreneurs know well, data is critical to a healthy startup and tech corridor. For example, data is powering autonomous vehicles (AVs) that potentially could save lives. Gov. Pete Ricketts and the Nebraska Legislature recognized the promise of this technology when they passed legislation that authorizes the use of automated driving systems and driverless-capable vehicles. This bill effectively declared the state open for business for AV investors and developers.

We also commend U.S. Sen. Deb Fischer’s leadership on expanding the use of the Internet of Things by her introduction of the DIGIT Act in Congress. This bipartisan bill will remove regulatory barriers, allowing states to leverage Internet of Things technology to improve supply chain management, agricultural production, sustainable infrastructure, public safety and health care.

Data, when properly managed, has the potential to enhance health, productivity and quality of life for millions of Americans. But here’s the bad news: Across the U.S. a patchwork of conflicting data privacy proposals is emerging which could stymie business growth and preclude future innovation. While we all agree that consumer privacy is paramount, so is the ability of American companies to do business across state borders. Myriad, potentially conflicting state data privacy laws put interstate commerce in jeopardy, which is why passing a single data privacy standard is so essential.

To understand the problem at hand, consider California’s new Consumer Privacy Act. The state law, which goes into effect Jan. 1, will significantly alter the operations of any enterprise that does business in California. Its complex provisions will be incredibly difficult for the largest Fortune 500 companies to navigate, much less small businesses. The act requires companies to allow consumers to access all their personal information, imposes overly burdensome sharing restrictions and exposes businesses to a barrage of lawsuits.

Although this law goes into effect next year, California’s attorney general is still writing rules that could change its requirements. This means that a small business may only have a matter of weeks to comply and modify its business model. To put things in perspective, when Europe adopted new sweeping privacy requirements it gave companies two years to comply.

So why should Nebraskans care? Because California’s law affects Nebraskans, too. If they do any business in California, they will need to be compliant with the law — even if they had no say in its formation. Adding to the confusion is that other states, including Washington, New York and Pennsylvania, are now weighing privacy legislation that could dictate how small online businesses in the Cornhusker State operate.

Fortunately, there’s a way out of this mess: The U.S. Chamber’s Technology Engagement Center is leading a bipartisan effort for Congress to adopt a fair, national privacy standard that would give businesses and consumers one clear set of rules for data privacy and protection.

A federal standard would eliminate the growing patchwork of data privacy laws and the confusion that comes with it by putting all states, including Nebraska, on the same regulatory page. Lawmakers have a unique opportunity to pass significant privacy protections. They should act without delay.