The California Privacy Protection Agency Opposes the American Privacy Rights Act

News: June 26, 2024

Today, the California Privacy Protection Agency (CPPA) sent a letter to U.S. House Energy & Commerce Committee Chair Cathy McMorris Rodgers and Ranking Member Frank J. Pallone, Jr., opposing H.R. 8818, The American Privacy Rights Act of 2024 (APRA). APRA is federal privacy legislation that seeks to weaken protections by preempting nearly every provision of the California Consumer Privacy Act (CCPA) and the California Delete Act, among other important state privacy laws.

“All Americans deserve strong privacy rights, but if the APRA passes, it would weaken existing privacy protections in the states,” said Ashkan Soltani, Executive Director of the CPPA “We urge Congress to support the groundbreaking work done by many states and pass legislation that sets a floor on privacy, but allows states to go further and continue to develop innovative protections that keeps pace with technology.”

APRA, which advanced out of subcommittee in May, is scheduled to be considered by the full committee on Thursday. APRA seeks to replace California’s landmark consumer privacy law with weaker protections and would compromise CPPA’s ability to fulfill its mandate to protect the privacy of California consumers.

The Agency has long opposed efforts to preempt California’s privacy protections. On July 28, 2022, the CPPA Board voted unanimously not only to oppose the American Data Privacy Protection Act (ADPPA)–legislation that, similar to APRA, sought to preempt the CCPA—but also to oppose any other bill that seeks to preempt the CCPA. Via a third motion, the Board also voted to support a privacy framework that would set a “true floor” on privacy and allow states to further innovate on those protections.

The CPPA initially raised concerns about APRA in April. Governor Newsom, Attorney General (AG) Bonta, Senate President Pro Tempore Mike McGuire, and Assembly Speaker Robert Rivas also urged Congress to set a floor, not a ceiling, on privacy protections. AG Bonta also joined 14 other attorneys general in calling for privacy legislation that allows states to continue to adopt stronger protections.

The CPPA, created in 2020 by California voters, is the first data protection authority in the United States, and has as its sole focus the protection of California residents’ privacy rights. Led by a five–member Board, it is vested with the authority to issue regulations, audit businesses’ compliance, and undertake enforcement to protect Californians’ privacy.

Contact: press@cppa.ca.gov