This week, lawmakers in both the House and Senate took a hard look at consumer privacy issues in the continued wake of high-profile data security and privacy breaches that have impacted millions of Americans.
Showing the urgency that leaders in Congress feel on these issues, the House Energy and Commerce and Senate Commerce Committees both held hearings with testimony coming from a broad cross-section of technology companies and other business groups that, like the multifamily rental industry, rely heavily on consumer data for daily operation.
Both hearings were largely bipartisan in tone with lawmakers expressing a deep sense of willingness to forge compromise and enact a strong national privacy law. As reported previously, Congress has not yet been able to reach consensus on such a proposal, which has left action to the states. For example, a recently adopted California law that is modeled after the European Union’s stringent privacy standard is set to take effect later this year. Lawmakers remain split on whether a national standard should pre-empt existing state laws or simply set the floor for any such standard moving forward. While opinions vary on that point, there does seem to be growing agreement on the need to give consumers greater control over data (including the right to correct and delete and some opt-in options, especially for sensitive data like health) and more transparency from industries that hold sensitive consumer information.
The debate surrounding consumer privacy, especially after Facebook’s recent privacy violations were made public, has led many to conflate privacy issues with data security and breach notification standards. Some policy makers are urging comprehensive reforms that address weaknesses in all three areas. NMHC and NAA have been deeply involved in the call for a strong nationwide data security and breach notification standard that is scalable and accounts for the scope and size of the business in question to replace the existing patch work of, often, conflicting state laws that exist today.
As Congress continues to look at these issues, NMHC and NAA will closely monitor any proposed standards for their potential impact on the multifamily industry. NMHC and NAA will continue to work with Congress to create federal standards that recognize the unique nature and needs of the rental housing industry while ensuring the data that our members collect, use and maintain is secure.
NMHC and NAA provide a variety of resources to help secure a firms’ data and bolster its overall cybersecurity posture, which can be found at www.nmhc.org/data-security. Example resources include an industry white paper/guidance document on cyber security best practices, valuable cybersecurity tools from the Federal Trade Commission, and a sharable guide to “Social Engineering Red Flags” that can help educate employees about cyber pitfalls.
- FTC Commercial Surveillance and Data Security Comment Letter
- Legislation that Creates Federal Data Privacy Standard Advances to Senate
- NMHC NAA Data Privacy Letter to Energy and Commerce Committee
- NMHC NAA Letter on Data Privacy
- Bipartisan Lawmakers Release Federal Data Privacy Bill That Would Have Impact on Multifamily Data Practices