On May 14, 2020, Democratic Senators Mark Warner (D-Va.) and Richard Blumenthal (D-Conn.) along with Representatives Anna Eshoo (D-Calif.), Jan Schakowsky (D-Ill.), and Suzan DelBene (D-Wash.) unveiled a COVID-19 privacy bill, the Public Health Emergency Privacy Act (the PHEPA). Both the PHEPA and the Republican-led COVID-19 Consumer Data Protection Act of 2020 (the CDPA), which we discussed in our May 4 and May 11, 2020 client alerts, aim to put data privacy and cybersecurity regulations around the collection of personal data related to tracking and tracing the outbreak of COVID-19 in the United States. The PHEPA and CDPA are similar in many ways – attempting to regulate the collection of personal data related to COVID-19 remedial efforts – and therefore within this article, we highlight what we see as the key differences between the two Acts. These differences, in many ways, are similar to the differences that we have seen in the broader privacy debate in Washington, DC.
To read the full article, please click here.