Federal Privacy Bill Advances

House Republicans have opened a new push for a national privacy law that would override many state rules and block most consumer lawsuits. (energycommerce.house.gov) Rep. John Joyce of Pennsylvania introduced the SECURE Data Act, and House Energy and Commerce Chair Brett Guthrie of Kentucky backed it on April 22, 2026. The bill is H.R. 8413, the first major House consumer-privacy proposal released in the 119th Congress. (iapp.org) (govtrack.us) The proposal would let people access, correct and delete personal data, and opt out of targeted advertising and data sales. It would be enforced by the Federal Trade Commission and state attorneys general, not by private lawsuits from consumers. (cnbc.com) (iapp.org) The biggest immediate change is preemption: the bill says federal rules would displace state laws that “relate to” the same subject. Legal analysts said that language would likely wipe out comprehensive privacy laws already on the books in more than 20 states, along with some state data-broker and sector-specific rules. (iapp.org) (cnbc.com) That fight has stalled federal privacy talks for years. States such as California, Colorado and Virginia built their own systems after Congress failed to pass a national standard, and Republicans and Democrats kept splitting over whether consumers should be allowed to sue. (cnbc.com) (iapp.org) The new draft borrows heavily from the state model already used in Virginia and Kentucky. It applies to companies that process data on more than 200,000 U.S. consumers, a threshold the International Association of Privacy Professionals said is broader than most state laws. (iapp.org) The bill also tightens rules for “sensitive” data, including health information, precise location and children’s information. Politico reported that data belonging to children under 13 and limits on sensitive-data use are part of the proposal’s core structure. (politico.com) Retailers and app makers would have to revisit ordinary tools that now run on broad consent. CNBC reported that loyalty programs, digital receipts and artificial-intelligence systems that profile shoppers could face new limits on what data they collect and how they use it. (cnbc.com) Supporters say one rulebook would replace a state-by-state compliance maze for national businesses. Democrats are already attacking the bill from the other side: Rep. Frank Pallone of New Jersey said the draft protects “corporations and their bottom line,” while Republicans say it gives Americans enforceable rights without a patchwork of state mandates. (politico.com) (cnbc.com) The bill is at the start of a long legislative process, and the text is likely to change before any committee vote. But after years of failed privacy talks, Congress is back to the same central question: one federal standard, or 50-state leverage. (iapp.org) (cnbc.com)