New Law Would Create a Federal Data Protection Agency

The Data Protection Act promises to enforce data protection and data privacy while ensuring the continuous success of the tech sector in finding innovative solutions to serve the needs of its customers.


Earlier this month, U.S. Senator Kirsten Gillibrand submitted a bill called the Data Protection Act of 2021 that would seek to protect citizen’s data, safeguard their privacy, and ensure data practices are fair and transparent. Among the bill’s various provision is the creation of a new federal office that would be called the Data Protection Agency.

Gillibrand first submitted her Data Protection Act in February 2020, just before the COVID-19 pandemic began. The bill was aimed at protecting individuals’ privacy and limiting the collection and use of “personal data” by “covered entities.

In many ways, her 2020 bill mirrored the terms and scope of the California Consumer Privacy Act (CCPA), with the exception of the creation of the DPA. The new agency, which would be led by a director appointed by the President and confirmed by the Senate for five-year terms, would have rulemaking authority to administer and enforce the new national data law, as well as existing federal privacy laws.