A bill that mirrors the California Consumer Privacy Act by restricting how companies share personal information could hurt small businesses through its harsh penalties.
CBIA's Eric Brown says the version the committee sponsored has many flaws.
"Small businesses—many with razor-thin margins that host even just a few customers a day—would be subject to expensive and otherwise overly burdensome requirements of this proposal," Brown said.
"As we understand the bill, a small coffee shop, restaurant, or hardware store that accepts even a modest online payment from a Connecticut resident would be held accountable for compliance with this bill."
— CBIA (@CBIANews) March 27, 2019
What's worse, Brown said, is that severe penalties associated with even one violation could cripple a small- or mid-sized business.
California passed its law in June 2018 but it won't take effect until January 2020.
The proposal demonstrates that a state-by-state quick fix is not the way to approach consumer privacy, Brown testified.
"Instead, federal lawmakers should craft a careful and comprehensive policy that ensures transparency and protections against data misuse," he said.
Brown urged committee members to take no action on SB 1108.