Washington, DC– Eastern Washington Congresswoman Cathy McMorris Rodgers (WA-5), the lead Republican on the Energy and Commerce Subcommittee on Consumer Protection and Commerce, appeared on Squawk Box on CNBC this morning. She responded to Facebook CEO Mark Zuckerberg’s Washington Post op-ed, which called for European-style regulations, like GDPR, to govern data privacy on the internet. As she wrote in the Seattle Times in February, large companies like Facebook may be able to take on GDPR’s compliance costs but it’s disastrous for small businesses, startups, and consumers.

#GDPR, Europe’s regulatory privacy regime, is not the right framework for a national standard on privacy in America. It’s created significant barriers and millions of dollars of compliance costs for #smallbiz and startups. WATCH more from my interview this AM on @CNBC. pic.twitter.com/UY87Qj24rm

— CathyMcMorrisRodgers (@cathymcmorris) April 2, 2019

FACEBOOK CEO MARK ZUCKERBERG’S WASHINGTON POST OP-ED:

“Two major concerns that I have with Mark Zuckerberg’s post and the op-ed. One is the government regulating free speech and content, the government should not be doing that. That is a violation of our First Amendment and free speech rights.”

“And number two is his suggestion that GDPR is the framework that we should be following as we address privacy in America. GDPR has resulted in Facebook and Google doing well in their market share, but for the small guys and the start ups, it has created significant barriers to entry.

“We’re talking one to 10 million dollars in costs associated with complying with GDPR and that’s a significant barrier for those startups that we cherish in America.”

FOUR PRINCIPLES FOR A PRIVACY SOLUTION IN AMERICA:

“I believe that Congress needs to act [on privacy]. We have a window here where we must act, because the EU has passed GDPR. America needs to take action. We have a patchwork developing of state laws around privacy. We need a national standard.

“I’ve laid out four principles. One is the national standard to preempt what is happening at the state level. Two is the importance of transparency and accountability. The individual has a right to know what data is being collected and how it’s being used. We need data security standards, and we need to make sure that we are protecting those startups and the small businesses. That is what America is all about and we don’t want to do something that is going to stifle innovation and those next tech startups.”

NOTE: Cathy penned an op-ed in February that ran in the Seattle Times, “Four principles to protect your data and promote innovation.” She wrote:

“Heavy-handed regulations for all data will hold back innovation that saves us time, makes our roads safer and improves customer experiences. A better approach is for increased transparency and accountability for consumers so we can stop bad actors, such as Cambridge Analytica.

[…]

“[A] national standard [for data privacy] needs to be workable for small businesses and startups, who are the true drivers of our economy. While large companies can navigate a complicated privacy standard like the EU’s General Data Protection Regulation (GDPR) and swallow $1 million to $10 million in compliance costs, smaller businesses are being forced out of the marketplace. This is already happening in Europe. Facebook and Google’s market shares have actually increased since GDPR, but small businesses are suffering. For example, Uber Entertainment, a video game company based in Washington, is shutting down games in Europe because it’s too costly to update  its software to comply with GDPR.”