Why It Matters

The House Energy and Commerce Subcommittee on Commerce, Manufacturing, and Trade held a Secure Data Act hearing on June 3, examining H.R. 8413, a Republican-drafted federal comprehensive privacy reform bill that would establish a national data privacy standard and preempt state laws. The Trump administration's deregulatory posture aligns broadly with the bill's industry-friendly framework, putting it at odds with Democrats who say the legislation would gut stronger state protections already on the books.

The Big Picture

H.R. 8413, or the SECURE Data Act was introduced April 22 by House Energy and Commerce Vice Chairman Rep. John Joyce (R-PA-13) after 15 months of work by a Republican privacy working group. It is the latest attempt in a decade-long congressional pattern of advancing comprehensive data privacy legislation that has repeatedly stalled over the same disputes: federal preemption of state laws and whether consumers should have a private right of action. The 117th Congress's American Data Privacy and Protection Act passed committee 53–2 but never reached a floor vote.

More than 20 states have enacted their own privacy laws in the absence of federal action, creating the compliance patchwork the bill's sponsors cite as justification for a national standard.

What They're Saying

The hearing exposed a clean partisan split, with Republicans framing the bill as a business-certainty measure and Democrats calling it a preemption trap.

  • Rep. Gus Bilirakis (R-FL-12), subcommittee chair: "Unfortunately, for the millions of Americans that live in states without a comprehensive privacy law, the answer is 'no.'"
  • Rep. Kevin Mullin (D-CA-15): "The legislation before us today moves in the opposite direction."
  • Rep. Brett Guthrie (R-KY-2): "We're not competing with Europe to regulate, we're competing with China to innovate."

Political Stakes

For Republicans

The bill is a chairmanship-defining priority. Both Bilirakis and Guthrie delivered opening statements, a signal of full committee investment that raises the political cost of failure. The bill's Republican working group spent 15 months and reviewed more than 250 stakeholder responses to reach intra-party consensus, a challenge that derailed the American Privacy Rights Act in the 118th Congress.

For Democrats

The calculus is complicated. Rep. Yvette Clarke (D-NY-9) posted the most direct Democratic critique after the hearing: "Shouldn't a privacy bill actually protect privacy?" But most Democratic members were publicly silent on the hearing topic during the same week, a pattern that suggests a deliberate strategy of letting the minority committee account carry opposition messaging rather than elevating a bill they view as fundamentally flawed.

All four witnesses agreed that a federal comprehensive privacy law is overdue and that the current state patchwork is harmful. The fault lines are not over whether to act, but how. The preemption question is the pivotal issue: the California Privacy Protection Agency submitted a formal letter opposing the bill on April 27, arguing it would cancel rights under the CCPA and the state's Delete Act. If the bill advances, legal challenges from California and Illinois, home to the Biometric Information Privacy Act, are widely expected.

The Bottom Line

The hearing is a formal step in the committee's stated plan to move the bill through regular order to the House floor. With midterm elections in November 2026, the legislative window is narrowing. No markup date has been announced.

Republicans have the intra-party consensus they lacked in prior Congresses, but the same preemption and enforcement disputes that killed every predecessor bill are already fully in view.