President Obama this week proposed privacy laws that could give Americans greater control over their personal information. But Republicans in Congress will likely undermine or ignore many of the measures.

Some of Mr. Obama’s ideas should have bipartisan appeal. For example, he wants to forbid companies from using data about students that they collect when they sell software and services to primary and secondary schools for marketing purposes. That measure is based on a law that California adopted last year with Democratic and Republican votes in the State Legislature. Most members of Congress would have a hard time justifying voting against a bill that sought to protect the privacy of minors.

But another proposal in Mr. Obama’s package could result in less protection for consumers. It would require retailers, banks and other companies who have been hacked to notify customers whose data had been stolen within 30 days after officials learned of the breach. The problem is that such a law could invalidate existing state laws and prevent states from enacting new privacy laws.

Most states and the District of Columbia already have disclosure laws. Alabama, New Mexico and South Dakota do not. Some states have laws that are stronger than what Mr. Obama proposed. For example, California, Connecticut and New Jersey generally require notification of a data breach as soon as possible. Many states allow consumers to “freeze” credit reports so that hackers cannot sign up for credit cards and loans in their names. Other states allow residents to sue businesses for not protecting their data. Privacy law experts say Congress could use a data breach laws to pre-empt these state requirements.