from Net Politics and Digital and Cyberspace Policy Program

New Cyber Brief: Reforming the U.S. Approach to Data Protection and Privacy

Trading information and the company logo are displayed on a screen where the stock is traded on the floor of the New York Stock Exchange (NYSE) in New York in September 2017. Brendan McDermid/Reuters

Nuala O’Connor from the Center for Democracy and Technology argues that Congress should create a single legislative data-protection mandate to protect individuals’ privacy and reconcile the differences between state and federal requirements.

January 29, 2018

Trading information and the company logo are displayed on a screen where the stock is traded on the floor of the New York Stock Exchange (NYSE) in New York in September 2017. Brendan McDermid/Reuters
Blog Post
Blog posts represent the views of CFR fellows and staff and not those of CFR, which takes no institutional positions.

The Digital and Cyberspace Policy Program has launched a new Cyber Brief. This one examines policy responses to massive data breaches. The brief was written by Nuala O’Connor, president and CEO of the Center for Democracy and Technology.

Half of all Americans believe their personal information is less secure now than it was five years ago, and a sobering study from the Pew Research Center reveals how little faith the public has in organizations, whether governmental or private-sector, to protect their data. There are good reasons for the lack of trust. In 2017, there was a disastrous breach at Equifax, Yahoo’s admission that billions of its email accounts were compromised, Deep Root Analytics’ accidental leak of personal details of nearly two hundred million U.S. voters, and Uber’s attempt to conceal a breach that affected fifty-seven million accounts. Individuals are left stymied about what action they can take, if any, to protect their digital assets and identity.

More on:

United States

Privacy

Cybersecurity

O’Connor argues that record-shattering data breaches and inadequate data-protection practices have produced only piecemeal legislative responses at the federal level, competing state laws, and a myriad of enforcement regimes that fail to adequately protect data. In contrast, other Western countries have already adopted comprehensive legal protections for personal data. While the default policy response to a large breach has often been a call for a national breach notification law, O’Connor makes that case that it is past time for Congress to create a single legislative data-protection mandate to protect individuals’ privacy and reconcile the differences between state and federal requirements.

You can find the full brief here.

More on:

United States

Privacy

Cybersecurity

Up
Creative Commons
Creative Commons: Some rights reserved.
Close
This work is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License.
View License Detail
Close