Article: Data privacy laws in the USA Journal: International Journal of Information Privacy, Security and Integrity (IJIPSI) 2023 Vol.5 No.3 pp.238 - 249 Abstract: Technological advancements over the last couple of decades have changed the world as we know it. As consumers increasingly adopt digital technologies, they end up sharing their personal data with companies that power these technologies, including sensitive personal data, and implicitly trust the companies to honour their privacy. A growing number of data breaches, especially those involving blatant disregard for customer privacy by large tech companies such as the Facebook-Cambridge Analytica incident of 2016, have led to an erosion in customer trust. Several countries across the world have taken cognisance of the seriousness of data privacy protection and have enacted comprehensive data privacy laws, however, the USA still relies on a concoction of statewide and sectoral laws, which are not adequate. There is a need for the enforcement of a comprehensive data privacy law in the USA to provide adequate data protection rights to US consumers. This paper explores the various current federal, sectoral, and state data privacy laws in place in the USA and discusses their advantages and disadvantages. A comparison of the various data privacy regulatory models employed across the world is then provided followed by a proposal of a suitable model for the USA to adopt. Inderscience Publishers - linking academia, business and industry through research

Title: Data privacy laws in the USA

Authors: Yousuf Muhammad

Addresses: Dakota State University, 820 Washington Ave N, Madison, SD, USA

Abstract: Technological advancements over the last couple of decades have changed the world as we know it. As consumers increasingly adopt digital technologies, they end up sharing their personal data with companies that power these technologies, including sensitive personal data, and implicitly trust the companies to honour their privacy. A growing number of data breaches, especially those involving blatant disregard for customer privacy by large tech companies such as the Facebook-Cambridge Analytica incident of 2016, have led to an erosion in customer trust. Several countries across the world have taken cognisance of the seriousness of data privacy protection and have enacted comprehensive data privacy laws, however, the USA still relies on a concoction of statewide and sectoral laws, which are not adequate. There is a need for the enforcement of a comprehensive data privacy law in the USA to provide adequate data protection rights to US consumers. This paper explores the various current federal, sectoral, and state data privacy laws in place in the USA and discusses their advantages and disadvantages. A comparison of the various data privacy regulatory models employed across the world is then provided followed by a proposal of a suitable model for the USA to adopt.

Keywords: data privacy laws; patchwork privacy problem; comprehensive data privacy law; sectoral laws; self-regulation; data protection; data protection rights in the USA; California Consumer Privacy Act; CCPA; California Privacy Rights Act; CPRA; HIPAA; GLBA; FERPA; the USA.

DOI: 10.1504/IJIPSI.2023.131571

International Journal of Information Privacy, Security and Integrity, 2023 Vol.5 No.3, pp.238 - 249

Received: 10 Dec 2022
Accepted: 30 Mar 2023
Published online: 19 Jun 2023 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Data privacy laws in the USA

Keep up-to-date