Academic journal article Journal of Corporation Law

Privacy Piracy: The Shortcomings of the United States' Data Privacy Regime and How to Fix It

Academic journal article Journal of Corporation Law

Privacy Piracy: The Shortcomings of the United States' Data Privacy Regime and How to Fix It

Article excerpt

I. INTRODUCTION II. BACKGROUND: AN OVERVIEW OF THE U.S.MODEL AND THE EUMODEL   A. The U.S. Model: Criticisms     1. Constitutional Barriers to Protection     2. Court Precedential Barriers     3. Federal Privacy Law Failures     4. Enforcement Problems     5. Corporate Barriers to Reform   B. The EU Model III. ANALYSIS: PROPOSED SOLUTIONS TO THE U.S. DATA PRIVACY PROBLEM   A. Keeping the Current U.S. Model     1. Continued Self-Regulation     2. Private Right of Action and Increased Litigation: Where is the        Harm?     3. The FTC is Catching Up     4. Leave it to the States   B. Adopting the Enforcement Framework of the EU Model   C. Collaborative Governance Approach IV. RECOMMENDATION V. CONCLUSION 


2015 was an unkind year to people who cheat. A group of hackers obtained and threatened to leak gigabytes of personal information of the users of Ashley Madison, (1) a website used by individuals seeking to have an extramarital relationship, if the site was not shut down immediately. (2) To the humiliation of thousands of users, the hacker group leaked names, sexual fantasies, credit card information, addresses, and more. (3)

The news was frightening for many because of Ashley Madison's practice of never deleting their users' private information. (4) However, injuries stemming from data breaches do not only affect the unsympathetic. Simply shopping at Target put 40 million credit and debit card accounts in jeopardy when the company announced that they had been the victim of a data leak in 2013. (5)

Even more troubling to some is not just that companies are not adequately protecting against incidents of data leakage, but that these companies will often leak the information on purpose. (6) Many websites use up to 100 tools to track consumer data. (7) Companies will often sell a consumer's location, age, and other personal details to "data brokers," who in turn distribute this information to third parties. (8) Not only are these facts shocking to some, it is even more shocking that businesses in the united States actually have a large role in creating the rules that regulate their actions. (9)

The data leaks at Ashley Madison, Target, and many other companies suggest that consumer protection requirements for businesses are not stringent enough. This Note will discuss the United States's data privacy problem and some solutions scholars have proposed to affect widespread compliance by businesses and protection for consumers. Part II will discuss the history of data privacy in the United States and in the European Union (EU). Part III will analyze proposed solutions to the U.S. privacy problem and discuss their viability. Part IV will recommend a solution that the United States can implement to provide more protections to its citizens without damaging its growing data-driven economy.


Modern-day data privacy laws protecting private information in the United States and the EU grew out of the 1970s Fair Information Practice Principles (FIPPs). (10) The FIPPs outline eight essential pillars of effective data security: 1) transparency, 2) purpose specification, 3) use limitation, 4) data minimization, 5) data accuracy, 6) individual participation, 7) security, and 8) accountability. (11) Although the United States developed the principles, the country has not yet fully embraced them; instead, the United States relies on a fractured system comprised of various acts and statutes that did not begin with a glance at the FIPPs, but rather grew out of what each industry individually needed. 12 The EU, however, has made a conscious effort to incorporate the FIPPs into its Data Directive; the Data Directive is widely recognized globally as providing more protection for consumers' private information than the EU's regulations. (13) This Part will discuss the data protection models that both the United States and the EU adopted. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.