The Patchwork of U.S. Privacy Laws

The data privacy legal framework in the U.S. is often called a “patchwork” because it consists of various laws that regulate specific industries, but it has no unified standard for everyone. For example, Health Insurance Portability and Accountability Act regulates health information. Children’s Online Privacy Protection Act of 1998 regulates children's information online. Gramm-Leach Bliley Act of 1999 regulates financial information.   And many other separate laws.

A lot of push comes from the tech titans to create a unified standard on a federal law level. The states' legislatures also rush to fill the void contributing to the patchwork of inconsistent privacy regulation. California adopted the California Consumer Privacy Act (2018) and already amended it into the California Privacy Rights Act (effective 2023). Virginia recently enacted its own privacy laws as well.

The movement for a unified federal privacy standard may soon end.  Rep. Suzan DelBene introduced a federal privacy bill, Information Transparency and Personal Data Control Act. There are other bills that are expected coming from other House Representatives this year, according to Bloomberg. The proposed laws will most certainly clarify the standards for the protection of private data and will boost the Federal Trade Commission’s (FTC) enforcement activities.  FTC is the main federal agency that ensures that companies follow federal data privacy standards.

April 12, 2021

EN KOR RUS Business Law