The journey toward federal data privacy legislation is fraught with challenges and tradeoffs. A national framework has the potential to be a major asset, as data breaches carry enormous costs for consumers, and unifying privacy protections before the policy landscape fully transforms into a state-by-state patchwork will limit compliance costs for businesses. While Europe’s General Data Protection Regulation (GDPR) is one potential model for such a framework, the inherent contradictions between the “rights” it establishes make it fundamentally flawed. Decoding consumers’ wishes surrounding privacy presents an additional hurdle — while Americans report a desire for privacy legislation and find certain data collection practices “creepy,” they also indicate that they value free access to data-intensive platforms and often lack a technical understanding of data privacy concepts. Policymakers should navigate these complex concerns by enacting legislation that would promote informed consent around data collection and focus on specific protections against targeted harms.

This entire ConsumerGram is available online here.