GDPR

Opinion: How to design a US data privacy law

Enlarge akinbostanci/Getty Images reader comments 217 Nick Dedeke is an associate teaching professor at Northeastern University, Boston. His research interests include digital transformation strategies, ethics, and privacy. His research has been published in IEEE Management Review, IEEE Spectrum, and the Journal of Business Ethics. He holds a PhD in Industrial Engineering from the University of

Published 2 weeks ago in
Opinion: How to design a US data privacy law
General data protection regulation GDPR logo on padlock with blue color background.
Enlarge
akinbostanci/Getty Images

reader comments

217

Nick Dedeke is an associate teaching professor at Northeastern University, Boston. His research interests include digital transformation strategies, ethics, and privacy. His research has been published in IEEE Management Review, IEEE Spectrum, and the Journal of Business Ethics. He holds a PhD in Industrial Engineering from the University of Kaiserslautern-Landau, Germany.

The opinions in this piece do not necessarily reflect the views of Ars Technica.

In an earlier article, I discussed a few of the flaws in Europe’s flagship data privacy law, the General Data Protection Regulation (GDPR). Building on that critique, I would now like to go further, proposing specifications for developing a robust privacy protection regime in the US.

Writers must overcome several hurdles to have a chance at persuading readers about possible flaws in the GDPR. First, some readers are skeptical of any piece criticizing the GDPR because they believe the law is still too young to evaluate. Second, some are suspicious of any piece criticizing the GDPR because they suspect that the authors might be covert supporters of Big Tech’s anti-GDPR agenda. (I can assure readers that I am not, nor have I ever, worked to support any agenda of Big Tech companies.)

In this piece, I will highlight the price of ignoring the GDPR. Then, I will present several conceptual flaws of the GDPR that have been acknowledged by one of the lead architects of the law. Next, I will propose certain characteristics and design requirements that countries like the United States should consider when developing a privacy protection law. Lastly, I provide a few reasons why everyone should care about this project.

The high price of ignoring the GDPR

People sometimes assume that the GDPR is mostly a “bureaucratic headache”—but this perspective is no longer valid. Consider the following actions by administrato

!–>

Read More

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

GDPR

Ryanair faces GDPR turbulence over customer ID checks

Irish data watchdog opens probe after ‘numerous complaints’ Ireland’s Data Protection Commission (DPC) has launched an inquiry into Ryanair’s Customer Verification Process for travelers booking flights through third-party websites or online travel agents (OTA).……

Published 1 week ago in
Ryanair faces GDPR turbulence over customer ID checks

Irish data watchdog opens probe after ‘numerous complaints’ Ireland’s Data Protection Commission (DPC) has launched an inquiry into Ryanair’s Customer Verification Process for travelers booking flights through third-party websites or online travel agents (OTA).……
Read More

Continue Reading
GDPR

Serial Entrepreneur: Digital Ecosystem Favors Data Distributors Over Creators

According to Victor Yu, co-founder of Carv, the current digital ecosystem favors data distributors over data creators. While he acknowledges the usefulness of regulatory frameworks like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA)in overseeing internet users, Yu believes these frameworks fall short because they do not translate into full user

Published 1 month ago in
Serial Entrepreneur: Digital Ecosystem Favors Data Distributors Over Creators

According to Victor Yu, co-founder of Carv, the current digital ecosystem favors data distributors over data creators. While he acknowledges the usefulness of regulatory frameworks like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA)in overseeing internet users, Yu believes these frameworks fall short because they do not translate into full user [……
Read More

Continue Reading
GDPR

Clearview AI Hit by €30.5 Million in the Netherlands for Violating the GDPR

Clearview AI has been hit by a massive fine of €30.5 million ($33.7 million) by the Netherlands’ data protection authority, Autoriteit Persoonsgegevens (AP), on Tuesday for violating the European Union’s… The post Clearview AI Hit by €30.5 Million in the Netherlands for Violating the GDPR appeared first on The Tech Report…

Published 1 month ago in
Clearview AI Hit by €30.5 Million in the Netherlands for Violating the GDPR

Clearview AI has been hit by a massive fine of €30.5 million ($33.7 million) by the Netherlands’ data protection authority, Autoriteit Persoonsgegevens (AP), on Tuesday for violating the European Union’s…
The post Clearview AI Hit by €30.5 Million in the Netherlands for Violating the GDPR appeared first on The Tech Report…
Read More

Continue Reading
GDPR

Dutch regulator fines Clearview AI $33.6 million for GDPR violations

The Dutch Data Protection Authority (DPA) has fined troubled facial recognition company Clearview AI 30.5 million euros ($33.6 million US) for violating Europe’s General Data Protection Regulation (GDPR). The DPA says that Clearview’s database, containing over 40 billion images, is illegal under European law.Read Entire Article…

Published 1 month ago in
Dutch regulator fines Clearview AI $33.6 million for GDPR violations

The Dutch Data Protection Authority (DPA) has fined troubled facial recognition company Clearview AI 30.5 million euros ($33.6 million US) for violating Europe’s General Data Protection Regulation (GDPR). The DPA says that Clearview’s database, containing over 40 billion images, is illegal under European law.Read Entire Article…
Read More

Continue Reading