Which level is better placed to provide efficient data protection – the federal or the state level? This question is topical both in the United States and in the European Union. In the US, there are concerns regarding the increased fragmentation of American data privacy law and the lack of relevant federal consolidation. In the EU, the proposed General Data Protection Regulation (GDPR) supposed to replace the Directive of 1995 was met with opposition regarding the “over-centralization of powers” in the European institutions.
Where do we stand with data protection in the EU and in the US now? We are five years in after the EU Commission first announced its initiative to work toward updating the framework European data protection law, and over 207 amendments to the Commission’s proposal later (introduced only in the version of the European Parliament; if we add the ones tabled by the different Presidencies of the Council, the count would reach several thousands). In an unprecedented move, at the end of July the European Data Protection Supervisor issued his own amended version of the Regulation ahead of the upcoming institutional trialogue…
In the meantime, the US has been drifting further away from a comprehensive statutory scheme after a federal proposal for a Consumer Bill of Rights failed to muster agreement twice, first in 2012 and then in 2015. Current attempts to regulate student privacy and to consolidate state data breach notification laws on the federal level remain uncertain.
In short, the GDPR and US federal initiatives are seemingly not winning hearts and minds. But they should have at least provoked your curiosity by now ...Zum vollständigen Artikel