Start OneTrust-to-PrivacyEngine migration today 🔁 Effortless switch now available Learn More!

Podcast

US Privacy Law Part 1: The complex federal data protection and privacy landscape of the USA

A practical introduction to the fragmented US privacy framework, covering its history, key federal laws and why America has no single GDPR-style data protection law.

US Privacy Law Part 1: The complex federal data protection and privacy landscape of the USA

In the first of three episodes on the US Privacy landscape, Katie and Maria focused on the unique, fragmented nature of privacy laws in the United States. They discussed how the US lacks a comprehensive federal privacy law, instead relying on sector-specific regulations like HIPAA for health data, COPPA for children’s data, and GLBA for financial information, with enforcement primarily handled by the Federal Trade Commission. The conversation covered the historical development of privacy law in the US, from the 1890 “right to be let alone” concept through key legislation including the Privacy Act of 1974 and the Video Privacy Protection Act, highlighting how US laws often emerge in response to specific scandals rather than proactive regulation. They also explored the ongoing challenges in passing comprehensive federal privacy legislation, including political disagreements over private rights of action and federal preemption concerns, as well as the significant influence of tech industry lobbying in slowing or blocking privacy legislation.

In episode two, Katie and Maria will cover the state law picture, including California in depth, the broader wave of state comprehensive privacy laws, how individual rights compare with the GDPR, children’s data regulation at the state level, and the FTC’s role as de facto national privacy regulator.