21 May 2018
Daniel Weitzner delivered a keynote address at the 2nd Annual Privacy & Cybersecurity Conference of the Boston Bar Association.
“A string of privacy assaults — beginning with the Equifax data breach and culminating in the large-scale misuse of personal data by Cambridge Analytica, enabled by Facebook — raise the question: Is it time for the United States to enact a comprehensive privacy protection law? Some say, oh, the US already has 15 major federal privacy laws, covering everything from banking and consumer credit to health data and video rental records. These laws, plus a growing number of state laws and a robust tort system are plenty to protect American privacy values. Any more, goes the thinking just risks regulatory overkill and burdens on innovation. At the other extreme, some consumer advocates say: the US should follow Europe’s lead and adopt a single, omnibus privacy protection law in the mode of the EU General Data Protection Regulation (GDPR).”
“I hope to convince you that the right path for the United States — both for businesses and for citizens — is somewhere in between. […]”
Download the full speech (186 KB)