Congress should enact privacy laws modeled after those of the EU.
America’s current laws related to privacy and data do not do enough to protect consumers. U.S. lawmakers should model privacy laws after the EU’s in regards to data collection, data storage, and electronic privacy.
European data laws embrace two core privacy rights that American law does not recognize. In Europe, consumers enjoy a “basic right to informational self-determination with regard to their personal data,”i and a so-called “right to be forgotten.” Informational self determination essentially means the right to make informed decisions about data collection and use. A French data commissioner defined the right to be forgotten as: “if an individual no longer wants his personal data to be processed or stored by a data controller, and if there is no legitimate reason for keeping it, the data should be removed from their system.”ii
Informational self-determination and the right to be forgotten are two rights that Americans should have. Consumers should be given full disclosure of what information will be collected about them, how it will be used, how it will be stored, and with whom it will be shared. If there is any data collection or use not fully disclosed and obvious to consumers, then opting out of that use or collection should be the default, with consumers having the choice to opt in, after considering all of the relevant information needed to make an informed decision. American consumers should have the right to require that a company reveal a full record of all data collected about them, and to generally have that data be deleted upon request.
i Proceedings Against Facebook Resumed, Der Hamburgische Beauftragte für
Datenschutz und Informationsfreiheit Press Release, 8/15/2012, at http://www.datenschutz-hamburg.de/fileadmin/user_upload/documents/PressRelease-2012-08-15-Facebook_Proceedings.pdf, accessed 1/7/2012