U.S. policymakers have been considering federal data protection for some time, debating whether the United States’ current less-regulatory approach is still appropriate. The ongoing COVID-19 pandemic is a useful case study for data privacy regulation, as it illustrates the risks and benefits of the current regime. AAF’s Director of Technology and Innovation Policy Jennifer Huddleston compares and contrasts the different regulatory models and argues that a less-stringent approach provides more innovation, flexibility, and choice.

Her key points:

• As the United States considers federal data protection legislation, policymakers should consider how lessons from the pandemic illustrate the tradeoffs associated with stringent policies and the different choices individuals may make when it comes to their data privacy;
• Stringent data protection regulations, such as the European Union’s General Data Protection Regulation, can hinder responses during an emergency like the COVID-19 pandemic; and
• The potential benefits of using some less-secure technologies during social distancing outweigh the privacy and security risks associated with them, and the decision about the balance between these risks and benefits will be different for different consumers and situations.

Read the analysis.