It's Time for the U.S. to Lead on Data Privacy Law | Opinion

Individuals are finally understanding just how much of their personal data has been mishandled and abused. Defeatism and angst seem to have set in following the steady stream of high-profile breaches and revelations of the vast monetization of personal data. Many even claim that privacy is dead and little can be done to stop this spigot of data leaks.

But this is short-sighted. A societal movement is underway to counter these trends and shape the future of data privacy in the United States. Domestic and international forces are coalescing to finally instigate a federal data privacy regulation that will prompt innovation, enhance data security, and safeguard economic and national security.

The two of us come from opposite sides—one of us leading privacy policy and negotiations in the Obama Administration and the other in the Bush Administration—and both of us are now running software businesses that help others with privacy and security. We believe a bipartisan solution on privacy is possible, and that it is critically important to our people, to innovation, and to our national interest.

It's Possible to Balance Regulation and Innovation

One of the great stories of innovation from the late 1800's and early 1900's (before the passage of the first federal food and drug law) was the development of insulin as a treatment of diabetes, and countless lives were saved as a result. But the subsequent push for pharmaceutical innovation led to terrible abuses in untested drugs coming onto the market (elixir sulfanilamide is a good example), and eventually a balance was struck in the Federal Food Drug and Cosmetic Act.

Balance on privacy is key. Without it, you can impede innovation, hurt small businesses, chill free speech, and affect national security. We need the voice of the United States in this effort.

Four Reasons that a Federal Privacy Law is In Everyone's Interest

First, it is critical that our American values are part of this privacy movement. Last year, Europe's landmark data privacy law—the General Data Protection Regulation—went into effect. For human beings around the world, the elevation of privacy as a fundamental human right has been a fantastic thing, and the European Union deserves great credit for its leadership.

There are, however, some important American values that we should be fighting for when it comes to privacy. For example, most Americans believe that as long as they do really understand the facts, they should be free to share or sell their own information as they see fit. The European approach, on the other hand, includes a basic principle that the government can prevent you from selling or sharing your own personal data, even if you consent.

The same is true when it comes to freedom of the press and freedom of information. Our First Amendment protects the right of the press to publish public information, but in Europe, there are times when a newspaper can be required to remove and delete public information.

Because we do not have a comprehensive American privacy law, Europe's approach to privacy is quickly spreading globally. In the last few months, Japan, Canada, and a number of other countries have adopted laws that are modeled on European law. We need federal privacy law to make sure our values are included in the international privacy movement.

Second, states have begun to fulfill their critical role in our federal system of innovating around privacy. For example, late last year, the people of California passed the first major comprehensive privacy law, and a number of states are considering their own now. The California law and these other states include important protections around notice and the sale of personal information.

But, for small businesses, having to comply with many different privacy laws could be impossibly expensive. Europe learned this the hard way (for years, EU startups struggled with having to figure out 28 different sets of e-commerce rules), and pushed hard for a unified privacy law across all 28 member states along with a new unified "Digital Single Market." The last thing we want is to slow down small businesses and innovation with many different state privacy laws.

Third, for Americans, simplicity is critical. Frustrated with opaque terms of service agreements, it is difficult to find many Americans who want long, different privacy rules in each state. Europe's GDPR, for example, is long (there are 99 Articles), prescriptive, and detailed. A shorter, simpler, easier-to-understand, and yet comprehensive approach would be more aligned to our values, and would help more people actually understand how to protect their information.

Finally, it's just time for a national privacy law. We know it when we see it, and we all see it.

There is a golden opportunity for the U.S. to take the lead on data privacy globally and demonstrate how data protection can be an economic driver for growth and innovation. What could be more American than protecting property rights—your personal data—and providing the model to inspire those across the globe to similarly demand the data privacy that is at the core of democratic institutions and economic growth. We've been waiting too long for the market to do this alone, and we've reached the tipping point.

The United States is the country of the Fourth Amendment, and we've been focused on individual rights and privacy for more than 200 years. Now is the time for the US to start leading again on privacy.

Justin Antonipillai is the Founder and CEO of WireWheel, and is recognized as one of the leading experts on privacy and data protection. Before WireWheel, Justin served as Acting Under Secretary for Economic Affairs at the US Department of Commerce during the Obama Administration, and led a number of high-priority international efforts around privacy and security.

John Ackerly is CEO and Co-Founder of Virtru, John is proud to be helping millions of individuals and thousands of organizations take control of the information they store and share online. A longtime privacy advocate, John was responsible for technology policy at the White House and was the Policy and Strategic Planning Director at the U.S. Department of Commerce.

The views expressed in this article are the authors' own.​​​​​