Mark Peasley


The European Union’s General Data Protection Regulation is the most comprehensive, far-reaching, and forward-thinking piece of legislation to be passed in recent history. The GDPR will set the European Union far ahead of the United States when it comes to protecting personal information, but fear not; many of the GDPR’s requirements reach across the Atlantic and will offer a trickle-down benefit to United States citizens as entities move towards compliance. However, this is only an unintended benefit of the GDPR. Currently, the United States takes a piecemeal approach to data protection that focuses on the type of information stored, which overlooks the risks that arise when personal information can be collated from multiple, less protected sources.

More is needed from Congress to drive the United States to protect personal information on an overarching level. Some Congressional action has attempted to further the United States’ laws regarding data protection, but each attempt in recent history has failed. The United States has two options: stumble forward with its current piecemeal method of data protection or follow its European counterparts with modern, ambitious, and aggressive protection for all of its citizens.