The Case for a Comprehensive U.S. Privacy and Data Protection Law

In 2016, the European Parliament and European Council adopted the General Data Protection Regulation (“GDPR”),[1] a set of comprehensive data protection rules[2] enshrining seven principles that govern the control and processing of data: (1) lawfulness, fairness and transparency; (2) purpose limitation; (3) data minimization; (4) accuracy; (5) storage limitation; (6) integrity and confidentiality;[3] and (7) accountability.[4]  Data controllers are held accountable through … Read more