Why Data Privacy Law Is (Mostly) Constitutional

Neil M. Richards

Washington University in Saint Louis - School of Law; Yale Information Society Project; Stanford Center for Internet and Society

October 2, 2013

Neil M. Richards, Why Data Privacy Law is (Mostly) Constitutional, William & Mary Law Review, 2014, Forthcoming.

Laws regulating the collection, use, and disclosure of personal data are (mostly) constitutional, and critics who suggest otherwise are wrong. Since the New Deal, American law has rested on the wise judgment that, by and large, commercial regulation should be made on the basis of economic and social policy rather than blunt constitutional rules. This has become one of the basic principles of American Constitutional law. Although some observers have suggested that the Supreme Court’s recent decision in Sorrell v. IMS Health (2011) changes this state of affairs, such readings are incorrect. Sorrell involved a challenge to a poorly-drafted Vermont law that discriminated on both content and viewpoint. Such a law would have been unconstitutional if it had regulated even unprotected speech. As the Sorrell Court made clear, the real problem with the Vermont law at issue was that it didn’t regulate enough, unlike the “more coherent policy” of the undoubtedly constitutional federal Health Insurance Portability and Accountability Act of 1996.

Data privacy law should thus rarely be thought as implicating serious constitutional difficulties, which is a good thing. As we move into the digital age, in which more and more of our society is affected or constituted by data flows, we face a similar threat. If “data” were somehow “speech,” virtually every economic law would become clouded by constitutional doubt. Economic or commercial policy affecting data flows (which is to say all economic or social policy) would become almost impossible. This might be a valid policy choice, but it is not one that the First Amendment commands. Any radical suggestions to the contrary are unsupported by our Constitutional law. In a democratic society, the basic contours of information policy must ultimately be up to the people and their policymaking representatives, and not to unelected judges. We should decide policy on that basis, rather than on odd readings of the First Amendment.

Number of Pages in PDF File: 18

Open PDF in Browser Download This Paper

Date posted: October 4, 2013 ; Last revised: February 13, 2014

Suggested Citation

Richards, Neil M., Why Data Privacy Law Is (Mostly) Constitutional (October 2, 2013). Neil M. Richards, Why Data Privacy Law is (Mostly) Constitutional, William & Mary Law Review, 2014, Forthcoming.. Available at SSRN: https://ssrn.com/abstract=2335196

Contact Information

Neil M. Richards (Contact Author)
Washington University in Saint Louis - School of Law ( email )
Campus Box 1120
St. Louis, MO 63130
United States
Yale Information Society Project ( email )
New Haven, CT 06520
United States
Stanford Center for Internet and Society ( email )
559 Nathan Abbott Way
Stanford, CA 94305-8610
United States

Feedback to SSRN

Paper statistics
Abstract Views: 4,079
Downloads: 635
Download Rank: 31,289