Going Dutch? Collaborative Dutch Privacy Regulation and the Lessons It Holds for U.S. Privacy Law

84 Pages Posted: 11 Feb 2014 Last revised: 27 Feb 2014

See all articles by Dennis D. Hirsch

Dennis D. Hirsch

Ohio State University (OSU) - Michael E. Moritz College of Law; Capital University Law School

Date Written: November 1, 2013


Regulatory theorists have engaged in an interesting debate over the merits of “collaborative governance.” The term refers to those governance approaches in which regulators, industry and other stakeholders work together on drafting and enforcing rules. Proponents of collaborative governance claim that it combines the flexibility of self-regulation with the accountability of government rules. Critics counter that it gives industry members too much power over the rules and so allows the fox to guard the henhouse.

This debate has great relevance for U.S. privacy law today. The leading proposals for consumer privacy regulation call for a collaborative approach. Several bills in Congress and a major 2012 White House report encourage regulators, business representatives and others to work together on drafting the rules that will govern the field.

Is this a good thing? Should we rely on collaborative regulation to protect our privacy? While much has been published on the general merits of collaborative governance, far less has been written on how this approach works in practice or on how it would work in the privacy field. This article seeks to fill this gap. It examines the leading example of collaborative privacy regulation in the world today – the Dutch experiment with legally enforceable privacy codes of conduct. This initiative is very similar to one that Congress is considering. The author spent a semester as a Fulbright Professor in the Netherlands where he studied the collaborative Dutch approach and sought to identify the lessons it holds for U.S. privacy law.

This article conveys the results of that research. It begins by analyzing the scholarly debate over collaborative governance and using it to provide a context for the recent U.S. proposals for collaborative privacy regulation. Drawing on original interviews with those involved in the Dutch program, it next assesses the merits of the collaborative Dutch approach to privacy regulation and identifies the lessons that it holds for U.S. privacy law and policy. It concludes with normative, research-based recommendations for how Congress should design consumer privacy legislation.

Keywords: privacy, privacy law, data protection law, regulation, co-regulation, governance, collaborative governance, regulatory theory, governance theory, new governance, Europe, Netherlands, Dutch, code of conduct, administrative law, comparative administrative law, comparative regulation

JEL Classification: K20, K23, L50, L52, L86, O33, O38

Suggested Citation

Hirsch, Dennis, Going Dutch? Collaborative Dutch Privacy Regulation and the Lessons It Holds for U.S. Privacy Law (November 1, 2013). 2013 Mich. St. L. Rev. 83, Available at SSRN: https://ssrn.com/abstract=2393707

Dennis Hirsch (Contact Author)

Ohio State University (OSU) - Michael E. Moritz College of Law ( email )

55 West 12th Avenue
Columbus, OH 43210
United States

Capital University Law School ( email )

303 East Broad St.
Columbus, OH 43215

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics