Privacy Law's False Promise

62 Pages Posted: 9 Dec 2019 Last revised: 22 Dec 2019

Date Written: December 6, 2019


Privacy laws have never seemed stronger. New international, national, state, and local laws have been passed with the promise of greater protection for consumers. Courts across the globe are reclaiming the law’s power to limit collection of our data. And yet, our privacy seems more in danger now than ever, with frequent admissions of nefarious data use practices from social media, mobile apps, and e-commerce websites, among others. Why are privacy laws, seemingly more comprehensive than ever, not working to protect our privacy? This Article explains.

Based on original primary source research — interviews with engineers, privacy professionals, and vendor executives; product demonstrations; webinars, blogs, industry literature; and more — this Article argues that privacy law is failing to deliver its promised protections because it is undergoing a process of legal endogeneity: mere symbols of compliance are standing in for real privacy protections. Toothless trainings, audits, and paper trails, among other symbols, are being confused for actual adherence to privacy law, which has the effect of undermining the promise of greater privacy protection for consumers.

Keywords: privacy, law and society, compliance, privacy law, qualitative research

Suggested Citation

Waldman, Ari Ezra, Privacy Law's False Promise (December 6, 2019). Washington University Law Review, Vol. 97, No. 2, 2020, Available at SSRN:

Ari Ezra Waldman (Contact Author)

Northeastern University

416 Huntington Avenue
Boston, MA 02115
United States

Here is the Coronavirus
related research on SSRN

Paper statistics

Abstract Views
PlumX Metrics