Privacy Law's False Promise

62 Pages Posted: 9 Dec 2019 Last revised: 22 Dec 2019

See all articles by Ari Ezra Waldman

Ari Ezra Waldman

University of California, Irvine School of Law

Date Written: December 6, 2019


Privacy laws have never seemed stronger. New international, national, state, and local laws have been passed with the promise of greater protection for consumers. Courts across the globe are reclaiming the law’s power to limit collection of our data. And yet, our privacy seems more in danger now than ever, with frequent admissions of nefarious data use practices from social media, mobile apps, and e-commerce websites, among others. Why are privacy laws, seemingly more comprehensive than ever, not working to protect our privacy? This Article explains.

Based on original primary source research — interviews with engineers, privacy professionals, and vendor executives; product demonstrations; webinars, blogs, industry literature; and more — this Article argues that privacy law is failing to deliver its promised protections because it is undergoing a process of legal endogeneity: mere symbols of compliance are standing in for real privacy protections. Toothless trainings, audits, and paper trails, among other symbols, are being confused for actual adherence to privacy law, which has the effect of undermining the promise of greater privacy protection for consumers.

Keywords: privacy, law and society, compliance, privacy law, qualitative research

Suggested Citation

Waldman, Ari Ezra, Privacy Law's False Promise (December 6, 2019). Washington University Law Review, Vol. 97, No. 2, 2020, Available at SSRN:

Ari Ezra Waldman (Contact Author)

University of California, Irvine School of Law ( email )

401 E. Peltason Dr.
Ste. 1000
Irvine, CA 92697-1000
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics