A Model Regime of Privacy Protection (Version 3.0)

48 Pages Posted: 7 Feb 2006 Last revised: 2 Aug 2014

See all articles by Daniel J. Solove

Daniel J. Solove

George Washington University Law School

Chris Jay Hoofnagle

University of California, Berkeley - School of Law; University of California, Berkeley - School of Information

Abstract

A series of major security breaches at companies with sensitive personal information has sparked significant attention to the problems with privacy protection in the United States. Currently, the privacy protections in the United States are riddled with gaps and weak spots. Although most industrialized nations have comprehensive data protection laws, the United States has maintained a sectoral approach where certain industries are covered and others are not. In particular, emerging companies known as "commercial data brokers" have frequently slipped through the cracks of U.S. privacy law. In this article, the authors propose a Model Privacy Regime to address the problems in the privacy protection in the United States, with a particular focus on commercial data brokers. Since the United States is unlikely to shift radically from its sectoral approach to a comprehensive data protection regime, the Model Regime aims to patch up the holes in existing privacy regulation and improve and extend it. In other words, the goal of the Model Regime is to build upon the existing foundation of U.S. privacy law, not to propose an alternative foundation. The authors believe that the sectoral approach in the United States can be improved by applying the Fair Information Practices - principles that require the entities that collect personal data to extend certain rights to data subjects. The Fair Information Practices are very general principles, and they are often spoken about in a rather abstract manner. In contrast, the Model Regime demonstrates specific ways that they can be incorporated into privacy regulation in the United States.

This is the final version of this paper (Version 3.0), earlier versions of which are also available on SSRN. This version of the paper is published in the Illinois Law Review.

Keywords: privacy, databases, databrokers, ChoicePoint, identity theft, credit, legislation, regulation, information, security, data

JEL Classification: K10, K20

Suggested Citation

Solove, Daniel J. and Hoofnagle, Chris Jay, A Model Regime of Privacy Protection (Version 3.0). GWU Law School Public Law Research Paper No. 132, University of Illinois Law Review, Vol. 2006, No. 2, 2006, Available at SSRN: https://ssrn.com/abstract=881294

Daniel J. Solove (Contact Author)

George Washington University Law School ( email )

2000 H Street, N.W.
Washington, DC 20052
United States
202-994-9514 (Phone)

HOME PAGE: http://danielsolove.com

Chris Jay Hoofnagle

University of California, Berkeley - School of Law ( email )

341 Berkeley Law Building
Berkeley, CA 94720-7200
United States
‭(510) 666-3783‬ (Phone)

HOME PAGE: http://hoofnagle.berkeley.edu

University of California, Berkeley - School of Information ( email )

212 South Hall
Berkeley, CA 94720-4600
United States
510-643-0213 (Phone)

HOME PAGE: http://hoofnagle.berkeley.edu

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
3,438
Abstract Views
32,420
Rank
6,283
PlumX Metrics