The Changing Face of Privacy Protection in the European Union and the United States
60 Pages Posted: 28 Sep 2006
Among the wide variety of national and multinational legal regimes for protecting privacy, two dominant models have emerged, reflecting two very different approaches to the control of information. The European Union has enacted a sweeping data protection directive that imposes significant restrictions on most data collection, processing, dissemination, and storage activities, not only within Europe, but throughout the world if the data originates in a member state. The United States has taken a very different approach that extensively regulates government processing of data, while facilitating private, market-based initiatives to address private sector data processing.
Under the EU data protection directive, information privacy is a basic human right; the failure of the U.S. legal system to treat it as such offends European values and has led the EU to threaten to suspend information flows to the United States. This threat is understandable in light of the directive's treatment of privacy as a human right, and necessary if the privacy of European nationals is to be protected effectively in a global information economy. In the United States, however, the government is constitutionally prohibited under the First Amendment from interfering with the flow of information, except in the most compelling circumstances. The EU data protection directive is plainly contrary to that constitutional maxim, and the suggestion that the directive should be extended to the United States exacerbates that conflict, as well as threatens U.S. leadership in information technologies and services.
This Article examines the expanding conflict and emerging compromises between the European Union and the United States over data protection. After describing each of the legal regimes and the principles that undergird them, the article concludes by addressing the conflict between those principles, current political efforts to minimize that conflict, and the inadequacies of both systems in the context of the Internet.
Keywords: data protection, privacy, European Union, international trade
Suggested Citation: Suggested Citation