•  
  •  
 

Abstract

The collection of personal data in the private sector has grown exponentially over the years, leading to an exponential growth in the theft and the purchase of personal data by criminals and foreign adversaries. While the United States has implemented EO 14117 and the Protecting Americans’ Data from Foreign Adversaries Act of 2024 to protect against the inherent national security risks associated with data privacy, the United States must create an omnibus federal privacy law if it wishes to mitigate the national security risk. This paper introduces the reader to the increase in personal data collected by private organizations and, briefly, data brokers. The author then focuses on the lack of regulations that protect and restrict the collection of private data, the increase in data breaches in the United States, and how this poses a risk to national security. Next, this article briefly discusses current law and explores data privacy laws worldwide, specifically focusing on the GDPR, DSA, PIPA, PIPL, and POPIA. Lastly, the author then makes the case that the United States can benefit from learning from these laws by incorporating an omnibus federal privacy law that (1) creates personal data protection rights for those whose data is stored and shifts the harm from individuals whose data was stolen to those who stored the stolen data, (2) the creation of an independent governmental agency, and (3) the implementation of law to limit and/or stop the sale and transfer of personal data through cross- border transfers that could end in the hands of transnational criminal organizations or foreign adversaries.

First Page

99

Download

Included in

Law Commons

Share

COinS