Data protection law in USA

Privacy protection is largely defined as “liberty protection” focused on the protection of the individual’s personal space from the government. It is viewed as being somewhat narrow in focus because it enables collection of personal information as long as the individual is informed of such collection and use. The US template has been viewed as inadequate in key respects of regulation.

There is no comprehensive set of privacy rights or principles in the US that, like the EU’s GDPR, addresses the use, collection, and disclosure of data. Instead, there is limited sector-specific regulation. The approach towards data protection is different for the public and private sectors. The activities and powers of the government vis-a-vis personal information are, however, sufficiently well-defined and addressed by broad legislation such as the Privacy Act, the Electronic Communications Privacy Act, etc. For the private sector, there are some sector-specific norms.