The recent privacy scandal surrounding Cambridge Analytica’s use of Facebook data during the 2016 election highlights a major shortcoming in U.S. privacy law.
Existing laws only cover specific categories of information, including health care and financial records. Loopholes allow companies to skirt these regulations and mishandle information with impunity.
The European Union takes a much different approach to privacy, using broad regulations to protect all personal information by default. Those protections get stronger on May 25 when their General Data Protection Regulation takes effect. We need to follow this example and provide strong privacy protections in the United States.