Private Sector Organizations

Review the General Data Protection Regulation (GDPR) (https://www.gdpreu.org/) of the European Commission (EU). It includes many provisions and arguably strengthens data protection for individuals within the EU. It even includes the right to be forgotten. The United States does not have a similar regulation. There have only been a few regulations implemented related to US citizens’ private data, which include medical and financial industries. Some argue implementing regulation such as GDPR in the United States would hinder innovation. They contend that the End User License Agreements (EULA) provide sufficient protections and allow the citizens to make the choice of what is and is not shared.

As a private sector organization, do you believe that an equivalent to GDPR should be implemented in the United States?