ABSTRACT
Reaching a global legal consensus about personal data protection will be very difficult if that consensus is to include the United States. The US approach to data privacy is strikingly weaker than data protection rules in the rest of the world. Unlike the European Union, which has adopted and enforced strict data protection regulations since 1995, the US lacks a comprehensive national law that safeguards personal data-nor have US courts recognized a broad right to informational self-determination. US residents seem relatively unconcerned with data privacy-which makes data protection a low priority. And, even if Congress adopted a general data privacy statute, the federal courts might invalidate it on First Amendment grounds. In sum, devising a substantive global data privacy regime that includes the US probably will not be possible. On the other hand, however, the prospects are better for transnational agreement on the question of which sovereign, or sovereigns, may legitimately regulate personal data privacy. The US conceivably could support a global conflict of laws system that harmonizes the application of inconsistent domestic information privacy laws. Thus, a limited form of globality might be achievable-even if a single global system of data privacy is not.
