US Working on Its Own Version of EU’s GDPR Data Privacy Policy

The European Union shook the Internet up a few months back when it enacted the GDPR policy. Even the state of California put its own policy into place. Now the U.S. is working on its own data privacy policy. So far they’re still in the planning stages, so it’s unknown if this policy will shake things up as well.

Reminder of What GDPR Is

The GDPR (General Data Protection Regulation) is designed to protect Internet users in the E.U. It includes a set of guidelines for how users’ personal information is collected and what happens to it after it’s collected.

While all of that is great for consumers, it caused companies and website owners a good deal of grief, as they were instructed to change their websites to meet with the expectations of the guidelines of the GDPR.


A short time after the deadline that companies and website owners were given, a rumor was floated that the U.S. was considering its own policy. We polled our readers and writers to ask if they thought this policy should go worldwide.

At that time we only had unofficial word that the U.S. was working on their own policy and the word of a special assistant to the president on tech, telecom, and cyberpolicy, Gail Slater. She said they were “talking through what, if anything, the administration could and should be doing.

But now there is official word from David Redl, a senior U.S. Commerce Department official who oversees the National Telecommunications and Information Administration, and Lindsay Walter, White House spokeswoman, that a consumer data privacy policy is in the works.

What Has Been Confirmed

Redl said in a speech to the Internet Government Forum USA that the current administration “began holding stakeholder meetings to identify common ground and formulate core, high-level principles on data privacy.”

He contends the plan is to publish “high-level principles” and gather comments from the public as they work on a data privacy plan for the U.S.

Walters said that through the White House National Economic Council, the administration “aims to craft a consumer privacy protection policy that is the appropriate balance between privacy and prosperity.” She added that they “look forward to working with Congress on legislative solution consistent with our overarching policy.”

Major companies in the U.S. have had data breaches or have improperly shared the data of their users. These include Facebook, Yahoo!, Equifax Inc., Target Corp., and Home Depot Inc.


These meetings have included major Internet companies, such as Facebook and Alphabet (parent company of Google), and Internet providers, such as AT&T Inc. and Comcast Corp.

AT&T said it backs “federal legislation that establishes strong consumer privacy protections that apply to all companies operating on the Internet.”

A spokesman for the Information Technology Industry Council, Jose Castaneda, sees great possibility. “The United States has an opportunity to create a new, best-in-class privacy paradigm for the digital economy as well as avoid the creation of a patchwork of laws that would impede innovation.

However, all this is being done after Donald Trump, president of the U.S., repealed privacy rules that had been approved by the current administration. They required Internet service providers to better protect customers’ privacy than what websites were doing. Now it seems the goal is just to initiate this administration’s own policy.

Where Will All this End Up?

The big question is where all this will end up. Castaneda hit the nail on the head, that we don’t need a bunch of conflicting laws that will make it hard to do anything on the Internet. We already have the rules set forth by the GDPR – we don’t want a bunch more, but we do want to be protected.

What kind of privacy rules do you think need to be set at this point, so that we’re not just adding rules upon rules, and that will really help keep us safe when we’re on the Internet? Add your thoughts in the comments section below.

Laura Tucker Laura Tucker

Laura has spent nearly 20 years writing news, reviews, and op-eds, with more than 10 of those years as an editor as well. She has exclusively used Apple products for the past three decades. In addition to writing and editing at MTE, she also runs the site's sponsored review program.


  1. “Where Will All this End Up?”
    Just like any law passed by Congress this will end up with so many holes as to make a colander look impervious. The biggest loophole in the law will be the exemption of government’s alphabet agencies from any regulations.

    “These meetings have included major Internet companies, such as Facebook and Alphabet (parent company of Google), and Internet providers, such as AT&T Inc. and Comcast Corp.”
    That’s like having the foxes design security measures for hen houses. Once the law is crafted and passed, it will be the privacy of the data harvesters that is protected, not the Internet users’.

  2. “… the current administration “began holding stakeholder meetings …”

    “These meetings have included major Internet companies, such as Facebook and Alphabet (parent company of Google), and Internet providers, such as AT&T Inc. and Comcast Corp”

    And that’s likely the *only* “stakeholders” they’ll be meeting with…it’s likely they’ll be meeting with few, if any, of the *true* stakeholders – the consumers. And the only “stake” that Facebook, Google, et al have is in keeping things exactly the way they are now.

    Don’t forget, Facebook and Google only survive because of the things they do with the data they harvest from their users. If rules and laws were passed preventing them from doing those things, then they’d simply cease to exist…or start charging buckets of money for using their services.

    1. “or start charging buckets of money for using their services”
      And be abandoned by most of their users in protest, and the cease to exist.

      1. “And be abandoned by most of their users in protest, and the cease to exist”

        Hummm…ceasing to exist either way…I like it. A most satisfying end to most deserving groups.

  3. I agree with the comments already posted. I have fought for net neutrality to be kept in place, including talking personally to my own state’s reps, to no avail. I see the corporations names listed are exactly the same ones whom fought to have net neutrality overturned to start with. What a hypocritical absurd subject matter to even expect the dummest of us “consumers” the “end users” whom don’t count except for what we can do for them. This country is nothing but a capitalistic monarchy class system all over again. The elite royalty are exempt from anything that we all used to have a “Constitution” to protect us from them. What happened to that? I am one whom reads all that “fine print” posted in EULA’s, and “my rights” attached to contractual agreements that are nothing but one sided rights for them not me or any consumer. This is another example of what happens when you have a government ran by one party and so polarized that they will eventually fight among themselves about the most nonrelevant things and accomplish nothing. The party that claims to want less government? Nothing but a bunch of hypocrits who live lies and judge others.Anything they cannot fix, let’s make another stupid law against it. LOLOLOLOLOL
    enough said.

  4. GDPR is a joke, meant to harass people like you and me.
    Everytime you open a webpage, your permission is asked to allow cookies. Like you have a say in these matters.
    OK, you do have a choice: to thrash your phone and start living like a caveman or to put up with the efforts ‘to make your internet experience more enjoyable’.
    But please, don’t remind me EVERYtime.

    1. Unbelievable as it may seem, there was a time without the Internet and even without phones. Humanity managed to survive very well, thank you. So it is possible to live without those two infernal inventions. We just have to give up being connected constantly and instantaneously 24/7/365. /GRIN/

Comments are closed.