This article is part of a three-part Lawfare series on how to address federal privacy legislation in the United States. The recommendations in this article, along with a recently published section on preemption, are adapted from a June 2020 Brookings Institution report, “Bridging the Gaps: A Path Forward to Federal Privacy Legislation.” Cameron F. Kerry and John B. Morris Jr. lead The Privacy Debate initiative at the Brookings Institution, which brings together stakeholders in civil society, industry, government and academia to discuss federal privacy legislation. The first piece on preemption is available here.
Cameron Kerry and John B Morris, Jr. write:
Because an impasse on individual rights of action makes federal privacy legislation unlikely to pass without a private right of action in some form, our report recommends a targeted remedy allowing individuals to sue for certain violations of baseline privacy legislation. We recommend focusing these cases on violations that most directly affect individual privacy by generally limiting recovery to “actual damages,” requiring a heightened “knowing or reckless” liability for most statutory provisions and a “willful or repeated” standard for more procedural provisions, and additional procedural filters. This post explains the rationale and the mechanics of our proposal.
Read more on Lawfare.