This is the final in a series of three posts by Robert Gellman. You can read parts one and two here and here. In part 3, he writes:
This is the third and last in a series about the road to a general-purpose U.S. data protection law and the pitfalls on that road. The focus here is on areas of agreement between business and consumers. There are, in fact, some areas where the interests of both camps overlap.
Before moving there, we should acknowledge a major division in the business community. Some American multinational companies see the need to move toward international (i.e., EU) data protection standards. These companies see one set of privacy rules that work everywhere as the least costly solution. Microsoft is an example. Others in the business community still wish that privacy would just go away. They would prefer a meaningless privacy law that gives consumers few rights, imposes few obligations on business, and totally preempts state laws. While a bit simplistic, for purpose of this discussion we can divide the business world into the privacy-willing and the privacy-unwilling camps.
Read more on IAPP.