Public demand for stronger privacy laws has reached a critical point, and congress is likely to pass sweeping, cross-technology and cross-industry privacy legislation for the first time in US history. This is an exciting juncture for information policy, but also a perilous one. Poorly constructed privacy laws can frustrate the interests of the people they are meant to protect.

In her newest white paper, PEP Director Jane Bambauer explains why an evidence-based privacy law would not look like the GDPR or the CCPA, and offers the contours (and even model language) of a statutory scheme that would better serve the modern American consumer.

You can read the full paper and model legislation here.