Cambridge Analytica, Data Privacy, GDPR, privacy

Over the course of the last 3 decades, the world has seen monumental shifts in how information is collected, transmitted, and disseminated. Every aspect of our personalities that live on the internet, including our browser history, photos we post to social media, our shopping decisions and our selection of online friends, has been collated, quantified, and assimilated into a digital profile, which has skyrocketing value to an increasing number of businesses. With these developments in technology come the inevitable questions of ownership of such data, its use, misuse and even possible theft. This paper takes a comprehensive and comparative look at the data privacy legislature in the two largest data hubs in the world, namely the United States and the European Union. The paper also seeks to address the shortcomings of certain, past legislative decisions, and makes a recommendation for the future. To do this, we analyze the events of the past, using the 2016 Facebook/Cambridge Analytica data scandal as a focal

point. On analyzing the major differences between American privacy law and the preeminent document on data privacy at the time, namely the Global Data Privacy Regulations (GDPR), we conclude that data privacy in the United States is in its nascent stages, in dire need of an overhaul. The California Consumer Privacy Act is the legislature that comes close to mimicking the function of the GDPR, albeit at a much smaller scale. The other remedies include the American Data Privacy and Protection Act (ADPPA), which is already under consideration by Congress, or a state-by-state approach.

• Auxier, B., Rainie, L., Anderson, M., Perrin, A., Kumar, M. and Turner, E., (2019). Americans and Privacy: Concerned, Confused and Feeling Lack of Control Over Their Personal Information. [online] pewresearch.org. Available at: https://www.pewresearch.org/internet/2019/11/15/americans-and-privacy-concerned-confused-and-feeling-lack-of-control-over-their-personal-information/ (Accessed 17 February 2022).
• Warren, S. and Brandeis, L. (1890). The Right to Privacy. Harvard Law Review, 4(5), pp.193—197 (Accessed 2 August 2022).
• European Commission - European Commission. (2022) What is personal data?. [online] Available at: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-personal-data_en (Accessed 8 August 2022)
  Griswold v. Connecticut (1965) 381 U.S. 479 (Accessed 3 July 2022).
  Katz v. United States (1967) 389 U.S. 347 (Accessed 8 July 2022).
  Whalen v. Roe (1977) 429 U.S. 589 (Accessed 29 April 2022).
  United States v. Miller (1976) 425 U.S. 435 (Accessed 29 April 2022).
  Kyllo v. United States (2001) 533 U.S. 27 (Accessed 29 April 2022).
  Carpenter v. United States (2018) 138 S. Ct. 2206 (Accessed 29 April 2022).
• Grossman, E. (1986). Conceptualizing National Identification: Informational Privacy Rights Protected. UIC Law Review, 29(4), pp.5. Available at: https://repository.law.uic.edu/lawreview/vol29/iss4/15/ (Accessed 13 March 2022)
• Austin, L. (2018). Re-Reading Westin. Theoretical Inquiries in Law, Forthcoming, 20(1), pp.5 (Accessed 6 August 2022).
• Regulation (EU) (2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance)’. (2016). Official Journal, L 119, pp.1-88. Available at: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679  (Accessed 4 June 2022)
• Boyce, B. (2007). Property as a Natural Right and as a Conventional Right in Constitutional Law. Loyola of Los Angeles International and Comparative Law Review, 29(2), pp.16 (Accessed 21 July 2022).
• Downing v. Municipal Court of San Francisco [1948] 88 Cal. App. 2d 345 (Accessed 29 April 2022).
  Kremen v. Cohen (2003) 337 F.3d 1024 (Accessed 29 April 2022).
• Phoenix, J. (2021). What is a Digital Fingerprint?. [online] Available at: https://understandingdata.com/what-is-a-digital-fingerprint/ (Accessed 23 February 2022)
  HiQ Labs, Inc. v. LinkedIn Corp. (2019) 938 F.3d 985 (Accessed 31 January 2022).
  California Legislature, (2020). CIV. § 1798.120(a) (Accessed 10 June 2022).
• In Re Marriage of Graham (1978) 574 P.2d 75.
• Ingram, M. (2018). ‘It just felt right’: David Carroll on suing Cambridge Analytica. [online] Available at: https://www.cjr.org/q_and_a/lawsuit-cambridge-analytica.php
•  Data protection. [online] Available at: https://www.gov.uk/data-protection (Accessed 27 May 2022)
• Federal Trade Commission (2019) UNITED STATES OF AMERICA BEFORE THE FEDERAL TRADE COMMISSION In the Matter of Cambridge Analytica, LLC, a corporation. Docket NO. 9383. Available at: https://www.ftc.gov/system/files/documents/cases/d09389_comm_final_opini onpublic.pdf (Accessed 18 July 2022)
• In re Facebook, Inc. Sec. Litig. [2020] 477 F. Supp. 3d 980 (Accessed 31 March 2022).
• Lapowsky, I. (2019). One Man’s Obsessive Fight to Reclaim His Cambridge Analytica Data. [online] Available at: https://www.wired.com/story/one-mans-obsessive-fight-to-reclaim-his-cambridge-analytica-data/ (Accessed 1 March 2022)
• United States International Trade Administration. Privacy Shield Program Overview. [online] Available at:https://www.privacyshield.gov/program-overview (Accessed 28 July 2022)
  Whalen v. Roe (1977) 429 U.S. 589 (Accessed 28 March 2022).
  Naperville Smart Meter Awareness v. City of Naperville) [2018] 900 F.3d 521 (Accessed 13 March 2022)
• Fischer, W., (2022). We talked to the professor who fought Cambridge Analytica to get his data back in Netflix's 'The Great Hack' about why privacy rights in the US are lagging behind the rest of the world. [online] Business Insider. Available at:https://www.businessinsider.in/tech/we-talked-to-the-professor-who-fought-cambridge-analytica-to-get-his-data-back-in-netflixs-the-great-hack-about-why-privacy-rights-in-the-us-are-lagging-behind-the-rest-of-the-world/articleshow/70726124.cms (Accessed 1 August 2022).