All We Want for Christmas Is a National Data Privacy Law

Data Security
December 23, 2021
In a season of wishlists and gift requests, as data privacy professionals we have found ourselves wishing for something too - a United States national data privacy law.

All We Want this Christmas is a National Data Privacy Law

As the world comes alive with the warmth of the holiday season, we can't think of anything more heartwarming than effective National Data Privacy laws. The United States, a major player in leading the global economy and lover of all things Christmas, should ask lawmakers for a federal law that protects our personal data. How delightful would it be to wake up on Christmas morning to the comfort of knowing you and your family’s identifiable information is protected at all times. 

Data Privacy Concerns

Since the internet was born, issues with keeping personal information private have been with us. Whenever we enter data about ourselves online, whether it be credit card numbers at a major retailer or filling out a social media profile or job application, we risk unwanted eyes discovering our information.

The United States isn't at a complete loss concerning data privacy regulations, but we're definitely on the naughty list compared to other countries. Instead of a specific federal law that protects us from spammers, hackers, and massive corporations obtaining our information to use at their will, we have an unorganized jumble of state-level legislation enacted to attempt to protect us and our privacy when we're online. So far, not so good. 

Clearly, the internet is not going anywhere. We use it for everything, from shopping and health appointments to work meetings and social scrolling. As citizens, we continue to voice our concerns over the lack of privacy regarding the sensitive data we share online.

In the past few years, prominent global leaders, such as the European Union, have established national data privacy laws like the GDPR, and it's working. Which has led many to ask the question - when will the United States follow suit? 

The United States and National Data Privacy Laws

While individual states such as Colorado, Virginia, and California have put comprehensive privacy laws into effect, they're lacking at a federal level. It's not to say that there aren't any national efforts pending, as the new administration puts executive orders into effect, but we need more. 

A better relationship with foreign countries would be a wonderful Christmas present, and putting federal privacy laws into action is a beautiful place to start. Privacy legislation at a personal level does not only benefit the individual but rather is the foundation for unbreakable national security efforts.

National Privacy Laws and the Economy

The United States needs to take serious measures to enable all small and large businesses to connect with others globally. We want our economy to have global power, and we cannot do that with lackluster data privacy laws that put those vital connections at risk. 

Our nation has always had a measurable global influence, but we are swiftly falling behind in terms of data protection regulation. With technological giants like Apple and Facebook asking for increased privacy protection, it's time for the government to listen. 

The bottom line here is that the U.S. will continue to fall behind digitally without federal data privacy laws, especially when it comes to trusting data transfers. The higher level of data protection we have, the more we will be able to advance as businesses and consumers, expanding the economy even further. 

The Biggest Threats to Our Personal Data

While the size and use of the internet have undeniably expanded, the threats to personal data and privacy have remained somewhat the same. Cybercriminals have only gotten savvier over the years, and corruption is more widespread. 

They've gone from stealing information from simple websites and illegal media download platforms to hacking global retailers and banks. The explosion of social media use only makes it easier to target and steal unsuspecting citizen information. After all, social networks are for sharing. 


Remaining vigilant against malware is one of the ways we've got to step up our national data security game. Millions of Americans will log onto credible websites this season to Christmas shop and take advantage of post-holiday sales. This unknowingly puts many at risk of having their credit cards or even their identity stolen.

Malware, also known as malicious software, consists of spyware, ransomware, worms, and viruses. When a user clicks on a malicious attachment or link, which, let's face it, is easy to do during the holidays, the malware installs itself. 

With malware, your system may become inoperable, or hackers may obtain information directly from our systems. Also, they could block your access to critical network components, essentially holding your system ransom. 

This serves as an important reminder to take extra precautions when navigating through various web pages this holiday season, and beyond. You truly cannot be too careful in this respect. 


Most of us have seen phishing emails pop into our inboxes, primarily as our social media and online shopping use has gone up. Phishing attempts consist of fake communication, such as direct messages, emails, and text messages, asking us to click a link that will allow access to more of our information. 

National Data Privacy laws would be an added step in helping us avoid a phishing scam and keep our data private on social networks and retail sites. The goal is to protect credit card and login information from ending up in the wrong hands. As of now, there are few measures in place, other than the retailer's security efforts, to make that happen. 

Man in the Middle 

When hackers insert themselves smack dab in the middle of a two-party transaction, we call that a man in the middle situation. Typically, when a man-in-the-middle security issue arises, the victim uses an unsecured or public WiFi service, making it easy for cybercriminals to interrupt the transaction and steal sensitive information. 

There are seemingly endless opportunities for criminals to steal pieces of our private lives, using them to benefit themselves or others. Every time we log into our laptops, tablets, personal computers, or any device connected to the internet, we're at risk of falling victim to those that want to steal money, financial information, obtain personal data, and even influence our choices. The best thing you can do is exercise caution and always call the company directly before giving your information through a link if you are ever unsure. 

Pushing National Privacy Data Legislation

National data privacy legislation is overdue in the United States. Instead of comprehensive legal protection, we currently operate under patchwork laws and lack cohesive accountability. Our personal information and private data are routinely served on silver platters to hackers on a never-ending hunt. 

It's time for the U.S. Congress to mandate legislative protection of private data and information. According to a study by Pew Research, the American public has very little faith in the protection offered by private institutions, though we continue to make daily choices that put our information at risk.  

Without question, our world is digitalized, and we're never going back. We can continue to fall victim to theft after theft, or our government can make the legislative changes necessary to keep us safe.

Hopefully, we're not waiting until the end of 2022 for a glimmer of National Data Privacy Law hope. The current patchwork approach is not working, nor has it been, for years. It's time for the United States to provide a data protection law to better protect our citizens and bring us up to par with current global standards, and that's our only Christmas wish.

Compliance Managment Full Hexagon logo

Expert compliance support, on-demand

Accountable Compliance Success Managers are dedicated to making sure your company is fully compliant as we guide you step-by-step through the process of achieving HIPAA compliance.
Expert guidance
Build trust
Dedicated Compliance Success Managers
HIPAA Training
Decrease risk
Close more deals