PureGro1:
Have you taken a look to the links you quote? In case you haven't...
Is It Time For A U.S. Version Of GDPR?
the article has been written 8 months ago and refers:
In The European Union, Data Privacy Is Protected
The EU member countries codified the right to personal data privacy in April 2016 with the General Data Protection Regulation
(GDPR). More specifically, the GDPR is a regulation on data protection
and privacy in the EU and the European Economic Area, as well as on the
transfer of personal data outside those areas. The law became
enforceable in May 2018 with significant penalties for violators.
The GDPR specifies that data subjects get to determine what happens
with their personal information. The approach in the U.S. is generally
that individuals must selectively opt-out of processes that allow
businesses to collect and store personal information.
The European Commission has declared that, although there's more progress to be made, the GDPR is "an overall success"
in that individuals are "more empowered and aware of their rights."
Another measure of success is that other legislative bodies outside the
EU are considering similar actions. That said, is it time for a U.S.
version of GDPR-like privacy legislation?
Federal Regulation Would Be A Unifier
The concern with a state-by-state implementation of individual data
protection and privacy laws is that although there are similarities
among the states' regulations, there are also differences. This creates a
problem for businesses that operate nationwide, or at least across
state lines, that must comply with a range of mandates — some of which
may contradict each other. For simplicity’s sake, businesses want one
unified and standard set of regulatory requirements to meet. This is
precisely what the GDPR did, replacing numerous disparate regulations
instituted by various EU member states.