Another Data Privacy Week is here. As the digital landscape continues to evolve at breakneck speed thanks to the skill of America’s great innovators, one thing remains frustratingly static: the absence of a unified, nationwide data privacy standard in the United States.
Looking at the state of online safety today, the message from the American people is clear and consistent. Families, small business owners and consumers across the country are tired of their digital privacy rights depending entirely on which side of a state line they happen to be standing. At NetChoice, we believe it is time for Congress to stop fumbling at the finish line and finally deliver a federal privacy framework that protects all Americans and respects the positive uses of data.
In the absence of federal leadership, states have stepped into the vacuum, creating a dizzying patchwork of conflicting regulations. While some states have attempted to strike a balance, others—most notably California—have implemented overly restrictive, broad and clumsy frameworks. For example, the California Privacy Protection Agency (CPPA) has created compliance burdens so vague they could sweep in everyday tools like Excel spreadsheets.
This regulatory chaos is a lawyer’s dream and a small business owner’s nightmare. Instead of investing in innovation, better products or lower prices, American businesses are forced to sink massive resources into navigating 50 different sets of rules. That doesn’t just hurt our economy; it hurts our security. Hackers and data brokers are exploiting the gaps and loopholes found in this fractured system. When privacy rights vary by geography, the entire digital ecosystem becomes more vulnerable.
The need for a national standard isn’t just a theoretical policy debate; it’s a matter of urgent safety for everyone, especially our most vulnerable citizens. Cyberattacks continue to increase every year, and recent data highlights a staggering reality: 82% of K-12 schools experienced a cyberattack over an 18-month period. Children are the number one targets for identity theft, with 25% expected to experience it before they even turn 18.
A unified, national standard, as we advocate for in NetChoice’s Digital Safety Shield for America, would protect the data of all American families with the same level of rigor, regardless of where they go to school or live. We have seen near-breakthroughs in Congress before, but bipartisan frameworks have continuously been stuck on the two biggest policy hurdles: preemption and enforcement. But almost isn’t good enough when 1.7 billion data breach notices were sent to consumers in 2024 alone.
Congress has the constitutional authority to regulate interstate commerce. Because data flows across state lines every second of every day, privacy is, by its very nature, an interstate issue. Washington must stop ceding its leadership to Sacramento or allowing the European Union to drive global policy.
We need an American standard that reflects American values: protecting privacy while fostering the free enterprise that makes our tech sector the envy of the world.
If Congress were to take up this important issue in 2026, NetChoice urges them to focus on a few key components to ensure the law is effective for both Americans and their businesses:
- True Preemption: A national standard must be exactly that: national. It cannot allow for a patchwork within a patchwork by carving out specific states.
- Data Security-Forward: The law should require entities to protect the confidentiality and integrity of the data they hold.
- A Right to Cure: Compliance should be the priority, not punishment. Giving businesses a chance to remedy honest accidents ensures that the goal remains consumer protection rather than allowing the trial bar to enrich itself through frivolous litigation.
- Preserving Positive Data Use: We must ensure consumers continue to benefit from the ways data sharing makes life better, such as relevant content recommendations, discounts and the R&D that leads to the next generation of life-saving technologies.
This Data Privacy Week, NetChoice calls on Congress to make this nationwide privacy and security standard a top priority. While we advocate for these legislative changes, we also encourage individuals to take control of their own digital footprints by using the privacy tools already available to them on digital services, including parental control tools.
But individual action can only go so far. America needs a Digital Safety Shield that protects everyone. We need to fund law enforcement to go after the predators and cybercriminals who target our kids online, and we need a federal data privacy law that ensures our rights don’t vanish when we cross state lines.
The 119th Congress has the opportunity to increase confidence in the American digital marketplace. Let’s make 2026 the year the U.S. finally puts a stop to the patchwork and creates a more secure online environment where free enterprise and free expression can thrive for every American family.