Document Type


Publication Date





Harvard Law School




Congress and state legislators are finally experimenting with new privacy frameworks, rights, and duties to move past the thoroughly critiqued “notice and choice” model for data privacy. While many new privacy proposals seek a more fortified version of the fair information practices, some legislators have placed a duty of data loyalty at the heart of their proposed privacy bills. This is important because a duty of data loyalty has the potential to anchor American privacy law in a way analogous to how the European Union approach is grounded in fundamental rights of privacy and data protection.

Unfortunately, there remains some uncertainty about what exactly a duty of data loyalty should require. What is needed is a clear expression of what a practicable duty of data loyalty will do, why it will do it, and to what extent. This Essay supplies such an account, and argues that to be effective, data loyalty legislation must (1) impose a broad primary duty of loyalty that is clarified through specific subsidiary duties, (2) reflect a substantive commitment against self-dealing in relationships of trust, and (3) be compatible with existing data privacy frameworks to accommodate a diverse enforcement strategy and generate political support.

To advance this approach, we offer as proof of concept a model statute for a duty of data loyalty — one that is designed to limit wrongful self-dealing with a robust “best interests” rule supplemented by specific duties with clear boundaries. The goal of this model legislation is to serve as a guide for legislators who seek to place data loyalty as the foundation of a U.S. approach to privacy. Instead of creating new legislative language from scratch, our model statute incorporates and strengthens many relevant existing data privacy rules under the unifying principle of keeping companies from betraying those who trust them with their data and online experiences. Our purpose in building on existing rules and bipartisan proposals is to demonstrate the practical appeal and feasibility of our data loyalty framework.

Find on SSRN Link to Publisher Site



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.