New privacy bill demonstrates need for better data governance


U. S. Senator Kirsten Gillibrand (D-NY) introduced legislation to create a Data Protection Agency to, in her words, “bring the protection of your privacy and freedom into the digital age.

“Data has been called ‘the new oil.’ Companies are rushing to explore and refine it, ignoring regulations, putting profits above responsibility, and treating consumers as little more than dollar signs. Like the oil boom, little thought is being given to the long-term consequences.”

Sen. Gillibrand rightly calls out the United States for being behind most advanced economies that have national data privacy laws or agencies governing the collection and use of consumer data.



As noted in some media coverage, one important provision not included in the legislative proposal is the creation of a national data privacy law that preempts existing state laws, in effect leaving in place the patchwork quilt of state laws like the newly enacted California Consumer Privacy Act. This approach has been a non-starter amongst big tech companies and many Republican senators, bogging down progress on the issue in Congress for nearly two years.

Companies like Microsoft have led industry calls for a GDPR-like law in the U. S., but Congress has not taken any substantive action to date.

The companies with the most at risk are the data brokers—chiefly Google and Facebook—whose unmitigated access to our data has made them two of the six largest companies in the world by market cap.

As shared previously, from an investor perspective, executives and boards that don’t understand and communicate about new, complex risks lose money for shareholders. Though GDPR has not been the force many predicted (and feared) to date, and a new law in the U. S. could still be years away, data privacy falls into this risk category. But, regulation doesn’t have to be the driver of better governance.

After all, financial markets will reward great management teams who navigate ahead of the regulation curve via higher multiples than their peers receive—and, of course, the reverse is also true.

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website