Document Type


Publication Title

Stanford Law Review

Publication Date



While core principles for the fair treatment of personal information are common to democracies, privacy rights vary considerably across national borders. This article explores the divergences in approach and substance of data privacy between Europe and the United States. It argues that the specific privacy rules adopted in a country have a governance function. The article shows that national differences support two distinct political choices for the roles in democratic society assigned to the state, the market and the individual: either liberal, market-based governance or socially-protective, rights-based governance. These structural divergences make international cooperation imperative for effective data protection in cyberspace. The article postulates that harmonization of the specific rules for the treatment of personal information will be harmful for the political balance adopted in any country and offers, instead, a conceptual framework for coregulation of information privacy that can avoid confrontations over governance choices. The theory articulates roles for institutional players, technical codes, stakeholder summits and eventually a treaty-level “General Agreement on Information Privacy” to develop mutually acceptable implementations of the universally accepted core principles. The article concludes with a taxonomy of strategies and partners to develop international cooperation and achieve a high level of protection for personal information in international data transfers.

Included in

Internet Law Commons