The Cost of Fragmentation: Why the United States Needs a Federal Baseline for Data Privacy A Law and Public Policy Working Paper

This paper examines how fragmented state-level data privacy regimes in the United States shape corporate data practices and reinforce structural power asymmetries between technology firms and consumers. Through comparative analysis of state privacy statutes and enforcement outcomes, including the California Consumer Privacy Act and states that lack affirmative consumer rights, the paper argues that regulatory nonuniformity operates as a governance mechanism that enables data brokerage, consent manipulation, and unequal exposure to surveillance harms. The analysis situates United States privacy regulation within broader debates on federalism, institutional capacity, and accountability in the digital economy. It concludes that a federal baseline privacy framework, enforced by an independent regulatory agency under the Commerce Clause, is necessary to ensure consistent consumer protections and to restore public trust in data governance.