Lawmakers in Europe and the United States have enacted or are considering duties of data loyalty as a way to supplement or anchor data privacy regimes. For example, the Data Governance Act contemplates loyalty obligations on intermediaries as part of a fiduciary obligation; California and the United Kingdom’s Age Appropriate Design Codes prioritize the “best interests” of children in the design of digital technologies; and the proposed American Data Protection and Privacy Act is anchored by a duty of loyalty requiring robust data minimization and specific loyal data practices. This panel will consider these efforts, their effectiveness, their limits, and their possible future as a complement to established data protection rules. It will address how loyalty is conceptualized and clarified, how loyalty duties are balanced with other obligations, and how they might differ in the E.U. from the United States.
• How should data loyalty be conceptualized?
• What should specific loyalty rules look like?
• How should duties of data loyalty deal with competing values and coexisting loyalty obligations?
• How should data loyalty be situated within larger privacy and data protection frameworks?