Introduction

As early as 1969, legal scholars were concerned about the emerging information age and its effect on privacy. Miller's (1969) review of computer privacy is surprisingly accurate in projecting the effect of the then-coming computer and information age on traditional privacy promises. Initially, nonpersonal data did not require protection primarily because it lacked the personal data attributes that would allow easy identification. Moreover, data ownership distinctions are increasingly blurred (Hummel et al., 2020) and are now attributed to confusing data ownership linked to process centricity definitions (Fadler and Legner 2020, p. 673). Fifty-one years later, many of those same privacy concerns discussed in Miller's review are present. However, the volume and complexity of data and information are well beyond Miller's vision, especially since the advent of the “smartphone.”

Though data privacy regulation is widely acknowledged as critical (Jensen, 2013), party-based gridlock and presidential policies in the United States seem to prevent implementing a clear global regulatory privacy framework to address the emerging concerns of data from smartphone and smart device technology (Fefer, 2019). However, the European Union's Global Data Privacy Regulation (GDPR) covers its member states and citizens and covers multinational corporate businesses and cross-border data flows between countries. In addition, other nation-states are building privacy frameworks to address similar global concerns (Hunton Privacy Blog, 2020). The lack of international leadership regarding global concerns by the United States supports Acharya and Buzan's description of the shift from international to domestic-focused priorities (Acharya and Buzan, 2019).

Under President Donald Trump, the US regulatory parameters sought to limit privacy regulation to promote business innovation. However, the limited regulatory guidance includes a legacy of data classifications that seem irrelevant compared to how data is currently used. Piecemeal enforcement has not kept up with innovative ways data is created and utilized. Moreover, increased cross-border flows of data have led to greater privacy risks, but these risks may be considered “trade” and not “conflict” based (Yakovleva and Irion, 2020).

Moreover, single nation-states are not the only actors and stakeholders in the data privacy arena. The new landscape of actors can be represented by what Anne Marie Slaughter (2017) calls a “chessboard and web” structure of vertical and horizontal influences on shared-fate issues.