Microsoft Deputy General Counsel Calls for US Privacy Law as GDPR Turns 1
Julie Brill, Microsoft's deputy general counsel and top privacy lawyer, reflected on GDPR as its one-year anniversary approaches. She offered suggestions for a U.S. federal privacy law in a blog post Monday.
May 20, 2019 at 03:14 PM
3 minute read
The original version of this story was published on Corporate Counsel
Julie Brill, vice president and deputy general counsel for privacy and regulatory affairs of Microsoft. Courtesy photo.
Microsoft's top privacy lawyer reflected on the global impact of the European Union's General Data Protection Regulation and its lessons for U.S. legislators in a blog post Monday.
The post from Julie Brill, Microsoft's deputy general counsel for global privacy and regulatory affairs, comes as GDPR hits its first anniversary on May 25. Brill said the law “improved how companies handle their customers' personal data” and sparked privacy legislation changes or proposals in Brazil, China, India, Japan, South Korea and Thailand.
Those changes have also come to the U.S., where California became the first state to pass a privacy law and federal legislators are debating nationwide regulation. Brill said the California Consumer Privacy Act, which goes into effect in January 2020, includes “rights inspired by GDPR” and is a good starting point for a federal law that “should go further” in protecting consumer data.
“Now, it's Congress's turn to adopt a new framework that reflects the changing understanding of the right to privacy in the United States and around the world,” Brill said in Monday's post.
A federal U.S. bill could take lessons from GDPR she said, with “rules that give people control over their data and require greater accountability and transparency in how companies use the personal information they collect.”
She suggested federal law require companies assess “the benefits of data processing against potential privacy risks” rather than placing the burden on consumers with an opt-in or opt-out privacy model.
“Strong federal privacy should not only empower consumers to control their data, it also should place accountability obligations on the companies that collect and use sensitive personal information,” Brill said.
That accountability should be backed up with ”strong enforcement provisions” from the Federal Trade Commission, Brill added. She previously served as an FTC commissioner, an experience she said taught her current law doesn't allow the agency to adequately protect privacy.
At the International Association of Privacy Professionals' Global Privacy Summit earlier this month, current FTC chairman Joseph Simons said the agency would also need a resource boost if a federal privacy law were enacted. The FTC now has 40 employees focused on privacy, compared with around 140 at the Irish Data Protection Commission and 500 at the U.K.'s Information Commissioner's Office, which enforce GDPR.
Aligning U.S. and EU privacy law and enforcement strategies could make compliance simpler for global companies, Brill added. In hearings on a U.S. federal privacy law, legislators have raised concerns that compliance could come with a hefty price tag that harms competition.
“For American businesses, interoperability between U.S. law and GDPR will reduce the cost and complexity of compliance by ensuring that companies don't have to build separate systems to meet differing—and even conflicting requirements—for privacy protection in the countries where they do business,” she said.
Read More:
GDPR Regulators, FTC Chairman Talk Privacy Law and Enforcement at IAPP Summit Panels
Microsoft Deputy General Counsel Reflects on GDPR, 1 Year On, With Top EU Regulator
Company Execs Could Face Individual Fines for Privacy Mishaps, FTC Commissioner Tells Congress
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
CEOs Want Data-Based Risk Management; GCs Lack the Tech to Do So.

UnitedLex Fishes 5 New Hires From Big Four Talent Pool


COVID-19, Remote Work and Cybersecurity Threats: 7 Pointers for In-House Counsel
Trending Stories
- 1Florida Law Schools Are Seeing a Bump in Applications for 2025, After Recent Declines at Flagship Schools
- 2Processes, Challenges and Solutions In Lateral Partner Integration
- 3Attorneys 'On the Move': Herrick Bolsters Tech Practice with IP Partner; Cozen O’Connor Adds Member to Its Fund Formation Group
- 4NJ Jury Awards $4.5M After Woman Trips on Carpet
- 5Blake Lively Is Sued by Texas Crisis Specialist in Latest 'It Ends With Us' Lawsuit
Who Got The Work
J. Brugh Lower of Gibbons has entered an appearance for industrial equipment supplier Devco Corporation in a pending trademark infringement lawsuit. The suit, accusing the defendant of selling knock-off Graco products, was filed Dec. 18 in New Jersey District Court by Rivkin Radler on behalf of Graco Inc. and Graco Minnesota. The case, assigned to U.S. District Judge Zahid N. Quraishi, is 3:24-cv-11294, Graco Inc. et al v. Devco Corporation.
Who Got The Work
Rebecca Maller-Stein and Kent A. Yalowitz of Arnold & Porter Kaye Scholer have entered their appearances for Hanaco Venture Capital and its executives, Lior Prosor and David Frankel, in a pending securities lawsuit. The action, filed on Dec. 24 in New York Southern District Court by Zell, Aron & Co. on behalf of Goldeneye Advisors, accuses the defendants of negligently and fraudulently managing the plaintiff's $1 million investment. The case, assigned to U.S. District Judge Vernon S. Broderick, is 1:24-cv-09918, Goldeneye Advisors, LLC v. Hanaco Venture Capital, Ltd. et al.
Who Got The Work
Attorneys from A&O Shearman has stepped in as defense counsel for Toronto-Dominion Bank and other defendants in a pending securities class action. The suit, filed Dec. 11 in New York Southern District Court by Bleichmar Fonti & Auld, accuses the defendants of concealing the bank's 'pervasive' deficiencies in regards to its compliance with the Bank Secrecy Act and the quality of its anti-money laundering controls. The case, assigned to U.S. District Judge Arun Subramanian, is 1:24-cv-09445, Gonzalez v. The Toronto-Dominion Bank et al.
Who Got The Work
Crown Castle International, a Pennsylvania company providing shared communications infrastructure, has turned to Luke D. Wolf of Gordon Rees Scully Mansukhani to fend off a pending breach-of-contract lawsuit. The court action, filed Nov. 25 in Michigan Eastern District Court by Hooper Hathaway PC on behalf of The Town Residences LLC, accuses Crown Castle of failing to transfer approximately $30,000 in utility payments from T-Mobile in breach of a roof-top lease and assignment agreement. The case, assigned to U.S. District Judge Susan K. Declercq, is 2:24-cv-13131, The Town Residences LLC v. T-Mobile US, Inc. et al.
Who Got The Work
Wilfred P. Coronato and Daniel M. Schwartz of McCarter & English have stepped in as defense counsel to Electrolux Home Products Inc. in a pending product liability lawsuit. The court action, filed Nov. 26 in New York Eastern District Court by Poulos Lopiccolo PC and Nagel Rice LLP on behalf of David Stern, alleges that the defendant's refrigerators’ drawers and shelving repeatedly break and fall apart within months after purchase. The case, assigned to U.S. District Judge Joan M. Azrack, is 2:24-cv-08204, Stern v. Electrolux Home Products, Inc.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250