Sectoral regulation of privacy and information security in the United States has created a complex system for tech innovation, because new products and services transcend the traditional sectoral boundaries and because regulators view these new products and services as creating substantial new risks in their sectors.

As multiple regulators address tech innovation from their respective sectors, developers of new technology products must confront multiple layers of regulation from different agencies that resemble a “swarm,” and sometimes inconsistent regulation. This article describes how this state of affairs arose and the constraints it imposes today.