Every day, companies everywhere collect tons of data about us, like where we go, what we search, and even banking information and Social Security numbers, yet many people don't understand how much of their information is being stored or how it can affect them.
of people say they're worried about how companies use their personal data
โ Pew Research Center, 2023
This matters because the data companies collect can affect our privacy, safety, and even influence the way we are shown information and make decisions. When data is leaked, it can lead to identity theft and fradulent activity. The worst part is that most adults are unsure of how they can protect their personal information online.
When the internet was new, websites were mostly informational. Companies soon learned they could make money by selling advertising based on what users do online. The first ad appeared on October 27, 1994, on HotWired.com, sponsored by AT&T. The banner was a way to pay for the โfreeโ content that was on the website. As technology improved over time, companies began using data to target ads so they would be more relevant and more profitable. Over time, this changed the internet into a system where people no longer just use the product. Their data was turned into a type of currency that keeps the online economy running.
When smartphones became super common in the late 2000s, companies could get constant access to more sensitive user data. Most phones track and save location data, app usage, search history, and how long people spend on different screens. Many apps also request permissions to use your camera, microphone, location, and contact lists. Because of these permissions and how much info people store on their phones, companies were able to store a lot more information on people compared to their other devices.
The United States lacks a single national privacy law that covers all personal information, despite the fact that businesses are gathering a lot of data. The current privacy laws, as of 2026, are a mix of federal and state laws that only work for certain industries such as healthcare or finance. This is a result of large technology and advertising companies. Every year, they spend millions of dollars on lobbying to stop strict regulations that would heavily restrict their data collection abilities. There are also lots of political disagreements, with some saying that strong privacy laws could slow innovation or hurt business growth, making agreement between all fifty states hard. While some states, like California, have enacted their own privacy laws, there is no large federal law. Meanwhile, the EU (European Union) considers data protection to be a fundamental right and, therefore, has much stricter regulations in all its countries.
โ Recast, 2023
Many people mislabel this as "annoying ads" or popups. However, the risks are way bigger than just ads. When personal data about you is stored across apps, social media, and online software, it can create super serious risks. All companies collect information on you, like your email, phone number, location, broswing habits, and behavior. Some even collect your banking details, Social Security number, and other sensitive information. When this data is leaked or stolen by others, it causes people to lose their money or even identities.
identity theft reports received by IdentityTheft.gov in 2024
โ Federal Trade Commission
Data collection is also detrimental to society. When companies are excessively tracking what we click, watch and react to, algorightms learn how to keep people engaged and what content to push. This can lead to information bubbles that keep us within our beliefs, leading to more disagreements. Over time, it can increase division between each other and make it hard to trust online content.
The Federal Trade Commission has warned that large social media and streaming companies engage in extensive data surveillance that can harm users and expose them to risks beyond just privacy loss, including manipulation and targeting.
โ Federal Trade Commission
This problem grows every year because there are more devices and more data. Smart TVs, watches, speakers, cars, and even school tools can collect data. Without proper legislation or regulation, companies can use this data for virtually anything without harsh consequences.
There have been countless solutions over the years to deal with data privacy. We came up with some more possibilities, but some are more plausible than others.
Our first idea was to require apps and websites to ask users before they actually start collecting their personal data. That way it's not automatic and users are involved in the process. However, we soon realized that this would not be effective. Many people mindlessly click through popups to get to the app or website they want to use. It would also take a lot of enforcement because companies could design the screens in a way that push users toward agreeing. Each one would have to be checked, and that would cost a lot of money.
Another idea we had was to require companies to use simple language in their privacy policies and data practices instead of using long legal documents and complicated wording. Because of the length of the documents, many people don't actually read them. Making them easier to understand would let users know what they are actually agreeing to and encourage transparency in companies. However, this doesn't actually fix the data collection problem -- it just presents it in a different way. With that in mind, people might still have to use services that collect a ton of data, even if they understand what information the company is collecting.
Some experts say that companies shouldn't be allowed to store data forever. If companies purge data every so often, it is less likely to be stolen in future data breaches or hacks. It also prevents tracking people long-term. This solution isn't very effective, though, because many companies rely on this data to personalize content over time. It would also not be cost-effective because there would need to be strong oversight constantly.
Right now, penalties for companies that break laws are very small and don't affect most companies. If companies risk losing a lot of money, they might be more careful about their data collection and following the rules. However, this could negatively affect smaller companies and legal cases can drag on for years, weakening how effective fines would actually be.
We also thought of educating people on the issue. When people understand how data sharing works, they are more likely to change their settings and avoid risky apps. This can be very beneficial for those who aren't very familiar with technology and make them less vulnerable. However, this solution also doesn't fix the root problem, and careful users can still be affected by data breaches. It would also cost a lot to maintain this program long-term.
After we went over the other possible solutions, we determined that the best way to protect users' privacy long-term is through a national privacy law. This law would affect all companies and all personal information within the U.S. Right now, rules are scattered across different laws and states, leading to confusion.
A strong federal privacy law would create basic rules that apply everywhere, not just in certain states or industries.
This new law would need strong enforcement to force companies to follow the rules.
Instead of relying on taxpayer money, fines from companies that violate the law would pay for enforcement. This keeps companies accountable and helps fund the systems needed to monitor them, rather than putting all the cost on the public.
Passing and fully implementing a privacy law would take several years. Congress would first need to pass the legislation. Then companies would need time to update their systems, rewrite policies, and change how they collect and store data. Realistically, a phased rollout with a hard time limit would give businesses time to adjust while still complying.
There is already a lot of public support. Surveys show that most Americans think companies store too much of their information and want the government to do more about it. Because of the shared opinion, people could put pressure on lawmakers, especially as data breaches and scams keep making the news. On the other hand, some companies would resist the law because it would stop some of the ways they make a profit. However, similar rules already exist in places like the European Union, showing that companies can still exist and make money while following privacy laws.
While it may not seem like a top priority right now, companies continuously collect data on everyone. When companies store information from billions of people, they become a target for hackers and cybercriminals. All it takes is one major data breach and your life can change completelyโusually for the worst.
I (Bryce) built this site from scratch using HTML5 for structure, modern CSS3 for styling (flexbox/grid/animations), and JavaScript for the single-page logic. I used my custom domain bryyce.win and added a subdomain to host this website (pupo.bryyce.win). The page itself is hosted on Cloudflare Pages for free. The code is hosted on GitHub. Our idea was a mix between a news site and report, with neutral colors and classy text. This was good practice for me.
Total Development Time: 7 Hours