Authors: Bethanne Barnes, Maya A. Bernstein, Amy O’Hara, Beth Jarosz
Standard Deviations blog posts represent the views of the author/organization, but not necessarily those of The Census Project.
At the Association of Public Data Users (APDU), we noticed a recurring theme during our events in 2025: members were expressing increasing concern about data privacy, confidentiality, and security.
These concerns have important implications for data collection efforts, including the decennial census and American Community Survey (ACS).. If people don’t trust that their information will be safe, they may opt out of participating. Research conducted by the Census Bureau in 2019 showed that privacy concerns are a barrier to participation in the census. One quarter of respondents expressed concern about the privacy and confidentiality of their responses. And that was before the recent flood of evidence that there are new privacy, confidentiality, and security concerns with the handling of government data.
More recent polling from the Center for Democracy and Technology (CDT) suggests that concerns about data privacy are now widespread. More than 80 percent of people across the United States say that having legal protections for the sensitive information government agencies collect and store is important.
CDT’s analysis also shows clearly that these concerns span the political spectrum. There’s broad, bipartisan interest in protecting people’s information from threats including security breaches and government misuse. But the study also finds that less than half of Americans know their legal rights.
And it’s not just the public that has knowledge gaps.
At APDU, as we’ve embarked on providing technical assistance to litigators, legislators, journalists, advocates, and privacy technologists, our team noticed information gaps among different groups working on data privacy. Tech folks talk to tech folks. Policymakers talk to policymakers. The situation is like having a room of people who are blindfolded, touching an elephant—privacy technology experts understand one piece of the puzzle, policymakers understand another, advocates a third, data users a fourth, litigators a fifth. And there is limited communication and knowledge-sharing across groups.
In addition to information silos, we also found some… not quite accurate information out there. The widespread confusion is, perhaps, not surprising. There is no single, comprehensive law in the U.S. Instead, privacy law is a patchwork of dozens of separate federal laws, along with an even greater number of state laws and complicated issues around Tribal data sovereignty.
So, with support from the Annie E. Casey Foundation, we brought together a team of experts to help fill knowledge gaps and raise awareness so we can all work together more effectively to strengthen data privacy protections.
Although there is no unifying privacy law in the U.S., the Privacy Act of 1974 is foundational.
The Privacy Act of 1974 provides guardrails for when and how personal data is handled and shared by federal agencies. However, the rules—and the gaps or shortcomings in those rules—are widely misunderstood and are being exploited or twisted to treat individuals unfairly. We created a set of resources to help policymakers, researchers, advocates, and the public better understand the mechanics of the Privacy Act, the rights it conveys, and the obligations it imposes on federal agencies to collect, manage, and disclose personal information responsibly. The reports and briefs are accompanied by recorded trainings on data privacy.
You can use the reports and recordings to learn how to effectively assert your rights, address vulnerabilities, and hold the government accountable for treating everyone fairly.
