It ought to be clear by now that we need a form of GDPR in the United States. We might need something stronger.