General Data Protection Regulation (GDPR) is considered to be the greatest change in the EU privacy laws 2018. GDPR has a direct impact on US companies those are dealing with EU citizens. Still, there are many areas in this regulation which are yet to be realized.
The GDPR has a very powerful indirect impact on the companies and consumers in shape of privacy notices and cookie policies on their favourite websites. The US think tanks are considering to take serious actions for not to face disadvantages in the long run.
There is a view that if the United States do not make its own privacy and security policy other countries might use GDPR and EU privacy laws as a standard.
There are several different laws covering the data protection and privacy in the US but the companies are willing to form a uniform law. There is HIPPAA for health data, COPPA for children online privacy and many more.
There is an intense need for a federal privacy law and it is expected to happen soon. Even if it is not there at the federal level the state department might fill the gap. There are some primary IT related issues that have to be considered.