The governance of personal data held by public agencies has occupied a contested space in American policy for decades. Since the passage of the Privacy Act of 1974, limiting governmental collection, consolidation, and redistribution of administrative data has been treated as a broadly bipartisan imperative. Yet that foundational consensus has been under sustained pressure. Over the past year in particular, the federal government has moved to expand access to and inter-agency sharing of administrative data in ways that depart sharply from long-standing norms — actions that have generated significant legal challenges, state-level resistance, and widespread public concern.
It is within this context that the Center for Democracy & Technology (CDT) released Common Concern: Americans Worried About Personal Data Held by Public Agencies and Want Government Accountability in March 2026. Drawing on nationally representative polling of U.S. adults, the report offers one of the more systematic recent attempts to map public sentiment on government data practices. For researchers and policy analysts, the findings warrant careful attention: they reveal not only elevated and broadly distributed concern, but a set of attitudinal patterns with meaningful implications for how privacy legislation, administrative data governance, and enforcement mechanisms are designed and communicated to the public.
This analysis unpacks the report’s core findings across five thematic domains, situates them within existing scholarly and policy frameworks, and identifies areas of particular salience for academic inquiry.
The Scope and Consistency of Public Concern
The report’s headline finding is not a narrow or partisan anxiety — it is a near-universal one. An overwhelming majority of U.S. adults express concern about the privacy and security of their personal data as held by government agencies. What is analytically notable here is the breadth rather than the intensity alone. Concern is described as both high and consistent across demographic and political subgroups, suggesting that this is not a phenomenon driven primarily by ideological predisposition or proximity to particular enforcement regimes.
For scholars working in the tradition of public opinion research on privacy — including those drawing on frameworks like the “privacy paradox” or contextual integrity theory — this finding raises productive questions. Prior literature has often observed a gap between stated privacy concern and behavioral accommodation of data collection (Acquisti & Grossklags, 2005; Nissenbaum, 2010). The CDT polling data, however, appears to capture something qualitatively different: concern directed specifically at state actors rather than commercial entities, and situated within a moment of heightened visibility around federal data practices. Whether this elevated concern translates into policy demand or political behavior remains an important open empirical question.
Perceived Real-World Harms: From Abstract Concern to Anticipated Consequence
A finding of particular policy relevance is that respondents do not frame their concern in merely abstract or theoretical terms. The CDT report documents that Americans anticipate concrete, material consequences from government misuse of their data — most prominently, heightened surveillance and the chilling of access to public benefits to which they are legally entitled.
The “chilling effect” concept has a well-established history in First Amendment jurisprudence and in empirical communication research (Penney, 2016), but its application to benefit access is less thoroughly examined in the quantitative privacy literature. If individuals modify their behavior — declining to seek public assistance, avoiding interactions with government services, underreporting household information — in anticipation of how that data might be used or shared, the downstream implications extend well beyond privacy itself. They implicate equity in access to welfare systems, the accuracy of administrative records, and the integrity of public health and social policy data infrastructures.
Researchers in the fields of social policy, administrative burden theory (Herd & Moynihan, 2019), and critical data studies will find this dimension of the findings particularly generative. It connects surveillance anxiety not only to civil liberties concerns but to measurable outcomes in program participation and governmental trust.
Legal Awareness and the Knowledge Gap
The CDT findings reveal a significant and underappreciated gap: while Americans broadly agree that privacy laws and policies are important, they report limited familiarity with their specific legal rights under existing frameworks. This disconnect — between valuing legal protection and understanding what that protection entails — has meaningful implications for both policy design and public administration research.
From a normative standpoint, the value of privacy rights is substantially diminished if those rights cannot be exercised, whether due to lack of awareness, procedural complexity, or inaccessibility of redress mechanisms. This finding reinforces arguments advanced by scholars of administrative law and legal mobilization who emphasize that rights on paper often differ from rights in practice (Epp, 1998; Kagan, 2001). It also raises questions about the effectiveness of existing notice-and-consent frameworks, which tend to assume a baseline of legal literacy that this polling data suggests is not present.
For researchers in legal communication, civic education, and information policy, there is an implied research agenda here: what modes of public communication about privacy rights are most effective at closing this gap, and which institutional actors — federal agencies, state governments, civil society organizations, public libraries — are best positioned to deliver that communication?
Differential Concern by Data Type and Use Case
The report disaggregates public concern by both the type of data held by government and the purposes for which it is shared. Two use cases emerge as particularly salient sources of worry: law enforcement and immigration enforcement. These findings align with and extend a growing body of scholarship on the racialization of data governance and the differential exposure of communities of color to state surveillance infrastructure.
Communities of color, the report notes, express higher levels of concern about data sharing with law and immigration enforcement agencies than their white counterparts. This is consistent with empirical research documenting disproportionate surveillance of Black, Latino, and immigrant communities through predictive policing systems, fusion centers, and information-sharing agreements between federal immigration authorities and local law enforcement (Brayne, 2020; Eubanks, 2018). What the CDT polling adds is a systematic attitudinal baseline: these communities are not simply subject to different data practices, they are aware of and concerned about those practices at meaningfully higher rates.
The implication for researchers is twofold. First, aggregate measures of public concern about government data may systematically underestimate concern within the populations most directly affected by enforcement-oriented data sharing. Second, the design of privacy protections that treat all data uses as equivalent — regardless of whether they implicate immigration enforcement, public health research, or tax administration — may fail to address the most acute sources of public anxiety.
Age as a Dimension of Concern
The report identifies older Americans as consistently more concerned about the privacy and security of personal data collected and stored by government agencies than younger cohorts. This finding is somewhat counterintuitive relative to stereotyped assumptions about “digital natives” being more privacy-conscious, and it merits careful interpretation.
Several explanatory frameworks are plausible. Older individuals may have accumulated more extensive administrative records across federal and state agencies over longer lifespans, creating greater perceived exposure. They are also more likely to be enrolled in programs — Medicare, Social Security, veterans’ benefits — that involve intensive data collection and that have faced scrutiny regarding data access and interagency sharing in the current policy environment. Additionally, cohort-level differences in institutional trust may play a role: individuals who came of age during earlier periods of documented government overreach (COINTELPRO, IRS targeting controversies, post-9/11 surveillance expansion) may apply a more skeptical prior to government data stewardship claims.
For researchers in aging and public policy, gerontology, and political socialization, this age gradient represents an underexamined dimension of the privacy concern literature. It also has practical implications for public communication strategies: if older Americans are the most concerned constituency, they may also be the most politically mobilizable around data protection legislation — a consideration relevant to the political economy of privacy reform.
Partisan Structure of Concern and Demands for Accountability
One of the more analytically significant findings in the report is that concern and demands for governmental accountability are high across political affiliation. The bipartisan character of concern about government data practices has long been a feature of the policy landscape — the Privacy Act of 1974, for instance, was passed with broad cross-party support — but it has sometimes been obscured by partisan polarization in adjacent debates.
The CDT data, however, do reveal an asymmetry: Democrats report higher levels of concern specifically on questions related to sharing data without consent. This is consistent with what one might expect given the current political context, in which expanded federal data access has been associated with the current administration. Researchers should be cautious, however, about reading this as purely partisan sentiment. The underlying structural concern — that government agencies should not share personal data without adequate consent mechanisms or legal authorization — is framed in the report as broadly shared, even if its salience is currently higher among Democrats.
For scholars of American public opinion, legislative politics, and regulatory policy, the persistence of cross-partisan concern about government data despite a highly polarized political environment is itself a finding worth theorizing. It suggests the existence of what might be called a latent privacy consensus — one that has historically been capable of generating durable legislative coalitions but that may currently be suppressed by partisan sorting on adjacent issues.
Accountability as a Public Expectation
Perhaps the most actionable finding in the CDT report for policy researchers is the consistent public demand for governmental accountability in data stewardship. Americans do not merely want stronger privacy protections in the abstract; they expect government agencies to be held to account for how they collect, store, use, and share personal information.
This finding intersects with a substantial literature on administrative accountability, transparency, and the legitimacy of government institutions (Bovens, 2007; Mashaw, 2006). It also resonates with arguments advanced by scholars of algorithmic accountability and automated decision-making, who have argued that meaningful accountability requires not only legal frameworks but institutional mechanisms — audit rights, redress procedures, independent oversight — capable of making those frameworks operational (Diakopoulos, 2016; Wachter et al., 2017).
The gap between public expectation and current institutional capacity for accountability in federal data governance is, on the evidence of this report, considerable. This gap represents both a policy design problem and a research opportunity — particularly for scholars working at the intersection of administrative law, information policy, and democratic theory.
Implications for Research and Policy Design
The CDT Common Concern polling report offers researchers a rich empirical baseline at a critical moment in the governance of public-sector data. Several implications stand out for academic and policy audiences:
For empirical researchers, the report underscores the need for longitudinal tracking of public attitudes toward government data practices, disaggregated by community, data type, and institutional context. Cross-sectional polling captures a moment; understanding whether current concern is a durable attitudinal shift or a response to specific political events requires repeated measurement over time.
For policy designers, the knowledge gap finding — strong support for privacy law combined with limited familiarity with existing legal rights — points to a need for accessible, proactive public communication about privacy rights, not merely reactive notice-and-consent mechanisms.
For scholars of equity and surveillance, the differential concern among communities of color and the specific salience of law and immigration enforcement data sharing demand sustained attention. Privacy scholarship that treats all populations as equivalently situated before government data systems will systematically miss the most consequential dynamics.
For political scientists and legislative scholars, the bipartisan structure of concern, combined with the partisan asymmetry on consent, suggests that data privacy may represent one of the few remaining domains in which cross-partisan coalition-building for structural legislative reform remains plausible — a hypothesis worth testing as the current policy environment evolves.
The broader significance of the CDT findings lies in what they reveal about the relationship between institutional trust and data governance. When a substantial majority of Americans — across age, race, and political affiliation — express concern about how the government handles their personal data and demand accountability in return, they are articulating something more than a preference. They are expressing a set of legitimacy expectations about the terms on which the state may claim access to information about their lives. Meeting those expectations, or failing to, is likely to have consequences not only for privacy policy narrowly construed, but for the legitimacy of public institutions more broadly.
