In Chapter 2, “Defining Data Rights and the Role of the Individual,” Kaitlin Asrow, Senior Fintech Policy Advisor at the Federal Reserve Bank of San Francisco, interrogates the core principle of “data privacy” and an evolution to “data protection” and ultimately to “data rights.” Data privacy, once just a term to describe keeping personal data private, has grown to encompass bigger concepts, such as “data protection” under the European Union’s General Data Protection Regulation and “data empowerment” in India under its Data Empowerment and Protection Architecture. In this chapter, Asrow argues that a baseline of consumer “data protection” and “data rights” can help to effectively manage a data-based economy, including structures such as Open Banking. She analyzes the challenges of current US data regimes under the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, Section 1033 of the Dodd-Frank Act, and the California Data Privacy Act, and proposes a path toward modernizing our data governance frameworks, with a particular focus on the role of the consumer.