In the US, the technology industry is bifurcated: On one side, the companies with the business model of surveilling their users and packaging that personal information to sell and deliver advertising; on the other side, the companies that sell services to the advertising-dependent companies.
For years, the advertising-dependent companies have had their way with the personal information of their users. But that began to change earlier this year with two significant privacy regulations:
- In May, the European Union (EU) began enforcing its Genera Data Protection Regulation (GDPR)
- In June, California passed the California Consumer Privacy Act (CCPA)
The EU’s GDPR grants control of personal information to the individual about whom the information is collected. It applies not just to entities geographically located within the EU member states but to any entity — regardless of geographic location — that processes personal information of people within the EU.
The CCPA — the strongest privacy protection law in the US — doesn’t go nearly as far as the EU’s GDPR, and doesn’t go into effect until January 2020 — but provides four individual information rights:
- The right to know what personal information is being collected, the source of the information, the purpose(s) for which the information is being used, whether it is being sold or disclosed, and to whom it is being sold or disclosed
- The right to opt-out of allowing the sale of personal information to third parties (opt-in for those under the age of 16)
- The right to demand that any personal information be deleted (with some exceptions: Transaction completion, security incident detection, error debugging, free speech, compliance with the California Electronic Communications Privacy Act, research with informed consent, reasonable internal uses, or legal obligation)
- The right to be informed if their data has been stolen in a security breach (and to recover actual monetary damages, any other relief deemed proper by the court, or an amount between US$100 — US$750, whichever is greater, per incident)
Cecillia Kang writing for the New York Times reports that the US tech industry — after being roundly pummeled by nearly everyone for its collective lack of concern about individual privacy and information rights — is “going on the offensive.” Kang reports that “… Facebook, Google, IBM, Microsoft, and others have aggressively lobbied officials in the Trump administration and elsewhere to start outlining a federal privacy law.…” The effort, led by the Information Technology Industry Council (ITI), is focused on replacing the CCPA — before it can spread to other states — with a neutered privacy policy that leaves their user surveillance business models intact.
Kang cites unnamed sources who told her that at an ITI board meeting in May, “… it became clear that Facebook and Google had softened their resistance to a federal privacy law, as long as they were deeply involved in writing the rules.” Chris Padilla, IBM’s vice president for government and regulatory affairs told Kang, “There has been a complete shift on privacy. There is now broad recognition that companies that were resistant to privacy rules can no longer just say no.” Citing an unsourced Google statement, Kang indicates that Google’s position is potentially much more ominous, if more oblique: “There are renewed efforts to define the privacy legislative frameworks of the future, and we look forward to working with policymakers around the world to move the process forward.”
According to Kang, the US Chamber of Commerce, the ITI, and the Internet Association are advocating “voluntary standards instead of legal mandates that carry steep penalties for violations. In exchange for volunteering to follow certain guidelines on what kind of information they collect and share about users, the groups said, they would insist that the federal statute nullify California’s rules.”
The ITI and its members will almost certainly face fierce opposition; the mood of the US citizenry is increasingly unfavorable to big tech in general, and specifically to big tech’s failure to recognize individual privacy and information rights. Kang cites Ernesto Falcon, legislative counsel for the Electronic Frontier Foundation (EFF), as saying, “It’s clear that the strategy here is to neuter California for something much weaker on the federal level. The companies are afraid of California because it sets the bar for other states.”
Jim Steyer, president of Common Sense Media told Kang, “the idea that the companies that violated our privacy for more than a decade will suddenly have a self-regulatory blueprint is ridiculous.”
For its part, the Trump administration has clearly telegraphed it’s sympathy and support for big tech. In a 27 July 2018 speech to the Internet Governance Forum USA (IGF-USA), Assistant Secretary of Commerce for Communications and Information David Redl, didn’t even use a dog whistle:
“The Administration’s commitment to prosperity will be our guide as we tackle the issue of consumer data privacy. NTIA [National Telecommunications and Information Administration], in coordination with our Commerce Department colleagues in the International Trade Administration and the National Institute of Standards and Technology, recently began holding stakeholder meetings to identify common ground and formulate core, high-level principles on data privacy.
.…
“We also know that
industry is looking to the Administration to demonstrate leadership on this issue — they’re rightfully concerned about the potential for a fractured and stifling regulatory landscape. We will be looking to strike a balance between prosperity and privacy that is in line with American values — and we’re listening to a broad cross-section of stakeholders to find that balance. We want to learn how various sectors are coping with the uncertainties surrounding this topic.”
Authoritative, canonical source: Tech industry supports US federal privacy legislation, so long as it gets to write it.
Copyright © 2019 ARTS & FARCES. All rights reserved. | ISSN: 1535-8119 | OCLC: 48219498
Your use of this syndication feed is subject to the ARTS & FARCES LLC syndication policy.
