The latest attempt to create the first comprehensive national data privacy law in the United States is causing typical Washington nonsense. But from the confusion in Congress and elsewhere in the US, we are finally seeing progress in defending Americans from the rampant intelligence-gathering economy.
What is emerging is a growing consensus and a body of (imperfect) laws that give people real control and companies more responsibility to tame the near-limitless collection of our data. Given all the bickering, cheesy lobbying tactics, and standoffs, it might not seem like winning up close. But this is.
Let me zoom in on the big picture of US tech companies like Facebook and Google, mostly unknown data brokers and even the local supermarket harvest any piece of data about us that might help their business.
We benefit from this system in a few ways, including when companies find customers more efficiently through targeted ads. But the existence of so much information about practically everyone, with few restrictions on its use, creates conditions for abuse. It also contributes to the public’s distrust of technology and technology companies. Even some companies that benefited from unrestricted data collection now say the system needs reform.
Smarter policies and enforcement are part of the answer, but there are no quick fixes – and there will be downsides. Some consumer privacy advocates have said for years that Americans need a federal data privacy law that protects them no matter where they live. Members of Congress have discussed, but failed to pass, such a law in recent years.
The strange thing now is that big companies, policymakers from both parties and privacy advocates seem to agree that a national privacy law is welcome. Their motivations and visions for such a law, however, are different. This is where it gets frustrating.
A consortium that includes corporate and commercial technology groups recently launched a marketing campaign calling for a federal privacy law — but only under very specific conditions, to minimize disruption to their business.
They want to ensure that any federal law overrides stronger state privacy laws, so companies can follow one guideline instead of dozens of potentially conflicting ones. Businesses can also expect a law passed by Congress to be less disruptive to them than anything the Federal Trade Commission, which now has a Democratic majority, implements.
This is one of those legislative tugs of war that is inappropriate to watch from the outside and infuriates longtime consumer privacy advocates. Evan Greer, director of digital rights group Fight for the Future, told me he sees what corporate lobbyists are supporting as “watered down, industry-friendly laws that offer privacy in name only.”
Behind the dirt, however, is emerging agreement on many essential elements of a federal privacy law. Even the biggest points of contention — whether a federal law should replace stronger state laws and whether individuals can sue for privacy violations — now appear to have a viable middle ground. One possibility is that federal law will override any future state laws, but not existing ones. And people may have the right to sue for violations of privacy in limited circumstances, including repeated violations.
Laws are not a panacea for our digital privacy mess. Even smart public policies produce unwanted tradeoffs, and sometimes poorly designed or improperly enforced laws make matters worse. Sometimes new laws can seem useless.
Most people’s experience with Europe’s comprehensive 2018 digital privacy regulation, the General Data Protection Regulation or GDPR, is annoying pop-up warnings about data tracking cookies. The first of California’s two digital privacy provisions in theory gives people control over how their data is used, but in practice it often involves filling out costly forms. And recent data privacy laws in Virginia and Utah mostly gave industry groups what they wanted.
Any such progress in protecting our data? Like, yes!
Some privacy advocates might disagree, but even imperfect laws and a shift in mindset among the public and policymakers are profound changes. They show that the standards of the US data collection system are breaking down and more responsibilities are being transferred to data collection companies, not individuals, to preserve our rights.
“Progress looks like not quite perfect laws; there is no such thing. It seems like fits and starts,” Gennie Gebhart, director of activism at the Electronic Frontier Foundation, a privacy advocacy group, told me.
I don’t know if there will ever be a federal privacy law. Deadlock rules, and such regulation is complicated. But behind the lobbying and indecision, the terms of the data privacy debate have changed.
Before we go …
Heck in cryptocurrencies: The prices of Bitcoin and other cryptocurrencies have been steadily falling, which my colleague David Yaffe-Bellany said shows that cryptocurrencies are increasingly resembling risky tech stocks.
Additionally, the TerraUSD virtual currency should be worth $1 each, and it has dropped far below that level. Here’s why this matters, from my colleagues at DealBook.
The local florist now delivers to Amazon: To speed up deliveries in rural U.S. areas, Amazon has been experimenting with paying small businesses a few dollars a package to deliver orders to nearby homes, Recode reported.
Instagram believed that a new parent was interested in “disability” and “fear”. A Washington Post columnist explores why disturbing images disrupted her newborn’s Instagram feed and advocates for a way to reset social media algorithms when they don’t work for us. (Subscription may be required.)
hugs for that
Pupppppy coming straight to your face!
We want to hear from you. Tell us what you think of this newsletter and what else you’d like us to explore. You can reach us at [email protected] with.
If you have not yet received this newsletter in your inbox, please register here. You can also read previous columns in technology.