States argue over how our data is tracked and sold online, as Congress stalls: NPR

California and Virginia are the only two states to have data privacy laws. Today, more than 20 proposals in states across the country are being debated, just as Congress dithers on the issue of data tracking.

Damien Dovarganes / AP

hide caption

toggle legend

Damien Dovarganes / AP

California and Virginia are the only two states to have data privacy laws. Today, more than 20 proposals in states across the country are being debated, just as Congress dithers on the issue of data tracking.

Damien Dovarganes / AP

With Congress at a standstill on federal legislation to regulate how personal data is tracked and sold online, the fight for the future of data privacy has shifted to state capitals.

Only two states, California and Virginia, have laws to give people more control over how tech companies exploit personal data and online behavior, each providing very different protections for users.

California law gives people the right to tell companies to stop tracking them and delete data already collected and, in some cases, even sue companies for data breach. Privacy advocates see it as a powerful shield for consumers.

the law in Virginia gives people new control over how their personal information is collected online, but privacy advocates say it contains many exceptions and exceptions that will give tech companies a free pass and no will not give consumers the right to sue. It happened with the support of Silicon Valley.

Now these interests compete to decide which vision will prevail in the rest of the country.

Last year, the States introduced over 20 data privacy measures, according to the International Association of Privacy Professionals, which followed state bills.

A review by The markup, a technological publication, find the vast majority of the state proposals – 14 – were based on the Virginia framework that was pushed by Big Tech.

The industry is hoping that by winning state-level battles it can set a friendly precedent for a federal privacy bill, which could trump any state law.

“The industry gets 50 attempts to get what it wants. And she has the resources, the knowledge and the access to try to promote lower bills in each of those states, ”said Ashkan Soltani, the former chief technologist for the Federal Trade Commission who helped draft the law. Californian. “The ultimate goal is to try to weaken a national standard.”

Virginia Democratic delegate Cliff Hayes, who sponsored the state’s data privacy law, dismissed criticism that the measure offers poor protection for consumers.

“In the absence of federal legislation on this matter, we believe that Virginians should have the right to know what is being collected about them, have the right to delete this data, correct this data and choose if they want. whether or not to sell their personally identifiable information, ”Hayes mentioned.

Some members of Congress said privacy legislation is a priority this year. But until Washington acts, a mishmash of proposals to regulate data tracking emerges from state to state.

“Businesses are free to collect and sell personal information about all of us,” Soltani said. “We have protections in almost every other aspect of our life, whether it’s health information or banking information. For online business, there is this huge gap. ”

Connecticut Tries To Solve “Data Privacy Crisis”

Connecticut’s data privacy fight opens a window to how the debate is unfolding across the country.

Connecticut Senate Majority Leader Bob Duff, a Democrat, was frustrated that Congress was dragging its feet on the issue.

Without any data protection, Duff said the country was in the throes of a “data privacy crisis.”

“And this is known to every American who owns a phone, laptop, tablet, or any kind of device, where all of a sudden they mention something, the next thing you know, there’s an advertisement for it.” , said Duff.

He presented a bill last year, that would allow Connecticut residents to opt out of data collection and sue tech companies if follow-up continues.

Duff recalls a busy hearing for Bill. But he did not see any concerned citizens. Instead, he spotted seat after seat lobbyists paid by Facebook, Google and other tech companies.

“Lobbyists make people fear God even by saying something like ‘this bill would harm data collection in a public health emergency’ which is far from true, and it is in fact inaccurate, ”Duff said.

His bill ultimately failed.

The industry’s leading trading group, the Internet Association, told Duff in a letter that the bill was “a matter of great concern.”

Having the right to sue, the group wrote, would be a payday for litigators and would not help consumers protect their data.

Now, Duff has reintroduced the bill – without the right to sue tech companies – with some similarities to the new Virginia law, but he said he plans to strengthen the provisions to favor consumers before its final passage.

Otherwise, he said, “it will really only be lipstick on a pig from the point of view of the fact that this is an industry drafted bill that has the confidentiality of given in the title, but other than that it doesn’t do anything. ”

“I’d rather not do an invoice than Virginia’s invoice,” he added.

Records show that the Big Five tech companies have at least 14 lobbyists registered in Connecticut alone, having spent hundreds of thousands of dollars lobbying in the state in recent years.

Several lobbyists and corporate spokespersons declined to be interviewed for this story.

Data privacy regulations, and a host of other issues, have become something Silicon Valley now sees as inevitable, with companies like Facebook running ads saying the company welcomes the new laws.

Soltani views this messaging effort with skepticism.

“They don’t do it out of the goodness of their hearts,” he said. “Much like a Taekwondo move, they want to capture that momentum and then direct it to something that benefits them.”

But Cathy Gellis, a San Francisco-area lawyer specializing in technology policy, said some of the industry’s concerns are valid: If each state creates its own set of rules to follow, it would be a nightmare for businesses. .

“You don’t want the internet to become a ‘you can’t get there from here’ type place, and with local regulations, that’s what we’re risking,” Gellis said.

She said regulations aimed at one thing can create unintended consequences elsewhere for things like e-commerce, speech and innovation.

“It creates a compliance problem for internet platforms and affects their ability to host users’ speech, monetize it and run their businesses and all kinds of stuff,” she said. “This is a national economy. This is interstate commerce. It will not work well when all of a sudden individual states are trying to shape the markets.”

Source link

Comments are closed.