After two days of often controversial exchanges between congressmen and Facebook CEO Mark Zuckerberg this week, Washington's attention and Silicon Valley has changed. practices on how to implement some of these plans.
The company has already taken steps to streamline its disclosure and privacy policies to give its 2 billion monthly active users more control over their data and limit the sharing of this information with third parties.
However, officials in Washington have also begun to roll out legislation aimed at giving consumers more control over what Facebook and other companies can do with their personal information.
Meaning. Ed Markey, D-Mass., And Richard Blumenthal, D-Conn., Introduced this week the "CONSENT (Online Consumer Reviews Act for Network Violators), a bill that would require that the Federal Trade Commission protections on advanced providers like Facebook, Google and other similar companies.
When it became law, peripheral providers should inform users of data collection and sharing policies, as well as inform them of data breaches, and require permission to share or sell the personal data of the users. It would also require suppliers to maintain "reasonable" data security.
Dem. Marsha Blackburn, R-Tenn., Has dusted off the "Browser (Equalizing the Rights of Surfers Surfers Equally and Responsibly)," a 2017 bill that would provide Internet users with more protections. The proposal was supported following Zuckerberg's hearings, she said.
Hot topic, small window
There are a few factors that could prevent the adoption of a new law following the Cambridge Analytica data scandal, Allie Bohm, a consultant, said.
Among them are the impending mid-term elections, the short time remaining at the congressional session and the lack of good existing legislation as opposed to the bills that should be drafted from scratch.
On the other hand, this could be the best time for the tech industry to get something, Bohm said, and that could help Silicon Valley's financial outlook.
"Having a reasonable regulation of consumption can help consumers trust and save their profits," she said.
The issue of data privacy has been at the forefront for several weeks and, in the time of Trump, it is rare that a single legislative issue remains as long on the agenda Bohm pointed out.
Public Knowledge urged lawmakers to focus on three areas:
- The bill must provide for significant notice and consent from customers, which means that the new privacy language should not be buried on page 39 of a 40-page document. pages.
- The bill must provide for strong data security involving all entities that use consumption data. Whether someone buys a home, is looking for a job or is renting an apartment, all the data must be secure.
- Consumers must have an effective remedy, in particular the removal of mandatory arbitration language to resolve disputes. For many consumers, the cost of legal fees could outweigh any settlement that they might get. There should also be a provision for damages.
At the state level, the
The California Consumer Privacy Act, a voting initiative, has gained new strength after Facebook withdrew its official opposition.
The bill has three main elements, according to Rick Arney, Independent Chair of the Lending Club Fund Governance Board, who co-authored the measure:
- Consumers would have the right to know what kind of data a large company had about them;
- Consumers would have the right to tell this company to stop collecting their personal data; and
- Consumers could hold businesses accountable if their data was compromised in a cyber-branch.
"The reason we are putting this initiative together is that significant abuse occurs with data," Arney told the E-Commerce Times.
Donors have almost all the signatures they need to take initiative on the ballot this fall, he said.
Facebook has withdrawn from the committee to protect jobs in California, an organization created to oppose the initiative, confirmed Facebook spokesman Andy Stone.
Committee members include Google, Verizon, Comcast and AT & T. Facebook and Google each contributed US $ 200,000 to the group, according to government filings.
Facebook has withdrawn from the committee "in order to focus its efforts on supporting reasonable measures of privacy protection in California," Stone told the E-Commerce Times.
Zuckerberg underscored this commitment in his responses to lawmakers this week on Facebook's plans for compliance with European regulations on data privacy and the company's overall support for data privacy regulations, stressed Stone.
Regarding the many questions that Zuckerberg has promised that Facebook's staff would be looking for, Stone said the official committee records will be open so lawmakers can ask additional questions. The House committee record will be open for another 10 days, and the joint Senate committee file will be open for another 14 days. The committees will then give Facebook time to answer members' questions.
According to the Cambridge Analytica data scandal, a move towards increased data protection is likely to come in the US, but implementation is unlikely to reach the levels set by the new EU laws, suggested Rick Edmonds , media analyst at Poynter.
"A likely outcome is that Facebook is pursuing the current round of measures to solve the problem," he told the E-Commerce Times.
It may be easier than trying to frame a solution in a new FCC / Commerce regulation, he added.
Digital privacy is a complicated issue that will require complex legislation, said Andrew Howard, chief technology officer at Kudelski Security.
The European General Data Privacy Regulation is the first attempt to secure large-scale privacy rights, he told the E-Commerce Times, and it is unlikely that the United States will even in the short term.
"While there is currently a lot of noise in the US Congress about data privacy, actions are unlikely in the near future," Howard said. "Americans, especially younger generations, are generally more comfortable with the trade-off between privacy and usability."
It will take time to determine if the GDPR is really working, he added, noting the irony that most large technology companies will have to comply with these regulations anyway because they run a large part of their activities in Europe.
The real question at the center of this debate is about consent, said Jason Hart, chief technology officer at Gemalto.
"Click blindness" is very common, he told the E-Commerce Times. In order to access a service, users give their immediate consent to share information without reading or understanding what they allow, and their data is then used for market research or advertising, or simply for profit.
"Should we apply a standard of ownership to the information we share online," Hart wondered, "similar to the one that is established by our plagiarism laws or the violation of copyright law? ;author?"