The new congress has brought with it a bipartisan, push for online privacy laws, fueled by the growing realization that edge providers need minding.
Even as internet-service providers continue to take fire from activists on the net-neutrality front, legislators have been more focused on social media and search engines — particularly Google, which dominates search — and the need for new rules and regulations on how data is collected and shared.
Yes, targeted advertising is how all that web content remains free, but the hidden price appears to be a privacy tradeoff that many consumers don’t even know about.
Here’s a recap of events from just last week:
Too Much Information? Pew Research released a survey of Facebook users that showed the vast majority of them — three-quarters — did not know the social-media platform had compiled a dossier of sorts on their interests that was shared with third-party advertisers. Half the respondents, both those who knew and those who didn’t, didn’t like the idea.
Facebook said in response that it “welcomed” conversations about control, adding that “the rest of the online ad industry needs to do more to educate people on how interest-based advertising works and how we protect people’s information.”
Back to the Drawing Board: Privacy groups called for the creation of a new Data Protection Agency to focus on privacy protection, replacing the Federal Trade Commission in that role. The FTC lacks rulemaking authority and, they argue, has failed to exercise the enforcement authority it has in that space over its Facebook and Google consent decrees.
That is according to a new “Framework for Comprehensive Privacy Protection and Digital Rights in the United States” put forward by familiar names in the nongovernmental privacy sphere including the Campaign for a Commercial-Free Childhood, Center for Digital Democracy, Electronic Privacy Information Center and Public Citizen.
The new agency proposal is just part of a privacy plan whose planks include establishing private rights of action and statutory damages for violators, the latter an authority the FTC lacks. It would also prohibit “take it or leave it” terms that require users to waive privacy rights or pay more for service and expressly prohibit pre-emption of state privacy efforts.
Back to the Future: Sen. Marco Rubio (R-Fla.) last week introduced a bill, the American Data Dissemination Act, that would regulate the collection and use of personal data online, essentially applying a 1974 law that dealt with government record-keeping, to private companies’ data practices.
That 1974 act established a code of fair information practices (FIPS) for information retained by federal agencies, including prohibition of disclosure of an individual’s records without prior written consent, with some statutory exceptions. It also allowed individuals to seek access and amend their records.
The Rubio bill would do the same for online company retention of their users’ data.
Rubio’s bill would replace a “patchwork” of state regs, which translates to “pre-emption,” so privacy groups were tepid to worried about the Florida Republican’s effort.
Eyes in the Skies: Finally, Sen. Ed Markey (D-Mass.) renewed his call for privacy protections after the Federal Aviation Administration proposed to loosen its commercial drone rules to allow them to be flown over people and at night without having to get waivers.
The FAA’s goal is to open “an entirely new realm” of commercial drone possibilities, including for newsgathering and TV and film production as well as infrastructure inspection, emergency response and aerial surveying, though it is aerial surveillance that concerns Markey.