SoylentNews

upstart writes:

Submitted via IRC for Bytram

https://www.nytimes.com/2019/06/08/opinion/sunday/privacy-congress-facebook-google.html

In the past year, Congress has been happy to drag tech C.E.O.s into hearings and question them about how they vacuum up and exploit personal information about their users. But so far those hearings haven't amounted to much more than talk. Lawmakers have yet to do their job and rewrite the law to ensure that such abuses don't continue.

Americans have been far too vulnerable for far too long when they venture online. Companies are free today to monitor Americans' behavior and collect information about them from across the web and the real world to do everything from sell them cars to influence their votes to set their life insurance rates — all usually without users' knowledge of the collection and manipulation taking place behind the scenes. It's taken more than a decade of shocking revelations — of data breaches and other privacy abuses — to get to this moment, when there finally seems to be enough momentum to pass a federal law. Congress is considering several pieces of legislation that would strengthen Americans' privacy rights, and alongside them, a few bills that would make it easier for tech companies to strip away what few privacy rights we now enjoy.

American lawmakers are late to the party. Europe has already set what amounts to a global privacy standard with its General Data Protection Regulation, which went into effect in 2018. G.D.P.R. establishes several privacy rights that do not exist in the United States — including a requirement for companies to inform users about their data practices and receive explicit permission before collecting any personal information. Although Americans cannot legally avail themselves of specific rights under G.D.P.R., the fact that the biggest global tech companies are complying everywhere with the new European rules means that the technocrats in Brussels are doing more for Americans' digital privacy rights than their own Congress.

The toughest privacy law in the United States today, is the California Consumer Privacy Act, which is set to go into effect on Jan. 1, 2020. Just like G.D.P.R., it requires companies to take adequate security measures to protect data and also offers consumers the right to request access to the data that has been collected about them. Under the California law, consumers not only have a right to know whether their data is being sold or handed off to third parties, they also have a right to block that sale. And the opt-out can't be a false choice — Facebook and Google would not be able to refuse service just because a user didn't want their data sold.

[...] Where the Warner/Fischer bill looks to alleviate the harmful effects of data collection on consumers, Senator Josh Hawley's Do Not Track Act seeks to stop the problem much closer to the source, by creating a Do Not Track system administered by the Federal Trade Commission. Commercial websites would be required by law not to harvest unnecessary data from consumers who have Do Not Track turned on.

A similar idea appeared in a more comprehensive draft bill circulated last year by Senator Ron Wyden, but Mr. Wyden has yet to introduce that bill this session. Instead, like Mr. Warner, he seems to have turned his attention to downstream effects — for the time being, at least. This year, he is sponsoring a bill for algorithmic accountability, requiring the largest tech companies to test their artificial intelligence systems for biases, such as racial discrimination, and to fix those biases that are found.

Original Submission