American startups need surveillance reform

American startups need surveillance reform
© Getty

There’s an ongoing debate on the Hill over government surveillance that will impact companies with users abroad, especially startups. 

With a good idea and a connection to the open internet, a small startup anywhere in the U.S. can reach users all over the world, expanding their business and contributing to economic and job growth back home. 


But that open global marketplace for even the smallest and newest companies can be at risk if policymakers in other countries create trade barriers in the name of protecting their citizens’ privacy. And while large companies might have the resources and legal teams to navigate those trade barriers, startups often rely on streamlined data sharing agreements to make sure they’re operating legally abroad.


Take, for instance, the Privacy Shield, a transatlantic deal that lets thousands of companies bring European users’ data across the Atlantic to be processed and stored. While a recent review of the Privacy Shield by the European Commission found that the agreement adequately protects Europeans’ privacy, the review points out places for improvements in U.S. surveillance law to ensure European’s fundamental privacy rights are protected. 

“The practical implementation of the Privacy Shield framework can be further improved in order to ensure that the guarantees and safeguards … continue to function as intended,” the report states, calling for transparency and oversight improvements, as well codifying Obama-era privacy protections for non-U.S. persons.

Now Congress has a chance to show that it takes those concerns — and the impact they have on U.S. businesses, including startups — seriously. Section 702 of the Foreign Intelligence Surveillance Act is an online spying law that expires at the end of this year, and Congress has already begun the debate about what changes to make as it reauthorizes the law.

Much of the debate over Section 702 has rightly focused on the impact of this surveillance on national security and civil liberties. But lawmakers should factor in how this debate is perceived abroad and how that perception can harm U.S. businesses, especially the small startups that don’t have the resources to navigate complex international data rules on their own.

As the European Commission noted in its report on Privacy Shield, this year’s Section 702 expiration presents a “unique opportunity for strengthening the privacy protections contained in [the Foreign Intelligence Surveillance Act].” 

And some lawmakers are already attempting to bolster privacy, transparency, and oversight protections in Section 702. There are some proposals out — including one from House Judiciary Committee members, a more aggressive version of the bill from Sens. Patrick LeahyPatrick Joseph Leahy‘Contingency’ spending in 3B budget deal comes under fire How the border deal came together Winners and losers in the border security deal MORE (D-Vt.) and Mike LeeMichael (Mike) Shumway LeeSenate approves border bill that prevents shutdown Push for paid family leave heats up ahead of 2020 New act can help us grapple with portion of exploding national debt MORE (R-Utah), and an even more aggressive bill from Sens. Ron WydenRonald (Ron) Lee WydenDem lawmaker: 'Trump's presidency is the real national emergency' Dems introduce bill to take gender-specific terms out of tax code to make it LGBT-inclusive 8 surprising times our intel community spied on US citizens MORE (D-Ore.) and Rand PaulRandal (Rand) Howard PaulBusiness, conservative groups slam Trump’s national emergency declaration The Hill's 12:30 Report — Presented by Kidney Care Partners — Trump escalates border fight with emergency declaration On The Money: Trump declares emergency at border | Braces for legal fight | Move divides GOP | Trump signs border deal to avoid shutdown | Winners, losers from spending fight | US, China trade talks to resume next week MORE (R-Ky.) — that would make changes to the law, including boosting transparency and oversight of the surveillance and codifying the NSA’s decision earlier this year to end “about” collection. “About” collection was the controversial process of collecting communications not just to and from identified foreign intelligence surveillance targets, but collecting communications that merely mention an identifier linked to a target.

But other lawmakers, seemingly unconcerned by the privacy violations and potential threats to U.S. business, are pushing ahead with proposals would make the law worse. The Senate Intelligence Committee recently passed a bill that would, among other things, extend the law for eight years and create a path forward for the intelligence community to restart “about” collection. And the House Intelligence Committee is quickly moving forward with a new bill that would expand Section 702 surveillance.

Ignoring the concerns about Section 702 surveillance both at home and abroad is not the right answer for lawmakers or for the constituents and small businesses in their districts and states. 

With the Section 702 expiration date looming, lawmakers have a chance to respond to both the privacy concerns of their constituents and the concerns of U.S. businesses — especially startups that rely on simplified access to their global users — who are watching the conversation about U.S. surveillance unfold abroad. 

Kate Tummarello is a policy analyst at Engine , an advocacy and research organization that supports tech startups. She has a background in privacy and security issues, including her work as a journalist and as a digital rights activist.