Earlier this month, most of Washington, and millions across the nation, sat mesmerized by the Senate and House hearings during which Facebook chief executive officer Mark ZuckerbergMark ZuckerbergTwo lawyers who filed suit challenging election results ordered to pay nearly 7K Hillicon Valley — Presented by Ericsson — DOJ unveils new election hacking charges State attorneys general launch probe into Instagram's impact on children, teens MORE was the only witness. The hearings were a response to the Cambridge Analytica data sharing issues.
Concerns about online privacy have been raised for many years, usually in response to news that hackers were able to penetrate various databases of private companies. These activities run across the entire internet, as Americans increasingly share their information and rely on various digital platforms for shopping, education, transportation, streaming media, telemedicine, teleworking, social interaction and social media.
Many of the laws that govern data privacy emanate from a period before the widespread adoption of online communications, computer-generated search algorithms, and social media accounts. Indeed, when many of these laws were enacted, most consumers were concerned about protecting their credit card information when making an online purchase.
The congressional hearings regarding on Facebook spotlighted changes in technology that were not envisioned 20 years ago. Often, situations like this create a “knee-jerk” reaction in the form of overreaching legislative or regulatory proposals that sound good on paper, but could result in stifling innovation, or just don’t result in any changes at all. Such was the case in 2012, when the Obama administration devised a plan to protect online privacy through a Consumer Privacy Bill of Rights.
The plan held some good ideas for consumers, and some not so good ideas, setting the initial stage for future privacy debates. Following through on the administration’s plan, in June 2014, the National Telecommunications and Information Administration sought comments on the Consumer Privacy Bill of Rights and how big data information should be protected. Those comments were made part of the public record in August 2014. Nothing was done with this concept.
Despite widespread support to update the Electronic Communications Privacy Act, Congress has failed to enact that legislation. Other attempts to address online piracy through legislation, such as the Stop Online Piracy Act and the Protect Intellectual Property Act, have also fallen short, often for good reason. The laws protecting privacy, intellectual property and data must be updated, but they must be done in a manner that does not stifle innovation or hurt the economy.
Once again, companies and members of Congress are calling for a Consumer Privacy Bill of Rights or similar legislation, amendments to Section 230 of the Communications Decency Act, or a regulatory structure to impose further restrictions on internet activities. Any new proposals for online data privacy should be thoroughly discussed in a technology and vendor neutral manner, with an eye on the past while looking toward the future. Congress should not pass overbearing new laws that could stifle innovation and hurt the economy.
There should be a measured approach to addressing online privacy and piracy issues. Congress should hold hearings that cover the entire internet ecosystem, including various platforms, to determine where laws need to be either more strictly enforced or amended to strengthen privacy protection. That is an appropriate and essential role for congressional oversight. It is through these oversight hearings that members can learn more about how a specific law affects both consumers and providers, and help them decide what should be done to better protect the individual privacy of Americans.
Tom Schatz is president of Citizens Against Government Waste.