Iran faces a long road before using blockchain to evade US sanctions
Latest hearing proves Congress needs big-stick policy for tech giants
Here's what I took away from the Senate Intelligence Committee's latest hearing on foreign influence operations. The federal government obviously hasn't been able to figure it out or get it right. Facebook COO Sheryl Sandberg said in her opening statement "We were too slow to spot this and too slow to act. That's on us. This interference was completely unacceptable."
Twitter CEO Jack Dorsey never directly took responsibility in his opening statement. Instead, he talked about all the 'improvements' Twitter is making: "We have implemented significant improvements since we last appeared before the Committee in November, and we will continue to undertake important steps in the coming months and years." Which is code for they also didn't get it right.
During questioning, Dorsey did mention numerous times that "We haven't done a good job of that" in response to several lines of questioning.
Google's opening statement was non-existent, which instantly made them the ceremonial punching bag for the committee. In a rare display of bipartisanship, Google was bashed equally by Republicans and Democrats.
So, if government can't get it right, and the largest social media platforms are struggling to get it right, is there any hope for the rest of us? It would be too easy to take Facebook, Twitter and Google to task. But that doesn't solve our real problem.
However, Google was conspicuous in more ways than its absence. A company that has flourished because of the free market the United States provides, and that has benefitted from many of the legal tax loopholes, essentially thumbed its nose at the American taxpayer.
Abraham J. Briloff is a professor emeritus of accounting at Baruch College in New York. He analyzed Google's tax disclosures, and wasn't happy. "Who is it that paid for the underlying concept on which they built these billions of dollars of revenues? It was paid for by the United States citizenry."
An analysis in the New York Times opinion section from November 2017 estimated Google had diverted legally, through tax avoidance, $15.5 billion in profits through Google Ireland Holdings in Bermuda. Al Capone should have been so lucky.
The bigger takeaway is the extent to which social media platforms have more access to your personal data than the federal government. Which is truly the major question at the heart of the hearing - who owns your data?
The European Union has taken the stance that the consumer/user owns their data. The Global Data Protection Regulation, GDPR, outlines the rights you have with respect to your data. Anyone who's watched at least one episode of "Cops" can repeat their Miranda rights as well as any seasoned officer. But how many American consumers know what their data rights are? Here's the list - if you're a citizen of the EU, you have the right to:
- information about the processing of your personal data;
- obtain access to the personal data held about you;
- ask for incorrect, inaccurate or incomplete personal data to be corrected;
- request that personal data be erased when it's no longer needed or if processing it is unlawful;
- object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation;
- request the restriction of the processing of your personal data in specific cases;
- receive your personal data in a machine-readable format and send it to another controller ("data portability");
- request that decisions based on automated processing concerning you or significantly affecting you, and based on your personal data, are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.
The EU has also issued recommendations that require social media and content companies to act faster in removing certain types of content. If the content contains "terrorist content, incitement to hatred and violence, child sexual abuse material, counterfeit products and copyright infringement", the content should be removed within one hour. The devil is always in the details, especially when trying to define what "hatred" means, for example.
While initially a recommendation, this approach using "voluntary compliance" is a shot across the bow, and a warning of laws to come if the desired outcomes aren't realized. Not that I'm a fan of draconian measures, but it might be time to reconsider our current approach in the United States.
Endless House and Senate hearings appear to be more about optics than results. While not an economist by training, I'm pretty sure that if there were significant financial penalties looming, or a change in our tax laws that did not reward hiding profits offshore, "voluntary compliance" might be a whole lot easier to achieve.
There is precedent: Sarbanes-Oxley, known affectionately by financial professionals everywhere as SOX.
After the corporate world failed to clean up its own act (Enron, Tyco, Adelphia, WorldCom, Peregrine Systems, e.g.), Congress stepped in and passed a law that made the top management sign off and attest to the accuracy of the financial statements. Before SOX, there were a lot of perp walks. After SOX, not so many. CEO's didn't like the way they looked in orange.
Maybe we need a Sarbanes-Oxley for social media companies. I'm pretty sure most Americans wouldn't object to that content.
Morgan Wright is an expert on cybersecurity strategy, cyberterrorism, identity theft and privacy. He previously worked as a senior advisor in the U.S. State Department Antiterrorism Assistance Program and as senior law enforcement advisor for the 2012 Republican National Convention. Follow him on Twitter @morganwright_us.