Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Senate Panel to Hear From Internet Execs on Privacy Policies

The Trump administration is hoping Congress can come up with a new set of national rules governing how companies can use consumers’ data that finds a balance between “privacy and prosperity.”

The Trump administration is hoping Congress can come up with a new set of national rules governing how companies can use consumers’ data that finds a balance between “privacy and prosperity.”

But it will be tricky to reconcile the concerns of privacy advocates who want people to have more control over the usage of their personal data — where they’ve been, what they view, who their friends are —and the powerful companies that mine it for profit.

Executives of a half-dozen U.S. internet titans are due to appear Wednesday before the Senate Commerce Committee to explain their privacy policies. Senior executives from AT&T, Amazon, Apple, Google, Twitter and Charter Communications are expected to testify at the hearing, amid increasing anxiety over safeguarding consumers’ data online and recent scandals that have stoked outrage among users and politicians.

But the approach to privacy legislation being pondered by policymakers and pushed by the internet industry leans toward a relatively light government touch.

An early move in President Donald Trump’s tenure set the tone on data privacy. He signed a bill into law in April 2017 that allows internet providers to sell information about their customers’ browsing habits. The legislation scrapped Obama-era online privacy rules aimed at giving consumers more control over how broadband companies like AT&T, Comcast and Verizon share that information.

Allie Bohm, policy counsel at the consumer group Public Knowledge, says examples abound of companies not only using the data to market products but also to profile consumers and restrict who sees their offerings: African Americans not getting access to ads for housing, minorities and older people excluded from seeing job postings.

The companies “aren’t going to tell that story” to the Senate panel, she said. “These companies make their money off consumer data.”

What is needed, privacy advocates maintain, is legislation to govern the entire “life cycle” of consumers’ data: how it’s collected, used, kept, shared and sold.

Advertisement. Scroll to continue reading.

Meanwhile, regulators elsewhere have started to act.

The 28-nation European Union put in strict new rules this spring that require companies to justify why they’re collecting and using personal data gleaned from phones, apps and visited websites. Companies also must give EU users the ability to access and delete data, and to object to data use under one of the claimed reasons.

A similar law in California will compel companies to tell customers upon request what personal data they’ve collected, why it was collected and what types of third parties have received it. Companies will be able to offer discounts to customers who allow their data to be sold and to charge those who opt out a reasonable amount, based on how much the company makes selling the information.

The California law doesn’t take effect until 2020 and applies only to California consumers, but it could have fallout effects on other states. And it’s strong enough to have rattled Big Tech, which is seeking a federal data-privacy law that would be more lenient toward the industry.

“A national privacy framework should be consistent throughout all states, pre-empting state consumer-privacy and data security laws,” the Internet Association said in a recent statement . The group represents about 40 big internet and tech companies, spanning Airbnb and Amazon to Zillow. “A strong national baseline creates clear rules for companies.”

The Trump White House said this summer that the administration is working on it, meeting with companies and other interested parties. Thune’s pronouncement and one from a White House official stress that a balance should be struck in any new legislation — between government supervision and technological advancement.

The goal is a policy “that is the appropriate balance between privacy and prosperity,” White House spokeswoman Lindsay Walters said. “We look forward to working with Congress on a legislative solution.”

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.