This month, Sen. Maria Cantwell (D-Wash.) and Rep. Cathy McMorris Rodgers (R-Wash.) unveiled a rare governmental feat: a bipartisan bill that has lawmakers feeling “optimistic” and “Fired.”
Is he American Privacy Rights Act (APRA), and it should have been done a long time ago. The United States is far behind the rest of the world in privacy legislation; 137 of the 194 in the world Countries have national privacy laws, according to the United Nations. They were the An outlier of the G-20 without one. This is not the kind of “exceptionalism” Americans should strive for.
The proposal, which aims to “make privacy a consumer right” and “give consumers the ability to enforce that right,” comes at a crucial time. On April 20, President Biden signed a bill reauthorize the Foreign Intelligence Surveillance Act. While this law is a tool to safeguard national security against foreign targets, it also allows for the collection of web and mobile data of hundreds of thousands of Americans and has a history of abuse by intelligence agencies. Meanwhile, the new law requiring TikTok to be sold or banned, aimed at preventing foreign access to Americans' data, provides only limited protections.
Congress is under enormous pressure to confront the rise of AI, combat surveillance capitalism, and reduce the serious harms inflicted by technology companies. about children and adolescents. There have been other federal privacy proposals, but they have failed in our gridlocked Congress. Led by the chairs of the House and Senate Commerce committees, APRA is the first win important bipartisan and bicameral votes support.
The immediate need for this legislation is clear. Technology companies are not the only ones to blame for the misuse of our data. In March, General Motors was embroiled in a scandal when it was discovered that it shared data on your customers' driving behavior with insurance companies through data brokers, those often huge, multi-billion dollar companies that exist to buy, sell and resell our data.
This speaks on behalf of The APRA appeal: It is remarkably spacious. It would cover the private sector, non-profit organizations and common operators, including technology and other companies and medium or large organizations that handle our data. And it proposes additional restrictions on data brokers.
To minimize data sharing, the legislation would prevent companies and organizations from collecting data other than “necessary” or “proportionate” to the purpose for which the data is collected. In a victory for transparency, entities should disclose the data they have on you and explicitly allow you to edit or delete it. Additionally, it would require companies to allow consumers to opt out of targeted advertising and data collection by brokers. And finally, this legislation would allow you to sue companies and seek financial damages for violations of your privacy rights.
The bill faces some significant criticism, including from prominent privacy advocates and organizations. A publication of the Electronic Frontier Foundation took the problem The bill “preempts existing state laws and prevents states from creating stronger protections in the future,” warning that this condition would “freeze consumer data privacy protections.” Caitriona Fitzgerald, Deputy Director of the Electronic Privacy Information Centre, warned That any preventive legislation should be stronger than existing state laws, something APRA is not currently, he suggested.
The Electronic Frontier Foundation publication argued that, for example, the bill should “limit sharing with the government and expand the definition of confidential data.” And the ranking member of the House Energy and Commerce Committee, Rep. Frank Pallone Jr. (D-N.J.), said the bill “It could be stronger in certain areas, such as children's privacy.”
These criticisms are valid but not enough to derail the proposal. Let us consider that California has among the stricter state privacy lawsHowever, technology giants like Goal and Google, who make their home here, are still accused of some of the most egregious privacy violations. A powerful and universal federal law is needed to control them. It would also be more effective than the status quo of a Byzantine patchwork of state laws.
And APRA can become stronger over time. That happened with him Children's Online Privacy Protection Actapproved in 1998 to protect children under 13 years of age. In 2013, the law was expanded and updated by the Federal Trade Commission to reflect the evolution of technology, such as mobile devices. He also expanded the definition of “personal information” to include geolocation data, photographs, videos, children's audio and more. Once approved, the APRA could also serve as a basis for future improvements.
Eventually it could be reinforced with a significant railing like the one built in the UK Online Safety Law. Depending on the severity of the violation, it imposes jail terms for executives and fines of up to $22 million or 10% of a company's gross revenue, whichever is greater. These tough sanctions can help prevent the trend of tech giants routinely. disobey privacy laws simply paying fines as costs of doing business.
Review of the bill by committees in both chambers of Congress may further strengthen it. Our government should not waste this decisive moment to establish a foundation of privacy rights for all Americans.
Mark Weinstein is a technology entrepreneur, privacy expert, and author of the upcoming book “Restoring our sanity online.“