WASHINGTON, July 11, 2019 — Congress urgently needs to create a federal privacy law, said panelists at a privacy conference held by the U.S. Chamber of Commerce on Thursday. However, coming to a consensus on the specifics of such a law has been and will continue to be a major roadblock.
Lawmakers have to create a policy that is “sufficiently agile to accommodate new uses of data that none of us can even conceive of right now,” said Ernest & Young Americas Privacy Leader Angela Saverice-Rohan.
Privacy standards are dependent on shifting cultural norms and constantly evolving technology, Saverice-Rohan said, and so Congress should focus on allowing context-dependent consumer choice. To make these choices effective, companies will need to simplify the terms and conditions of their privacy policies.
The current paradigm of legalistic privacy notices doesn’t work, explained Jerry Jones, executive vice president of LiveRamp. Privacy policies should be built with simple, standardized language that gives people clear control over what their data is used for.
Even with such changes, the consumer is a “terrible person to make decisions,” said Chris Calabrese, vice president of policy at the Center for Democracy and Technology. He claimed that most consumers lack both the technical knowledge to make decisions and the market power to influence them.
Instead, he said, the main burden should be shifted to the data processors, and particularly sensitive categories of information like location or biometrics should be strongly protected—to the point of not allowing any secondary use of the data whatsoever.
Calabrese’s suggestion drew criticism from other panelists such as Future of Privacy Forum Vice President John Verdi, who argued that when users affirmatively and aggressively make an informed request for a secondary use of their data, it should be permitted.
Protecting data without considering the uses of that data is flawed thinking, said Steve Rubley, managing director of government at Thomson Reuters. Public records are “absolutely critical” to preventing terrorist attacks before they take place, breaking up sex trafficking rings, and locating abducted children, among other important uses.
An individual’s reasonable right to privacy should be balanced against the significantly increasing societal benefits of sharing that data in careful and responsible ways, Rubley said. Saverice-Rohan agreed that laws should be risk-based, emphasizing the part that the free flow of information has played in important data-driven innovations.
Moreover, she said, laws must represent the technological reality of today. Implementing the California Consumer Privacy Act has proven to be a technical challenge for many companies, and having to deal with disjointed, frequently changing, and sometimes even contradictory sets of rules across the globe requires significant time and resources.
The effort to implement CCPA while the law is still being amended is akin to “building a plane and flying it at the same time, said Hogan Lovells Partner Mark Brennan, and companies are spending as much time trying to understand what the requirements mean as they are operationalizing them.
To avoid similar concerns, the federal privacy law should focus on clarity, said Calabrese. However, panelists agreed that the need for thoughtfulness did not diminish the need for timely action.
Ideally a law would be passed tomorrow, but Congress should at least try to get something on the books before CCPA goes into full effect, said Brennan, adding that the “worst possible outcome” would be waiting until a second state tries to create equally comprehensive legislation.
Brookings Institution Visiting Fellow Cam Kerry agreed, saying that in order for a federal privacy law to work, it must be implemented before more state legislatures adopt laws that make preemption intractable and before partisan positions harden.
(Photo of the Chamber of Commerce #DataDoneRight Conference by Emily McPhie.)
- T-Mobile’s Acquisition of Sprint Passes Federal Muster, But 16 States Press On in Opposition
- Comcast Touts 100 Gigabit Service, SHLB Seeks Reconsideration on Telehealth, Senate Clears Emergency Communications
- As Next Year’s C-Band Auction Looms, FCC Officials Reflect on Innovation in Spectrum Auctions
- Problems of Lack of Transparency Pervade Issues of Algorithms in Artificial Intelligence
- New Hampshire Plans a Broadband System, Microsoft on Californian Privacy, and Google Collects Medical Data
Signup for Broadband Breakfast
Intellectual Property4 months ago
In Congressional Oversight Hearing, Register of Copyrights Says Office Is Responding to Online Users
Broadband Data5 months ago
California Report: Income Most Significant Factor in Low Broadband Adoption
Broadband Data6 months ago
Pennsylvania Broadband Speeds Worse Than Previously Believed, According to State Report
Privacy and Security2 months ago
Comparing Privacy Policies for Wearable Fitness Trackers: Apple, Fitbit, Xiaomi and Under Armour
Antitrust2 months ago
Addressing the Impact of Big Data Upon Antitrust is More Complicated Than a Big Tech Breakup
Expert Opinion4 months ago
Geoff Mulligan: A ‘Dumb’ Way to Build Smart Cities
Antitrust2 months ago
Broadband Roundup: Everyone (Almost) Gangs Up on Google, Muni Broadband Fact Sheet, SHLB Anchornet Conference
Broadband Roundup3 months ago
Cable Industry Touts Energy Efficiency, Next Century Highlights Open Access Fiber, Aspen Forum Set