U.S. Senator Kirsten Gillibrand (D-NY) on February 12 introduced the Data Protection Act of 2020, new legislation that would create the Data Protection Agency, an independent federal agency that “would serve as a ‘referee’ to define, arbitrate, and enforce rules to defend the protection of [U.S. citizens’] personal data.”
U.S. Senator Kirsten Gillibrand (D-NY) on February 12 introduced the Data Protection Act of 2020, new legislation that would create the Data Protection Agency (DPA), an independent federal agency that “would serve as a ‘referee’ to define, arbitrate, and enforce rules to defend the protection of [U.S. citizens’] personal data,” she announced in a post on Medium.
As International Comparative Legal Guides explains, the U.S. Federal Trade Commission is broadly empowered “to bring enforcement actions to protect consumers against unfair or deceptive practices and to enforce federal privacy and data protection regulations,” but there is no single, comprehensive law protecting consumer data in the United States. “Rather, a jumble of hundreds of laws enacted on both the federal and state levels serve to protect the personal data of U.S. residents.”
Gillibrand’s announcement describes the United States as “vastly behind other countries” in this regard, noting that “Virtually every other advanced economy has established an independent agency to address data protection challenges.” Separately, a press release posted on her Senate website states that the United States is one of the world’s only democracies, and “the only member of the Organization for Economic Co-operation and Development,” that does not have a data protection agency.
“It’s outrageous that we don’t have one, and I think that really reflects the way that we, in the U.S., relate to these private companies—our regulatory agencies are no match for Google, or Amazon, or Facebook, and I think that’s by design,” Alison Macrina, founder and executive director of the privacy advocacy organization Library Freedom Project and the affiliated Library Freedom Institute training program, told LJ. “It is very encouraging that [Gillibrand] sees this as something that is essential for a functioning democracy.”
Arguing that the current situation is “a national crisis,” Gillibrand cites compromised or malicious apps that offer backdoor access to personal data on a user’s smartphone, data breaches at banks and credit rating agencies—such as the massive breach announced by Equifax in September 2017—and ongoing “threats from foreign adversaries trying to target personal data in consumer households, businesses, and government agencies.”
In addition, Gillibrand outlines hypothetical situations, such as health insurers buying data from third-party fitness apps and raising premiums for customers who don’t exercise enough, or predatory loan providers sending targeted ads to the phones of people with low incomes.
“It’s clear that lawlessness in the data privacy space can give rise to new, unexpected forms of injustice,” she states.
Opportunities for corporations to capture and manipulate consumer personal data are set to grow rapidly, as artificial intelligence systems are installed in new cars, and voice-activated assistants become ubiquitous in U.S. homes.
“Even the savviest consumers of technology cannot fully understand how companies use their data, where their data goes, how far they are willing to go to profit from that data, and whether their business practices encroach on their privacy and freedom,” Gillibrand writes.
Macrina noted that it appears as though Gillibrand is aiming for something similar to the European Union’s General Data Protection Regulation (GDPR) with DPA, “and I think that would be a really great start.” But she noted that many of the protections provided by GDPR depend on users giving or refusing consent for data collection. Ideally, regulatory agencies would be more proactive with consumer protections. “There’s just too much data collection,” Macrina said. “Even if you’re asking [users] if it’s OK, it’s very hard to get meaningful consent from consumers who don’t even necessarily understand what a cookie is. I would want to see not just data protection, but data minimization.”
The Data Protection Agency would have three core missions:
Gillibrand’s Senate website states that DPA would be an executive agency, with a director appointed by the president and confirmed by the Senate, having the power to “investigate, subpoena for testimony or documents, and issue civil investigative demands. It may prescribe rules and issue orders and guidance as is necessary to carry out federal privacy laws. The authority of state agencies and state attorneys general are preserved in the Act.”
Introduced last week, the bill does not yet have a co-sponsor, but it immediately received endorsements from more than a dozen privacy, technology, and civil rights organizations and prominent advocates including the Center for Digital Democracy, the U.S. Public Interest Research Group, Consumer Action, Public Citizen, the Electronic Privacy Information Center, the Consumer Federation of America, Color of Change, and others.
“The Data Protection Act of 2020 by Senator Gillibrand offers a crucial bulwark against the pervasive assault on privacy that now disfigures every aspect of daily life,” Shoshana Zuboff, Charles Edward Wilson Professor of Business Administration, Emerita, Harvard Business School wrote in a statement of support. “An overwhelming majority of Americans now think that the rampant commercial collection of personal data poses more risks than benefits, even as there is little choice but to depend upon privacy-destroying commercial systems for effective social participation. With this Bill, Senator Gillibrand joins a history-making new wave of legislative and regulatory efforts in the U.S. and Europe that promise to assert democratic governance over commerce in the digital age.”
In terms of DPA’s near-term prospects, Macrina said that the bill’s success would almost certainly require the election of one of the Democratic Party candidates running for election this fall, and that of these candidates, Senators Elizabeth Warren (D-MA) and Bernie Sanders (D-VT) have expressed the most concern about the issue of consumer privacy and the unchecked growth of companies such as Google, Facebook, and Amazon.
“It’s really just the progressive candidates—Bernie Sanders and Elizabeth Warren—who have even addressed a plan for what to do about the kind of power these companies have,” Macrina said. “Particularly Warren, but Sanders has an approach to our regulatory agencies that is encouraging…. Unless we have somebody in the White House who says ‘these companies are way too powerful, and we have to do something about them’…these companies are going to keep doing what they have been doing—consolidating power and moving into other areas” of commerce.
We are currently offering this content for free. Sign up now to activate your personal profile, where you can save articles for future viewing
Add Comment :-
Comment Policy:
Comment should not be empty !!!