Online privacy

Today, there is no expert agency ensuring that the internet is fast, open, and fair. Since the birth of the modern internet, the Federal Communications Commission had played that role. It makes sense. These are principles that have deep origins in communications law and history. After all, back in the era when communications meant telephony, every call went through, and your phone company could not cut off your call or edit the content of your conversation.

We believe that a comprehensive federal privacy and data security law is essential to hold institutions accountable, restore consumer trust, and protect our privacy. We have developed a set of core principles that should be included in any comprehensive data protection legislation. Under our framework, consumers would control their personal information, and corporations, non-profits, and political entities would be held to higher standards for when and how they collect, use, share, and protect our data.

In the last Weekly Digest, I presented a retrospective of a major policy story from 2018: The democratic harms of “Big Tech.” This week, a polar vortex accompanied a vortex of more privacy abuses from Big Tech, and further concerns about the very bigness of Big Tech.

Earlier this month we examined how partisan division at the Federal Communications Commission impedes progress towards closing the digital divide. Now, we review another big telecom policy story from 2018: the democratic harms of “Big Tech”. In 2018, we got a better, but more disturbing, understanding of the size and influence of large technology companies (Apple, Amazon, Facebook, Google, and Microsoft), and particularly how social media platforms affect our democratic discourse and elections.

At least 75 companies receive anonymous, precise location data from apps whose users enable location services to get local news and weather or other information. Several of those businesses claim to track up to 200 million mobile devices in the United States. The database reveals people’s travels in startling detail, accurate to within a few yards and in some cases updated more than 14,000 times a day. These companies sell, use or analyze the data to cater to advertisers, retail outlets and even hedge funds seeking insights into consumer behavior.

On Nov 27, the Senate Commerce Committee’s Subcommittee on Consumer Protection held an oversight hearing on the Federal Trade Commission. The hearing examined the FTC’s “priorities in promoting competition and consumer protection, the ongoing innovation hearings and how changes in technology impact the agency, and whether the FTC should have expanded authority with respect to privacy and data security.” In other words -- is the FTC doing a good enough job? And if not, what needs change?

Whether they are Wi-Fi kiosks, urban sensors, fiber networks, or built-from-scratch “smart” neighborhoods, new urban technology deployments are under the microscope. Despite the potential of these projects to drive innovation and economic growth, they are often met with mixed reception and a myriad of justifiable questions. Take the Quayside project in Toronto led by Sidewalk Labs.

In my previous post, I highlighted four reasons why the U.S needs a unified policy framework for an open Internet ecosystem: 1) lack of competition/incentive and the ability to discriminate; 2) collection of and control over personal data; 3) lack of transparency; and 4) inadequacy of current laws and enforcement. Many of these problems can be addressed with targeted legislative and regulatory interventions.

[Analysis] In a new article for the Georgetown Law Technology Review, I seek to jumpstart a conversation about how to shape an Internet ecosystem that will serve the public interest. First, let me lay out the rationale for a new, unified policy framework for an open Internet: 1) Lack of Competition/Incentive and Ability to Discriminate, 2) Collection of and Control over Personal Data, 3) Lack of Transparency, and 4) Inadequacy of Current Laws and Enforcement.

[Commentary] Our current privacy framework no longer works. While the hearings this month offered little in terms of solutions, they did put a spotlight on a problem that’s been glaringly obvious for years: Consumers have little control over their data online. We need a privacy framework that gives consumers control over their own data. Companies across the board must be required to get express consent from their users prior to sharing their data. At the outset, consumers should be asked to respond to a simple statement that they do or do not want their personal data shared.