“We need to start thinking not just about ticky-tack privacy rules, but what’s the reason why companies invade our privacy? And one of those reasons is the behavioral advertising model … it’s often manipulative. So we have to think about how these businesses are incentivized and structured if we want to get to the root cause of massive surveillance in our economy today.”
So declared FTC Commissioner Rohit Chopra at a hearing on online platforms and market power last week. Chopra, who’s earned a reputation as a crusader in his short term thus far, was opening the door to a far deeper conversation about Big Tech than one usually hears in Washington, even in the midst of the so-called “techlash.” To Chopra, fighting back against the dominance of these firms is not just a matter of marginal tweaks; it means asking fundamental questions about what abuses against the public we, as a society, are willing to permit in the name of making money.
Would that actual legislators had Chopra’s spine. Indeed, three days before Chopra’s testimony, on the morning before the October Democratic debate, the New Democrat Coalition—the largest congressional sub-caucus within the Democratic Party—endorsed the Information Transparency and Personal Data Control Act, or H.R. 2013.
A major endorsement of a data privacy bill might sound like a good thing. But if H.R. 2013 winds up as the vehicle to which the House and the Senate can both consent, it would be a disaster for everyday Americans. H.R. 2013 is not trying to actually temper the tech industry’s worst abuses. It is instead a tactical shield for the powerful, meant to provide cover for the industry and governments to encroach ever further on Americans’ freedoms, while neutralizing organized dissent.
What the Bill Does
The United States really does need strong data privacy protections. A slew of high-profile data abuses from giant corporations have highlighted the cost of inaction, be it major breaches (Equifax), political tumult (Facebook and Cambridge Analytica), or profiteering off children’s naïveté (YouTube and Google). But H.R. 2013 does nothing to address these problems. Instead, it simply directs companies to “provide affirmative, express, and opt-in consent” to any data-gathering function that comes with their service.
In other words, this bill would give you the opportunity to see how a corporation plans to exploit your personal data—and require that you provide your consent—but not the means to stop it. It doesn’t force companies to cease their abusive practices, or institute new safeguards against personal-data breaches. It certainly isn’t providing users with a right to be forgotten, or the power to meaningfully control the amount of information Big Tech can sell about you.
H.R. 2013 believes the problem with mass surveillance is not the surveillance itself—just that people might not know it’s happening.
That’s the most charitable interpretation of the bill’s intent. The real meat of H.R. 2013 comes in the second-to-last section, which states that it would “preempt,” or override, state-level privacy laws. For one thing, that could salt the earth of the nascent movement against facial recognition technology sprouting in cities like Oakland, San Francisco, and Somerville, Massachusetts. But the primary target of this preemption language is the California Consumer Privacy Act, which goes into effect next year.
The CCPA not only grants Californians a right to be forgotten, it even lets them opt out of data tracking entirely while still using an internet service. Come January, the state’s web surfers might actually be able to use Google without it spying on them.
This would be truly unprecedented—a “disruption” of the tech industry, if you will. It represents a fundamentally different way of thinking about not just privacy, but fairness in a market economy. Implicit in H.R. 2013’s disclosure-based regime is a belief that as long as an individual knows their privacy is being violated, they shouldn’t get to complain about it. If you know that Google is spying on you, it’s your own damn fault for continuing to use Google … even though it’s almost impossible in our monopolistic, internet-centered world to get by without any of the company’s services.
As I and others—even up to presidential candidate Andrew Yang—have argued elsewhere, this “buyer beware” system is based on magical thinking. It’s only reasonable in an imagined world where alternatives to the Big Tech giants are plentiful, big business fights fair against smaller competitors, and every single consumer is a well-trained privacy attorney capable of poring through and interpreting disclosure forms.
Contrast this with the CCPA’s privacy regime: By providing the right to opt out of data tracking, that law doesn’t foist the responsibility for our privacy-absent world onto the victims. Instead, it actually cares about the little guy’s situation, and sets policy based on the public’s needs rather than what massive corporations consider “fair.” It should, therefore, come as no surprise that the industry wants it squashed.
This is the main reason the tech industry and its allies in Washington have been pushing for a national privacy bill lately. They haven’t suddenly repented for their actions; they are scared that if they don’t quickly spit out a do-nothing bill with the words “data privacy” slapped onto it somewhere, other states and future progressive administrations might try to pass the real thing. And the real thing could threaten their profits.
The New Democrats and Consensus
You know that H.R. 2013 is a handout to the tech industry when you look at its backers. The bill was introduced by Representative Suzan DelBene (D-WA), the New Democrat Coalition’s vice chair for policy coordination (how telling that it took seven months for her own caucus to endorse it), and a former Microsoft executive.
From 1989 through 1998, she filled a host of roles at the original tech monopolist, including business and product management for the once-dominant Windows 95 operating system, and early versions of the Internet Explorer web browser. After trying her hand at entrepreneurship, DelBene returned to Microsoft to run its mobile division, before giving politics a shot a few years later.
DelBene’s press release introducing the bill in March included an endorsement from the trade group BSA | The Software Alliance, which counts Apple, Microsoft, Salesforce, Oracle, and Adobe among its members. Right above the BSA lobbyist’s quote are a few words from Daniel Castro, a vice president at the Information Technology and Innovation Foundation.
ITIF doesn’t disclose funding sources, which is never a good sign, but trackers at the Center for Public Integrity have spotted tens of thousands from tech trade groups flowing into ITIF over the years. Google lists ITIF as a funding recipient in its own disclosures. DelBene is an “honorary co-chair” of ITIF’s board. Journalists and policy experts have mocked the way ITIF’s findings just happen to line up with the industry’s desires for years, including on privacy: In October, Castro pleaded for a “U.S. digital single market,” saying “preemption is key” to avoid the absolute horror of overlapping digital-privacy standards. This is exactly the argument tech lobbyists have been making to shove bills like H.R. 2013 through Congress. Castro’s co-author, Alan McQuinn, just revolved back into Congress as a staffer on the House Science Committee.
Moreover, ITIF has long-standing connections to the New Democrat Coalition. ITIF’s founder, Robert Atkinson, was previously a vice president at the Progressive Policy Institute, the de facto think tank for New Democrats. According to his ITIF bio, he ran programs on broadband, e-commerce, privacy, and telecommunications, much like the work ITIF does today.
The last thirty years have shown that the pro-market solutions which the New Democrats and their allies stand for only drive inequality, monopolization, and stagnancy. Even under a Democrat, Reaganomics is Reaganomics. Now that the tech industry is feeling unprecedented heat, they’re hoping that New Democrats and their allies can do what they do best—“get things done,” even if those “things” are really nothing at all.
The public shouldn’t fall for it. Populist political candidates are surging, and tech encroaches more and more into our everyday lives. The sort of marginal tweaking and political gamesmanship that has sustained the New Democrats and their corporate allies for a generation simply isn’t tolerable anymore. When America passes a national data privacy bill, it ought to actually ensure privacy—not protection for the powerful.