UA professor cautions senators to go slow in bid to protect personal data
Tuesday, March 12, 2019
WASHINGTON – A University of Arizona law professor cautioned members of a Senate panel Tuesday against rushing into data privacy laws that could wind up hurting consumers.
Jane Bambauer said she was “delighted” to see lawmakers considering federal laws on data privacy, but said they should not follow laws in California and the European Union that she said let people treat their personal digital data as private property.
“Property-style privacy rights do not actually serve American consumer interests,” Bambauer said in testimony prepared for the Senate Judiciary Committee. “They will burden the digital economy with transaction costs, and there is little reason to think that the compliance costs or behavioral changes will have a meaningful relationship to harm.”
But senators, pointing to the vast amounts of data collected from digital devices and the difficulty of keeping that information private, said something needs to be done.
“I don’t want to destroy the goose that laid the golden egg in terms of innovation,” said Sen. Lindsey Graham, R-South Carolina, and chairman of the committee. “I think all these social media outlets have enriched our lives, but there’s a downside and potentially a dark side.”
The remarks came during a hearing that called together experts on data privacy, advocates and representatives from tech giants Google and Intel. While they all agreed that there is a need for laws that protect consumer data, they disagreed over how much privacy should be granted and how best to present consumers with the option to keep their information private.
They said data collection needs to continue – many devices, like phones, will not operate without location information, for example, and data helps them improve and innovate new products. It also allows services to be offered free, something most consumers take for granted.
David Hoffman, associate general counsel and global privacy officer for Intel, said it is wrong to blame tech companies like his for the harm done by businesses that “monetize and weaponize the data of others.”
“Calling a data broker a technology company is like calling a paparazzi an investigative journalist,” he said.
Hoffman said Intel supports data protection, but that many proposed state laws “unduly restrict the use of data, even in situations where the use does not increase privacy risk or harm to the individual.”
Will DeVries, senior privacy counsel at Google, said the company supports privacy laws, including the one in California that is scheduled to take effect in January. He added that if consumers do not trust the company, they will seek the services elsewhere.
“If our users don’t trust us, they won’t use our products,” DeVries said. “Privacy isn’t a slogan, it’s vital to our business.”
But lawmakers harped on reports of data being collected on everything from location to contacts to purchase and search histories, collection often done without the consumer’s knowledge.
As he has in the past, Sen. Josh Hawley, R-Missouri, criticized Google for the fact that its phones continue to track location, even when the phone is turned off.
“Americans have not signed up for this,” Hawley said. “They think that they can opt out of the tracking that you’re performing. They can’t meaningfully opt out.
“It’s kind of like that old Eagles song, ‘You can check out any time you like, but you can never leave.’ That’s kind of what it’s like dealing with your company,” he said to DeVries.
DeVries and Hoffman both said collecting and using data – ethically – is important to society and innovation.
Bambauer said the solution is not keeping companies from collecting the data, but regulating how they use is that is the best route to protecting consumers, turning it over to an agency like the Federal Trade Commission, for example.
“We really are interconnected,” she said after the hearing. “If I demand a right to close off information about myself, that doesn’t just affect me, it affects the entire market.”
Bambauer said that legislatures should not rush into creating data privacy laws. Faced with an uncertain future, she said, their default is to close off access to data but that, “If we look at the past, we see example after example … that siloing off the data is worse for consumers.”
Alastair Mactaggart, chairman of Californians for Consumer Privacy, which helped create the California data law, said “privacy is not partisan” and he encouraged the committee to use California’s law as a starting point. That law will require that consumers be able to opt-out of companies selling their data and be able to know what data have been collected by companies.
Sen. Dianne Feinstein, D-California, said she would “not support any federal privacy bill that weakens the California law.”
“Individuals should have as much control as possible over their personal data,” she said
Bambauer said there is a need for legislation, but that California and the EU are the wrong models to follow.
“We need to be thinking less about who owns and gets to control what, and instead asking, ‘What are the harms, what are the risks and how do we reduce them?'” she said.
Sign up for CRONKITE DAILY to catch up on the latest news.