The Trump administration’s Commerce Department is in talks with tech and internet providers, including Facebook, Google, AT&T and Comcast, to craft a proposal addressing online privacy.
The Washington Post reported the news Friday.
Why now? The administration is succumbing to pressure amid global criticism that a lack of online privacy regulation led to foreign meddling in the 2016 US election on Facebook and other platforms.
The Trump administration has already held more than 20 meetings on the topic with trade associations and consumer groups since late June, the Post reports.
The government aims to release a set of ideas this fall that will address web users’ rights regarding how companies collect and handle personal data. Those ideas could eventually become a blueprint for the country’s first federal privacy law.
Here are three reasons why the Trump administration is taking increasing heat to revamp US privacy law.
Europe led by example and sparked a global conversation about online privacy when it implemented the GDPR in May. US laws, archaic by comparison, are under pressure to adapt.
But if the US takes a similar approach to GDPR in addressing online privacy it may favor big tech platforms, which have already invested a lot in compliance across markets. Meanwhile, smaller companies without the means to invest in compliance could suffer.
“Global organizations don’t want one privacy and security policy for Europe and one policy for the US,” said Mike Anderson, chief technology officer at Tealium, in a previous AdExchanger story. “We’ll see them take the most difficult standard and just deploy that across the board.”
Tech giants and members of the Republican Party, however, are calling for a lighter touch-regulation that doesn’t hold companies as financially accountable for noncompliance, according to the Post.
Regardless of how the law turns out, the question remains: is the US government informed enough about how the internet works to write regulation that will hold platforms accountable, or will it inadvertently strengthen their already dominant positions in the market? If the Mark Zuckerberg congressional testimony is any example, tasking politicians with creating effective regulation could prove challenging.
- Keeping California quiet
With California cooking up its own privacy law, the US government has incentive to come up with a federal solution to avoid a fragmented, state-led approach to privacy.
The California privacy law, signed by Governor Jerry Brown earlier this month, takes a much stricter approach to online privacy regulation than GDPR. The law allows consumers to ask companies to completely opt out of having their data collected and sold to third parties.
Not only would that hurt the online ad industry, but it would create a compliance headache for companies that would have to adapt to different privacy laws state by state if others follow suit.
“California has such a substantial footprint that whatever happens there could have a significant impact everywhere else – it’s like the nation of California,” said Dan Jaffe, group EVP of government relations at the ANA, in a previous AdExchanger interview. “For years, companies have been using the opt-out system for privacy, but they may not have that choice if the states or others start to force the issue.”
- Cambridge Analytica rebound
The US government has been pressured to regulate Facebook since the Cambridge Analytica scandal blew up in March.
Facebook’s lack of data oversight has affected elections and countries far beyond the US, from the Brexit referendum in the UK to the ongoing violence in India and Myanmar sparked by false information spread on the platform.
It’s at the point where public pressure has made rewriting US privacy laws almost inevitable.
“People increasingly want their privacy protected in some way,” Fatima Khan, chief privacy officer at Demandbase, told AdExchanger in May. “One way they can get it is by making sure the companies with whom they share data don’t do it in a way they find offensive.”