Saturday, April 21

Clea Wurster: Privacy act must prevent gathering of consumer information without consent


4.13.op.wurster.caprivacyact-01.png


If you haven’t recently considered going “off the grid” and deleting all social media accounts, you probably haven’t been paying attention to the news.

Social media sites have been continually lambasted for information gathering and selling. Facebook collects your clicks, likes and reactions to posts and ads. Google records everything from what you search and what you watch to what you say to your Android devices. Amazon registers what you like to buy and peruse from its store. Gathering hoards of information about customers is a business model that, up until recently, has been incredibly profitable for companies like Facebook, which garnered upward of $80 per person last year for each of its 207 million American users.

 

It might seem baffling to consider how companies like Facebook are managing to make so much money while providing free services to their users.

Turns out, it’s not all that free, said Paul Eggert, a senior computer science lecturer at UCLA. Facebook and other companies, such as Google and YouTube, harvest valuable information from their users, usually without users’ knowledge. These companies are then able to sell that information to advertising companies, who can, in turn, reach more specific demographics. This practice is promising for the advertising industry because it allows advertisers to personally tailor ads.

But this data gathering model is dangerous to consumers. Data is constantly up for grabs by unknown groups, and breaches are becoming increasingly common. This is why Californians for Consumer Privacy, a group advocating for consumer privacy, is pushing for the California Consumer Privacy Act of 2018, a November ballot measure that would hold tech firms and companies that hoard consumers’ information accountable if users’ data is compromised as a result of a security breach.

The ballot measure is an important step toward transparency and accountability regarding data collection. However, it falls short of doing what some consumers want most: stopping tech firms from collecting consumer data without their consent. The act’s supporters would do well to push for provisions that put restrictions on the data collection process – the cause of the problem in the first place.

Under current California law, tech companies are responsible for protecting the data they gather, but consumers often have difficulty determining what data has been gathered – or compromised, for that matter. Unlike in Europe, where there are stricter regulations concerning whose data can be collected and how the process must be disclosed to customers, consumers in the U.S. aren’t always able to request that the companies disclose what data has been gathered or to whom that data is being sold to.

And high-profile tech breaches, like the Cambridge Analytica scandal, in which the voter profiling firm took the data of millions of Facebook users without their permission, are opening a dialogue about a deeper concern for privacy within the U.S.

Recent security breaches are starting to concern consumers. Some are realizing they should be paying more attention to the sites they’re using and the information companies might have shared without letting them know, said Inez Kaminski, a spokesperson for the California Consumer Privacy Act.

“People are surprised they don’t have (data privacy) rights already,” Kaminski said.

The California Consumer Privacy Act would make the shady business of information-gathering companies more transparent. Under the ballot initiative, companies would be required to disclose the information they gather about a consumer if the consumer requests it and provide information about whom they sell it to. It would also permit users to opt out of the selling of their data and prevent companies from punishing those who opt out of the selling of their data by charging for an otherwise free service or upping costs on paid services.

But under the current text, there is no way for a consumer to prevent companies from gathering their data in the first place, except to entirely disconnect from a company’s services. While that sounds like an easy fix – and one that would really only cost you the use of Twitter, Facebook and other social media platforms – it’s not that simple. Companies gather data on consumers nearly every time they access the internet, whether it be typing out a message on Tinder, searching the symptoms of an illness or making a purchase online. Preventing your data from being collected would require pulling out of an overwhelming number of online services.

While these companies might be financially responsible for breaches of data, the onus is still on the consumer to be knowledgeable about what’s going on behind their screens. These tech companies also have immense power and money to defend their questionable antics: It’s doubtful these firms will back down from their lucrative business model without a significant legal fight – something your everyday consumer may not be able to engage in.

As such, the California Consumer Privacy Act shouldn’t just force tech companies to show their hand, but also stop these organizations from gathering data on consumers who want to maintain privacy.

Certainly, it might seem the bill would threaten California’s economy. Silicon Valley is no small contributor to the California job market, after all. In fact, major tech companies such as Google and AT&T Inc. support an opposing campaign called the Committee to Protect California Jobs.

 

But big tech companies like Verizon, AT&T, Comcast Corp. and Google already face stringent data privacy regulations in Europe – regulations that are largely similar to what the California Consumer Privacy Act prescribes. Meeting policies already required overseas shouldn’t be that big of a concern, Eggert said.

Absolute data privacy may seem like an impossibility in the modern world, but when it comes to protecting consumer’s rights, we shouldn’t stop trying just because tech companies say so. The California Consumer Privacy Act provides a means to preserve users’ privacy – if it’s given the teeth to do so.

Share on FacebookTweet about this on TwitterEmail this to someoneShare on Google+Share on Reddit

Comments are supposed to create a forum for thoughtful, respectful community discussion. Please be nice. View our full comments policy here.