WASHINGTON (AP) — Momentum is gaining in Washington for a privacy law that could sharply rein in the ability of the largest technology companies to collect and make money off people’s personal data.
A national law, the first of its kind in the U.S., could allow people to see or prohibit the use of their data. Companies would need permission to release such information. If it takes effect, a law would also likely shrink Big Tech’s profits from its lucrative business of making personal data available to advertisers so they can pinpoint specific consumers to target.
Behind the drive for a law is rising concern over the compromise of private data held by Facebook, Google and other tech giants that have earned riches by aggregating consumer information. The industry traditionally has been lightly regulated and has resisted closer oversight as a threat to its culture of free-wheeling innovation.
Support for a privacy law is part of a broader effort by regulators and lawmakers to lessen the domination of companies like Facebook, Google and Amazon. Some, including Sen. Elizabeth Warren, a Democratic presidential candidate, have called for the tech giants to be split up.
The Trump White House has said in the past that it could endorse a broad data privacy law.
The big tech companies have been nervously eyeing a tough privacy law taking effect next year in California. That measure will allow Californians to see the personal data being collected on them and where it’s being distributed and to forbid the sale of it. With some exceptions, consumers could also request that their personal information be deleted entirely.
Whatever federal privacy law eventually emerges is expected to be less stringent than the California measure and to supersede it. As a result, the tech industry is trying to help shape any national restrictions.
“This is the first time ever that the industry wants legislation,” said Jeffrey Chester, executive director of the Center for Digital Democracy, a privacy advocacy group. “The industry is terrified.”
On Tuesday, a House committee will press Google and Facebook executives about another urgent concern involving Big Tech: Whether they’re doing enough to curb the spread of hate crimes and white nationalism through online platforms. The Judiciary Committee hearing follows a series of violent incidents fueled in part by online communication.
Facebook, used by 2-billion-plus people including over 200 million in the U.S., has been a particular lightning rod for industry critics. Having had its reputation tarnished over data privacy lapses, a tide of hate speech and a spread of disinformation that allowed Russian agents to target propaganda campaigns, Facebook appears ready to embrace a national privacy law.
Facebook’s founder and CEO, Mark Zuckerberg, published a column last month in the Washington Post calling for tighter regulations to protect consumer data, control harmful content and ensure election integrity and data portability.
“The internet,” Zuckerberg wrote, “needs new rules.”
Amazon says it has built its business on protecting people’s information, “and we have been working with policymakers on how best to do that.”
“There is real momentum to develop baseline rules of the road for data protection,” Google’s chief privacy officer, Keith Enright, has said in a policy paper. “Google welcomes this and supports comprehensive, baseline privacy regulation.”
A sweeping “privacy shield” law in the European Union, covering how tech companies handle personal data in the 28-country bloc, should be a model, Zuckerberg wrote. EU regulators recently fined Google $1.7 billion for freezing out rivals in the online ad business — their third penalty against the search giant in two years. The EU watchdogs have also ordered Apple and Amazon to pay back taxes and fined Facebook for providing misleading information in its acquisition of WhatsApp.
On Monday, Britain unveiled plans to vastly increase government oversight of social media companies, with a watchdog that could fine executives or even ban companies that fail to block such content as terrorist propaganda and images of child abuse.
The entire debate cuts to the heart of Big Tech’s hugely profitable commerce in online users’ personal data. The companies gather vast data on what users read and like and leverage it to help advertisers target their messages to the individuals they want to reach. Facebook drew 99% of its revenue from advertising last year. For Google’s parent Alphabet, it was 85%, according to Scott Kessler of the research firm CFRA.
Amazon, too, doesn’t just sell products online; it provides ad space, too. The company doesn’t say how much but has said that the “other” revenue in its financial reports is mainly from ads. Its “other” revenue topped $10 billion last year, more than double what it was in 2017.
The tech giants’ problematic relationship with advertisers was spotlighted by action regulators took last month. The Department of Housing and Urban Development filed civil charges against Facebook, accusing it of allowing landlords and real estate brokers to exclude certain racial or ethnic groups from seeing ads for houses and apartments. Facebook could face penalties.
The company has separately agreed to overhaul its ad targeting system and end some of the practices noted by HUD to prevent discrimination in housing listings as well as credit and employment ads. That move was part of a settlement with the American Civil Liberties Union and other activists.
Besides crafting a bipartisan data-privacy measure in Congress, lawmakers are considering restoring Obama-era rules that formerly barred internet providers — like AT&T, Verizon and Comcast — from discriminating against certain technologies and services.
Sen. Ron Wyden, D-Ore., has proposed fines and jail time for executives of companies guilty of data breaches.
The U.S. Chamber of Commerce and the Business Roundtable, representing CEOs of major companies, have presented their own proposals to curb privacy abuses. At the same time, President Donald Trump has echoed complaints from some conservative lawmakers and commentators that the big tech platforms are politically tilted against them.
“Facebook, Twitter and Google are so biased toward the Dems it is ridiculous!” he has tweeted. And he told a rally crowd, “We’re not going to let them control what we can and cannot see, read and learn from.”
Tech executives and many Democrats have rejected those assertions as themselves politically biased. Still, Trump has threatened to push regulators to investigate whether Google has abused its role as an internet gateway to stifle competition. And referring to Amazon, Facebook and Google, Trump told Bloomberg News, “Many people think it is a very antitrust situation, the three of them.”
Among the tech giants that are trying to shape any final restrictions is the chipmaker Intel, which has developed its own legislative proposal.
“I think it’s likely we are going to pass a national privacy law by the end of 2020,” David Hoffman, Intel’s associate general counsel and global privacy officer, said in an interview.
By then, the privacy measure emerging in California will have taken effect.
“The California bill is responsible for 90% of the lobbying and political pressure to pass a national law,” said Robert Atkinson of the Information Technology and Innovation Foundation, whose board includes tech executives.
Four senators — Republicans Roger Wicker of Mississippi and Jerry Moran of Kansas and Democrats Richard Blumenthal of Connecticut and Brian Schatz of Hawaii — are working on a national measure. They say it would protect consumers from the abuse of their data and provide legal certainty to ensure that tech companies continue to hire and innovate.
“It would be nice,” said Wicker, who leads the key Senate Commerce Committee, “to have it on the president’s desk this year.”
AP Technology Writer Anick Jesdanun in New York contributed to this report.