Dec 26, 2018

Why privacy regulations are no longer a pipe dream

Illustration: Aïda Amer/Axios

Just over a year ago, the notion of passing a consumer privacy law was laughable. Now the tech giants that once said rules would break their business now want Congress to draft bills.

Driving the news: Google CEO Sundar Pichai told Congress at a recent hearing that the search giant supports legislation, the latest tech executive to agree that a national privacy policy is needed. And Democrats now in charge of the House are itching to make good on their promise to slap some rules on Big Tech after a year of scandals.

The big picture: Tech giants have made their fortunes peddling users' personal data. A broader public recognition of how powerful their data is (and dangerous in the wrong hands), coupled with a growing distrust in social media and tech companies, have given policymakers more leverage to put in place new regulation — even in an administration focused on de-regulation.

The backstory: Early in the Trump administration, the Republican-controlled Congress overturned the FCC's privacy rules for internet service providers such as AT&T and Comcast. Trade groups for tech companies lobbied behind the scenes to undo the rules, even though the rules didn't apply to web platforms like Google and Facebook.

But that's when the momentum toward federal privacy rules really picked up. Here's how the narrative turned:

1. The data scandals started rolling in. The biggest was Facebook's Cambridge Analytica disaster, in which user data leaked to third-party developers. CEO Mark Zuckerberg was hauled before Congress to explain how it happened.

  • Last week, the Washington D.C. attorney general sued Facebook for being "fast and loose" with user data.
  • Google said this month it was shutting down its social network Google+ earlier than planned after a software bug exposed private profile data to app developers. It's closure was triggered by another security issue.
  • Also over the past year, a number of major companies, including Marriott and UnderArmor, have disclosed data breaches or hacks affecting 100 million customers or more.
  • Several media investigations — like the NYT's piece on apps tracking location data 24/7 — show how pervasive tracking is and how that information can be used.

2. Public perception turned. The percentage of Americans concerned that the government wouldn't do enough to regulate tech companies jumped to 55% in February of this year, according to an Axios-SurveyMonkey poll. (Still, most Americans said they largely think tech companies have had positive effects on society.)

3. In Europe, the strict General Data Protection Regulation took effect in May and represented a sea change in how companies notify consumers about their data collection practices.

  • That forced companies dealing in data — which is essentially all major companies these days — to request permission before sharing personal data with third parties, and give consumers access to the data that firms have collected about them.
  • Because of the high fines associated with not complying with the law, GDPR is now becoming the global standard for how businesses mine consumer data. Some argue that, as a result, the U.S. should have a similar standard.

4. The White House got interested. Staffers in the National Economic Council recognized the global swirl around data privacy and began meeting with major corporations to get feedback on a potential privacy framework.

5. States took matters into their own hands. California passed a law putting restrictions on Google, Facebook and other companies in the business of gathering data directly from consumers. Vermont also passed its own privacy law this year aimed at data brokers.

  • That patchwork of different rules makes it tough for internet companies to do business across states — so they'd rather have a national law to pre-empt the states.

6. And the Democrats won the House. After the springtime Zuckerberg hearings, House Democrats vowed to make passing privacy legislation a priority if the House flipped after the mid-terms.

  • And 15 Democratic senators have introduced a privacy bill that would require apps, websites and other services that collect data to protect customer information and be subject to fines for misusing data.

Between the lines: Tech companies may say they're on board with privacy rules of some sort, but they've stopped short of committing to specific provisions, such as letting consumers opt in to data collection instead of forcing them to opt out.

What's next: When proposals get fleshed out in early 2019, industry lobbyists will be working hard to shape the details.

Go deeper

George Zimmerman sues Buttigieg and Warren for $265M

George Zimmerman in Sanford, Florida, in November 2013. Photo: Joe Burbank-Pool/Getty Images

George Zimmerman filed a lawsuit in Polk County, Fla. seeking $265 million in damages from Democratic presidential candidates Pete Buttigieg and Elizabeth Warren, accusing them of defaming him to "garner votes in the black community."

Context: Neither the Massachusetts senator nor the former Southbend mayor tweeted his name in the Feb. 5 posts on what would've been the 25th birthday of Trayvon Martin, the unarmed black teen Zimmerman fatally shot in 2012. But Zimmerman alleges they "acted with actual malice" to defame him.

4 takeaways from the Nevada Democratic debate

Photo: Mario Tama/Getty Images

The relative civility of the last eight Democratic debates was thrown by the wayside Wednesday night, the first debate to feature the billionaire "boogeyman," Michael Bloomberg, whose massive advertising buys and polling surge have drawn the ire of the entire field.

The big picture: Pete Buttigieg captured the state of the race early on, noting that after Super Tuesday, the "two most polarizing figures on this stage" — Bloomberg and democratic socialist Bernie Sanders — could be the only ones left competing for the nomination. The rest of candidates fought to stop that momentum.

Klobuchar squares off with Buttigieg on immigration

Buttigieg and Klobuchar in Las Vegas on Feb. 19. Photo: Mario Tama/Getty Images

Former South Bend, Ind., Mayor Pete Buttigieg went after Sen. Amy Klobuchar on the debate stage Wednesday for voting to confirm Customs and Border Protection Commissioner Kevin McAleenan and voting in 2007 to make English the national language.

What she's saying: "I wish everyone was as perfect as you, Pete, but let me tell you what it's like to be in the arena. ... I did not one bit agree with these draconian policies to separate kids from their parents, and in my first 100 days, I would immediately change that."