House lawmakers are introducing a bipartisan bill Thursday to update a long-standing children's online privacy law so that parents could force companies to delete personal information collected about their kids.
Starting today, Californians can find out what data certain companies have collected about them, and even ask for it to be deleted, under the new California Consumer Privacy Act.
Why it matters: The law covers residents of the most populous state, but it also has national repercussions. Some companies like Microsoft have already said they'll be extending the practices required under the law to all their customers and users. And other states tend to follow California when it introduces firm rules that don't exist on the federal level.
An exposé for New York Times Opinion out in December called "One Nation, Tracked," by Stuart A. Thompson and Charlie Warzel, walks readers through how they mined a data file of 50 billion location pings from the cellphones of 12 million Americans as they moved through several major cities, including D.C., New York, San Francisco and L.A.
Why it matters: Supposedly anonymous data isn't always all that anonymous.
The supposedly secure messaging app ToTok is actually a spying tool being used by the government of the United Arab Emirates to mass surveil its users, the New York Times reports, citing its own internal investigation and U.S. officials familiar with a classified intelligence assessment.
Why it matters: The app has been downloaded by millions of users in the Middle East, North America, Europe, Asia and Africa, and it was one of the most downloaded social apps in the U.S. last week. Its exploitation by the Emiratis is an illustration of how authoritarian governments are increasingly finding novel and more effective ways to expand their surveillance networks and crack down on perceived enemies or dissenters.
Tech companies appear to be bowing to new privacy rules springing up in Europe, California and elsewhere, putting in place processes to show they're complying.
Yes, but: Some of these moves are smokescreens that allow the companies to avoid making big, painful changes, some legal experts argue — enabled by a legal system that offloads enforcement onto the very companies being regulated.
House Energy & Commerce Committee staff have negotiated a bipartisan discussion draft on federal privacy regulations and began asking industry and civil society groups to weigh in.
Why it matters: The draft, which staffers started circulating Wednesday, is a rare and potentially significant bipartisan step toward a national privacy law, a goal that's proven elusive despite strong, sustained interest from both parties. An effort in the Senate led to dueling Democratic and Republican takes on privacy.
After months of talks on bipartisan legislation, Senate Commerce Committee leaders have unveiled dueling privacy bills ahead of a hearing this week. But insiders believe the process might still yield a compromise both parties can embrace.
What they're saying: "Now there’s actually opportunity for serious negotiations between the different positions," said Jules Polonetsky, CEO of the Future of Privacy Forum, which did a comparison of the two bills. "These bills have more in common than they have dividing them."
A pair of California Democrats want to create a new federal agency to protect U.S. consumers' privacy as part of an online privacy bill unveiled Tuesday.
The big picture: Reps. Anna Eshoo and Zoe Lofgren said their Online Privacy Act would create a "Digital Privacy Agency," give users the right to correct and delete information, and impose new restrictions on companies' use of data. The Silicon Valley representatives are setting a high bar for federal privacy legislation amid bipartisan legislation efforts.
It's more important than ever for companies to have privacy experts, to help them obey proliferating laws on how consumers' data can be used — but it's hard to find people with the expertise to do it.
Why it matters: Privacy is a once-and-future battleground. Without more qualified professionals, everyone’s sensitive information could fall vulnerable to corporate ignorance, mismanagement and whim.
Technology has advanced to the point where research study participants can be identified by their MRI scans even after all other identifying information has been stripped, according to an experiment detailed yesterday in the New England Journal of Medicine and reported on by the New York Times.
Why it matters: If stored medical data were leaked, it could potentially be used to identify study participants for marketing, scams or even stalking.