User privacy loses out again: it is time for the U.S. to act

On December 18, The New York Times revealed that Facebook gave tech giants greater access to people’s data than it has disclosed to the public and to members of the U.S. Congress.

According to the Times, through some “special arrangement,” Facebook increased its ad revenue while Amazon, Microsoft, Spotify, Netflix, and others gained access to massive amounts of private user data, including private messages, without oversight and without people’s knowledge or consent. As big tech companies share the revenue pie among themselves, it is people’s privacy and online competition that lose out.

This is not the first story of its kind. This has been the year of data scandals, showing just how important it is to rein in big companies and protect people’s privacy. From Cambridge Analytica, Facebook disclosing data to apps developers, to massive data breaches by tech companies such as Uber, Google +,  and T-Mobile, and beyond,  including the breaches by Marriott Hotel and British Airways. Recently, documents published by the U.K. Parliament revealed that Facebook gave preferential access to data to “white-listed” companies, without users’ knowledge or consent, and while making such access harder for rivals, such as Twitter’s defunct video app Vine.

These stories, together with the latest revelations published by The New York Times, demonstrate the urgent need for countries around the world to take action to protect users’ privacy so that we can regain control of our personal information. Passing comprehensive data protection laws is especially urgent for the U.S., where many of the world’s biggest tech companies are headquartered.

2018 has been a terrible year for people’s privacy, as we learned just how dismissive and disrespectful big companies like Facebook can be. That must change. 2019 must be the year of privacy and data protection, in the U.S. and all around the world,” said Estelle Massé, Global Data Protection Lead at Access Now. “Scandal after scandal, breach after breach, the case cannot be made clearer: the U.S. needs a comprehensive privacy law, and it needs it now.”

Countries around the world, such as India or the E.U., have or are working on binding privacy rules to protect people’s privacy. The U.S. must act swiftly and respond to this urgent challenge, too, as prescribed by a United Nations resolution passed by consensus on Monday, December 17, 2018.

To assist U.S. lawmakers in this process, Access Now has prepared a guide with 15 recommendations for the development of a data protection framework. We also published a proposal to outline what such a law should include. Finally, Access Now is submitting comments to the U.S. Federal Trade Commission calling for implementation of such a framework in the context of the Commission’s series of hearings on Competition and Consumer Privacy in the 21st century. Yesterday’s story from The New York Times is yet another reminder that laws to protect privacy are absolutely necessary to safeguard user rights digital era.