To hear some people talk, you’d think the age of bipartisan action in Congress was a lost phenomenon of the distant past. But it’s not so, at least when it comes to certain issues. And no one knows it better than the big Silicon Valley tech companies that are the recent targets of proposed bipartisan bills.
Sen. Mark Warner, a Virginia Democrat, joined today with a Missouri Republican, Sen. Josh Hawley, to introduce legislation that would force companies like Facebook (NASDAQ: [[ticker:FB]]) and Google (NASDAQ: [[ticker:GOOGL]]) to reveal how much money they’re making by scooping up troves of personal data on their users.
If passed, the legislation would require companies with more than 100 million active users to detail the types of data they collect on people, and the transactions they make with other companies to reap revenue by granting those third parties access to that data.
“When a big tech company says its product is free, consumers are the ones being sold. These ‘free’ products track everything we do so tech companies can sell our information to the highest bidder and use it to target us with creepy ads,” Hawley said in a written statement as he and Warner rolled out the Designing Accounting Safeguards to Help Broaden Oversight And Regulations on Data (DASHBOARD) Act on Monday.
“Even worse, tech companies do their best to hide how much consumer data is worth and to whom it is sold. This bipartisan legislation gives consumers control of their data and will show them how much these ‘free’ services actually cost,” Hawley said.
While Congress has yet to pass stringent data privacy laws like the European Union’s General Data Protection Regulation (GDPR), US lawmakers’ interest in the issue hasn’t flagged since 2017, when detailed reports surfaced that revealed how Facebook had allowed outside organizations to tap into millions of user profiles.
The initial alarms over that data exposure centered on its possible effect on the US presidential election in 2016, when entities controlled by Russia were accused of illegally targeting social media users with misleading campaign-related messages. But Congressional hearings have since expanded their scope to examine a broader concern—that tech companies are monetizing the data of individuals who are often unaware of the breadth of information they’re surrendering.
Under the DASHBOARD Act, big companies defined as “commercial data operators’’ would have to file annual reports disclosing the aggregate value of the data collected from their user populations. They’d have to help the Securities and Exchange Commission develop methods to calculate that value.
In addition, the companies would be required to tell users each of the ways their data was being used, including those uses that have nothing to do with the main purpose of the app or service they signed up for. Users would gain some power to demand that companies delete some or all of the data collected about them.
In a summary of the bill posted on Scribd, Warner said the bill would not only benefit users, but would also assist US regulatory agencies such as the Federal Trade Commission, which protects consumers against business fraud and anti-competitive practices. Once US agencies understand the economic value of data collection, they can better enforce antitrust laws and flag unfair transactions, Warner said. Making the value more transparent could also increase competition by attracting rival companies into the market, he said.
“User data is quickly becoming the single most important economic input in the digital economy,’’ Warner wrote in the Scribd post.
Warner and Hawley have also teamed up to introduce the Do Not Track Act, which would allow users to opt out of unnecessary data collection by tech companies, just as phone service customers can enroll in the FTC’s “Do Not Call” list to ward off telemarketing pitches.
Last week, a Senate committee moved forward a related bipartisan bill sponsored by Warner and Colorado Republican Cory Gardner. That bill, the Internet of Things (IoT) Cybersecurity Improvement Act of 2019, would require IoT devices sold in the United States to incorporate a minimum level of cybersecurity safeguards to protect against data breaches and the infiltration of personal networks by hackers.
Photo credit: Depositphotos