Democrats push for stronger privacy laws like the EU’s GDPR to combat problems with Big Tech firms
A 23-page policy paper obtained by Axios reveals a raft of plans by Senator Mark Warner to address problems posed by Big Tech companies in the United States. The proposed plans range from putting a price on individual users’ data to funding media literacy programs and also outlines ways to bring big tech to heel following Russia’s alleged interference in the 2016 elections.
The paper, prepared by Senate Intelligence Committee Vice Chairman Mark Warner’s staff, suggests the introduction of laws along the same lines as Europe’s GDPR regulation could provide an effective way of improving privacy rules. Other suggestions made in the document include a requirement for tech firms to openly identify and label bots.
The policy paper divides the proposals into three categories:
- Combating disinformation,
- Protecting user privacy,
- Promoting competition in the tech space.
In reference to the protection of user privacy, Warner suggests that the US adopt similar data legislation to that of the EU GDPR. He cites several key sections of the GDPR which could be replicated, such as data portability, the right to be forgotten, 72-hour breach notification, and first party consent.
Most notably, first party consent has been singled out as an aspect of the GDPR that the US could adopt, as a way of preventing third parties from obtaining individuals’ data “without their explicit and informed consent.” However, the report also states that efforts must be made to crack down on dark patterns which are used to manipulate users.
Enforcing stronger privacy laws
The document notes that a US central authority would need to be created to enforce new regulations similar to GDPR. In the UK, the Information Commissioner’s Office (ICO), is the official regulator for the enforcement of the stronger privacy laws enshrined in the GDPR. Likewise, other EU member states have their own privacy regulators. However, the United States currently lacks a comparable authority.
Mimicking the GDPR is only one of a number of suggestions submitted in the document. One idea would be to legally require platforms to identify and label bots, and to be liable for claims such as defamation, invasion of privacy, false light, and public disclosure of private facts.
The paper readily acknowledges that the policy ideas will spark a number of questions:
In many cases there may be flaws in each proposal that may undercut the goal the proposal is trying achieve, or pose a political problem that simply can’t be overcome at this time.
Major tech policy proposals such as these rarely achieve the velocity required to be implemented. And since the Democrats hold neither house it seems unlikely that these proposals will develop into anything more than just ideas.