We've talked at length about how the telecom industry has spent the last few years pushing phony, loophole-filled net neutrality legislation.
Why would the telecom sector do that? They know their successful lobbying assault on net neutrality rules rests on shaky ground. Next month's court battle could easily reverse the FCC repeal, highlighting how the agency engaged in all manner of dubious behavior to kowtow to the telecom sector. They also know that thanks to the shifting winds in Congress and rising public anger, there could soon be growing support for a net neutrality law. Therefore, they want to pass their own, shitty, loophole-filled law to pre-empt tougher, better, state or federal protections.
The same thing is happening on the privacy front. Like the successful lobbyist attack on net neutrality, the cross-industry assault on the FCC's fairly modest broadband privacy rules back in 2017 pissed off those who were actually paying attention to it. Especially because those rules could have helped mitigate the growing roster of location data scandals by giving consumers greater control over how their location data is collected and sold.
As a result, we're starting to see a flood of cross-industry-backed legislation that pretends to fix the nation's lack of meaningful privacy guard rails, but whose real goal is to pre-empt any real state or federal efforts on that front. Case in point: the Google, Facebook, and Amazon-backed Information Technology and Innovation Foundation (ITIF) has been circulating a proposal it has been calling a "grand bargain." Said bargain proposes some fairly basic guidelines, but again the main goal appears to be to pre-empt some of the tougher laws already on the state and federal books, something COPPA backers like Senator Ed Markey aren't particularly impressed by:
"As Congress works to provide the American people with a comprehensive federal privacy law, we should build upon—not dismantle—existing safeguards,” Markey said, responding to ITIF’s proposal. “Getting rid of COPPA is literally like throwing the baby out with the bath water."
To be clear, COPPA (the country's only real federal privacy guidelines largely governing children) is certainly a mixed bag. On the one hand, it's been the source of some of the only punishment the telecom sector has seen for its longstanding mistreatment of consumer privacy. On the other hand, we've long noted that the law has plenty of problems including inconsistent FTC enforcement, and terrible language that often creates idiotic hurdles websites have to overcome. That said, you're not really fixing the problem if the industry's preferred legislation is just as bad.
State-level solutions to both net neutrality and privacy have similarly been a mixed bag. California's proposed net neutrality solution, for example, largely does things right, copying the FCC's discarded net neutrality rules and even adding some useful things (like rules governing the anti-competitive abuse of usage caps). California's state-level privacy law, however, has been widely mocked for being a ham-fisted, rushed solution that fails to remotely understand the problem at hand.
But while groups like the ITIF (also backed by telecom companies, some of the worst offenders on privacy violations) complain that the rise of multiple, discordant state-level privacy protections could create a confusing, fractured landscape of oversight, they brush over the fact that it was their clients that helped create that environment by lobbying to kill what really were some fairly modest FCC privacy and net neutrality rules. As such, maybe they're not the folks we should be leaning on to create new, pre-emptive federal guidelines on either front.
Enter Marco Rubio, who has also started pushing industry backed backed privacy legislation. But again, it's pretty clear that the focus is more on pre-empting tougher state and federal laws than trying to actually build some truly meaningful federal guidelines:
"But the bill would also require any new rules to preempt stronger state laws, like California’s landmark consumer privacy act that was approved last year and is anticipated to go into effect in 2020. Industry groups have been calling for a preemption clause in any federal legislation, saying that one federal law would be easier for companies to navigate rather than being faced with a “patchwork” of state and federal rules.
"It is critical that we do not create a regulatory environment that entrenches big tech corporations,” Rubio said in a statement to Axios. “Congress must act, but it is even more important that Congress act responsibly to create a transparent, digital environment that maximizes consumer welfare over corporate welfare."
While it's true that we need to be careful to avoid shitty federal privacy legislation, that last bit in particular is pretty disingenuous. These bills are being pushed by (and more than likely directly written by) the corporations Rubio is pretending to stand up to. Corporations that know full well that real oversight and informed, educated consumers with the right to opt out of mindless data collection and sales is going to cost the industry billions.
They can pretend they're cool with that all they'd like, but it's pretty clear that's a future they'd like to avoid, preferably by getting their own legislation passed first with an eye on formally legalizing many of these companies worst (and most profitable) ambitions.
Again, if we're going to finally build some meaningful legislative privacy guidelines, the foundation should be the result of a collective conversation among academics, legal experts, industry, consumer groups, and government. Given the high potential for a shitty law due to Congressional dysfunction, that's not going to be a pretty process, but if you've watched the percussive series of total privacy failures in recent years, it's fairly obvious it's a conversation we need to have.
While industry giants obviously have a large role to play in this looming conversation, the entire foundation of any proposed solution should not be built by giant companies with comically-terrible track records on this subject, whose primary motivation is making those protections as flimsy and loophole-filled as possible.