For nearly one year, federal lawmakers have been working behind closed doors to draft a sweeping federal data privacy law. Although public interest groups representing a broad spectrum of the U.S. public have agreed to key privacy principles, federal lawmakers in Congress have failed to reach bipartisan support for commonsense protections. What’s noteworthy about this process is how little the public knows about it, despite how close industry lobbyists have been to the congressional deliberations.
Now, more than a dozen grassroots organizations, representing millions of people, have launched a website that makes it easy for people to contact their federal lawmakers and demand real action from Congress for meaningful privacy protections: FightforPrivacy.co.
The website will also serve as a hub for future online days of action and other initiatives encouraging mass grassroots education and engagement on the issue of privacy in the digital age.
The endorsing organizations—which include Fight for the Future, Public Citizen, MediaJustice, Consumer Action, Campaign for a Commercial-Free Childhood, Presente.org, MPower Change, Privacy Rights Clearinghouse, Ranking Digital Rights, Media Alliance, X Lab, RootsAction, Oakland Privacy, and Coworker.org—believe that any such law must:
* Guard against discrimination. Any federal privacy law must include civil rights protections. People should not be left without protections when algorithms fueled with bias withhold housing and employment opportunities, as has been reported across several online and social platforms. We can and should aim to build a world free of racism and bias.
* Protect people’s right to sue companies that violate their privacy. People should have a private right of action when companies violate their privacy. Leading public and consumer interest groups agree. So does the Attorney General of California, Xavier Becerra, who publicly asked for a private right of action for California residents given that his office would only have the resources to seriously pursue a handful of cases each year.
* Act as a floor and not a ceiling for state-level privacy protections. It was only because of state-level privacy laws that Equifax notified all users about its notorious 2017 breach that impacted nearly half of the U.S. adult population. Even if the federal law grants people the strongest protections, state legislatures are better equipped to pass new laws in response to emerging threats.
If Congress continues down its current course—behind closed doors and away from public consultation–the end result will likely be a fake bill backed by the industry that allows the worst forms of data harvesting and abuse to continue. The time for Congress to get real about privacy is now.
The following can be attributed to Evan Greer, Deputy Director of Fight for the Future:
"It’s deeply concerning how much face-time federal lawmakers are giving lobbyists as they draft a law intended to protect people from the industries that bankroll those lobbyists. For decades banks, marketers, and savvy technology companies have demanded Congress let them regulate themselves, and they’ve promised time and time again to protect people’s confidential and sensitive information. The results of this approach have been a failure. Most people have given up on their right to privacy, a fundamental principle of a free society. It’s time for lawmakers in Congress to shut out industry and welcome the public to the table—only then will we have privacy protections that matter."
The following can be attributed to Tracy Rosenberg, Exec Dir at Media Alliance and coordinator at Oakland Privacy
"Technology moves rapidly. It’s a cliché, but the reality of regulating technology is that yesterday’s law is not always applicable to tomorrow’s innovations. Even if the 2019-2020 Congress were able to enact an admirably comprehensive consumer privacy law, new technological capacities may require modifications in the future. States are far more capable of acting quickly and responsively than the federal government. But they are only able to do so if it is not prohibited. To give an example, federal preemption of mortgage finance regulations tied the hands of many states when the subprime mortgage crisis hit in 2007-2008. We don’t know what the future holds until we get there. In 2012, we would not have realized that our light switches would be gathering our personal data. But they are. We shouldn’t pretend that we can pass the one and only federal consumer privacy law today for all time"
The following can be attributed to Erin Shields, National Field Organizer at MediaJustice (formerly the Center for Media Justice):
"Data privacy is one of the most important issues that the public and Congress will grapple with over the coming years. Companies have shown us time and time again that they cannot be trusted to respect user rights regarding personal data. Congress must act now to protect the digital civil rights of their constituents and not the interests of corporate bottom lines. Too frequently, data is collected coercively or completely devoid of informed user consent, and is then run through unaudited and unaccountable algorithms or bought and sold by data brokers. Who pays the price? Most often communities historically targeted and marginalized, those with the least resources to actualize their fundamental right to privacy. Understanding this reality, MediaJustice is committed to making sure privacy and civil rights remain linked and demanding any proposed legislative solutions center the people of color most impacted by harms and not the corporations and agencies who have caused them. This is not an issue that can be solved by sloppily cobbling together industry-approved solutions, but rather, we ask that congressional members engage critically and thoughtfully with the concepts of data privacy and be willing to offer and fight for meaningful solutions that grasp at the root of data-fueled discrimination."
The following can be attributed to David Monahan, Campaign for a Commercial-Free Childhood:
"In July, the FTC gave Facebook a meek slap on the wrist, sweeping under the rug a laundry list of misdeeds, including illegal data collection from children as young as five years old. It’s clear that our current regulatory framework is inadequate to protect Americans’ privacy, especially of the most vulnerable: children. The Children’s Online Privacy Protection Act took effect in 2000 and desperately needs an update – and real enforcement. Without new policies that put kids’ needs above Big Tech’s thirst for data and profit, we are dooming our children to a world of commercial surveillance designed to push consumerism at the expense of wellbeing."
The following can be attributed to Robert Weissman, president of Public Citizen:
"No one signed up for a surveillance society in which a handful of giant corporations know our most intimate thoughts, track our every movement, control the information we receive and monitor our communications. But that’s the situation in which we all increasingly find ourselves. The solution is a national minimum standard to protect our privacy and digital rights, secure our data, and restrain Big Tech’s abusive and discriminatory practices. Big Tech has a different answer: A weak national standard that overrides the ability of states to adopt stronger standards and hold the tech titans accountable. Our coalition is not going to let that happen."
The following can be attributed to Linda Sherry, Director of National Priorities at Consumer Action:
"Consumers must have control over their personal information. It’s time for Congress to act on consumers’ growing demands for the right to know, limit, correct and delete data that is collected about them. Lawmakers must pass a strong federal data protection law that requires companies to obtain permission before sharing personal data with others, and holds companies accountable when they abuse the consumer’s trust."