SAN FRANCISCO — Major companies including Amazon, AT&T, Apple and Google are lobbying Congress to craft legislation that would preempt a first-of-its-kind California privacy law that grants sweeping online protections to consumers.
Senior executives from these companies, plus Twitter and Charter Communications, offered a show of industry support for a federal privacy bill with weaker consumer protections during a Senate hearing Wednesday.
Such a bill would block states like California from enacting stronger privacy protections. The executives argued that a patchwork of different state laws would make it tough for companies to operate and would threaten innovation. The takeaway from news outlet Axios: “Tech companies want privacy rules, but on their own terms.”
The testimony on Capitol Hill came one day after the Department of Commerce recommended new regulations on how companies handle consumers’ personal information that were similar to the ones being proposed by the tech and telecom industries.
Sen. Brian Schatz, a Democrat from Hawaii, warned the industry push would not get bipartisan backing if it’s designed simply to supplant a progressive California law with a “non-progressive federal law.”
Consumer advocates, who objected to a Senate hearing without anyone to represent consumers, echoed that sentiment, saying they will fight for more stringent standards.
“The process today was flawed. It began by getting the foxes to agree that the hen house should be protected,” Nathan White, senior legislative manager at advocacy group Access Now, said in a statement. “Instead, Congress should examine the problem from the perspective of those who are at risk of harm: the users.”
Heavy scrutiny of data collection by lawmakers in the wake of the Cambridge Analytica data scandal has resigned the tech and telecom industries to some degree of regulation. Now Congress must weigh the concerns of consumer privacy advocates, who are pushing for people to get more control over how their personal information is collected and used, and the powerful tech and telecom companies that mine that data.
“The question is no longer whether we need a federal law to protect consumers’ privacy. The question is what shape that law should take,” John Thune, a Republican from South Dakota who heads the Senate Commerce panel, said during Wednesday’s hearing.
He says there is growing bipartisan agreement on the need for legislation. His committee has convened a second meeting for early next month to gauge consumer sentiment. California privacy activist Alastair Mactaggart, a San Francisco real estate developer who spent millions of his own money to pass the California privacy law, and Andrea Jelinek, the Austrian head of enforcement for new privacy rules in the European Union, are scheduled to testify.
At issue is California’s new data privacy law, which will hand consumers the right to control what companies know about them and what they do with that information. It’s the most restrictive law on the books in the U.S. but does not go as far as new online privacy rules Europe enacted in May.
The tech industry is pressing for weaker regulations than in California or the European Union. Apple, which doesn’t rely on advertising sales for revenue, was the only company at the hearing to argue that the bar for federal legislation should be set “high enough” to protect consumers.
Earlier this week, Google proposed a business-friendly framework for a federal privacy law. The Trump administration signaled its approach to data privacy when in 2017 it scrapped Obama rules restricting internet providers such as AT&T and Comcast from selling information about consumers’ online browsing habits.
Digital privacy groups say they will soon propose a plan to protect consumers in the U.S.
“Data companies hope they will be able to use their political clout to get Congress to pass a ‘you can get out of protecting privacy’ law,” said Jeffrey Chester, executive director of the Center for Digital Democracy. “We must stop the bleeding of our personal information flowing from our mobile phones, PCs and connected TVs.”
According to the Pew Research Center, 9% of online Americans believe they have “a lot of control” over the information that is collected about them. Nearly three-quarters say it is very important to them to be in control of who can obtain information about them. And two-thirds of online Americans say current laws are not good enough.
The California law signed by Gov. Jerry Brown in June has brought tech and telecom companies to the negotiating table. The law, which takes effect in January 2020, does not technically protect consumers in other states but its passage has emboldened consumer advocates in other states to push for aggressive restrictions on the collection and use of personal information.
Under the current version of the law, consumers will have the right to know what personal information companies are collecting and why and with which businesses it’s being shared. They will also have the right to direct companies to delete their information and not to sell it. The law also restricts sharing or selling the data of children younger than 16. Consumers who don’t allow companies to sell their personal data must be given the same level of service, but companies will be able to charge them higher fees.
Corporations including AT&T, Verizon, Facebook and Google as well as privacy advocates are lobbying for changes to the law. State lawmakers have said they expect to pass “cleanup bills” to fix issues with the law before it takes effect.
James Steyer, founder of Common Sense Media and one of the California bill’s backers, says the tech industry can’t be trusted to do the right thing on its own.
“It’s a desperate attempt to try to roll back what we just achieved in California, which is landmark protections for consumers, kids and families,” Steyer said. “We understand that the landmark law that we passed is not perfect, but it is a really, really strong start and we have to be careful here not to allow the tech industry to take us backwards.”