After the data of 87 million Facebook users was compromised by Cambridge Analytica, the future of online privacy and who has the responsibility to regulate and protect it is in question.
While legislation at the federal level may prevent or at least protect consumers from future breaches of privacy, what can be done at the state level is much more limited.
State Rep. Jimmy Anderson, D-Fitchburg, said he has not heard of any proposed legislation at the state level.
“Doing this kind of legislation at the state level is hard because of interstate commerce and First Amendment issues,” Anderson said. “If something is deemed as interstate commerce, as Facebook likely is, it is up to the federal government to regulate it. First Amendment issues, also, because this has to do with speech, and if you are regulating speech, any regulations come across at the federal level.”
Rep. Chris Taylor, D-Madison, said she is also watching to see what happens at the federal level, specifically, legislation proposed by Senators Amy Klobuchar, D-MN, and John Kennedy, R-LA.
According to a press release issued April 12, the two senators announced they would introduce legislation that would protect the privacy of consumers’ online data by improving transparency, strengthening consumers’ recourse options when a breach of data occurs, and ensuring companies are compliant with privacy policies that protect consumers.
State legislators unanimously vote to protect internet privacy in Wisconsin
More specifically, the proposed legislation will give consumers the right to opt-out and keep their information private by disabling data tracking and collection. It also proposes to provide users greater access to and control of their data, require terms and service agreements to be in plain language and mandate that users be notified of a breach of their information within 72 hours.
“Consumers have the right to know if their personal information is being sold and they have the right to easily see what data has already been sold or distributed,” Klobuchar said. “Most importantly, consumers should have the right to keep their information private, be alerted when a data breach has occurred, and be informed of the remedies available to them when their personal information is compromised.”
In his hearing on April 10 and 11, Facebook founder Mark Zuckerberg said he was not opposed to legal regulation of the platform and said he would support legislation like that proposed by Senators Klobuchar and Kennedy. Other ways of regulating Facebook have been suggested, including extending the European Union’s General Data Protection Regulation worldwide.
As reported by the Guardian, companies under the GDPR are required to protect the personal data and privacy of all residents of European Union countries. But while Zuckerberg said Facebook intends to make GDPR settings available everywhere, there is speculation, as reported by The Verge, as to whether this will actually take effect for all users May 25.
Nonetheless, Taylor said she was “heartened” to hear Facebook intends to comply with European Union law.
“I think we are going to see some changes,” Taylor said.
Supreme Court hears oral arguments in academic freedom, free speech case
According to the Associated Press, all Facebook users who may have had their data shared with Cambridge Analytica were notified beginning April 9. All Facebook users, regardless of their data status, were provided a link on their feeds that informed them of what apps they have used and what information they have shared.
Another option could be regulating Facebook as an “information fiduciary.”
“Facebook would essentially have to be the fiduciary for your data and information, and act in your best interest,” Anderson said. “Facebook would be held accountable if they did not, which would prevent them from going behind your back. Establishing this would make sure Facebook is held accountable.”
In the meantime, however, a few simple changes made to users’ privacy settings can be made, University of Wisconsin associate professor in the School of Journalism & Mass Communication Christopher Wells said.
Wells suggested downloading the data Facebook has collected about you and what companies are targeting you through the platform.
“All companies are scraping up data to create profiles for people,” Wells said. “That is not escapable.”
Gerrymandering gives way to lack of bipartisan legislation, Whitford says
Anderson advocated for reading the terms and service, noting the importance of knowing the different controls available to users.
While disabling or enabling certain privacy settings may seem easy enough, Taylor believes there should be a clear and explicit option to “opt-in and opt-out” when sharing personal data on Facebook. Even facial recognition technology, used when tagging friends in photos, is a way of sharing personal information Taylor said.
“There is a lot we can do, and of course we don’t want to curtail innovation and creativity,” Taylor said. “But at least make it easy to understand what is going to be shared and what isn’t.”
