State Rep. Shannon Zimmerman, R-River Falls, has proposed three bills to protect the personal data of Wisconsin consumers from tech companies. The three bills are largely modeled after the General Data Protection Regulation (GDPR) that became EU law in 2018. They would give Wisconsin residents the right to their personal information as collected by online data collectors and would allow them to see whether their information has been sold to third-party companies.
Under these bills, data collectors would also be legally required to stop collecting data upon the consumer’s request and could face up to $20 million in fines for violating these laws. According to Zimmerman, the bills have gained bipartisan support.
The proposed bills would be some of the first of their kind in the U.S. regarding individuals’ rights to their personal data, with the California Consumer Privacy Act (CCPA) having recently gone into effect Jan. 1. Both the proposed Wisconsin bills and the CCPA share legislative characteristics with the GDPR, which so far comprises the most comprehensive personal data collection regulations to date.
The GDPR explicitly states individuals have a fundamental right to their personal data, and that Internet users must consent to their data being collected. Websites and tech companies also must fully inform users of how their data is being used by third-party collectors.
Whereas the CCPA only applies to companies that earn over $25 million per year or collect the data of over 50,000 people, the GDPR requires that all companies with an Internet presence within the EU comply.
For the most part, the CCPA protects online consumers, as one of the main tenets of the act is that tech companies cannot discriminate against web users based on their data preferences. In fact, the overall purpose of the bill is to give residents more freedom over the information they choose to make available to companies while imposing penalties on data collectors that don’t cooperate.
Many sites the CCPA applies to in California are extending the new privacy rights across the U.S., proof that this legislation is already attracting national attention to how personal data collection is regulated online.
Still, there has been pushback — mainly from lobbyists and the tech industry — against the CCPA and the GDPR. One main point of contention is the cost incurred by both tech companies and users under these regulations.
According to Sheila Colclasure, chief data ethics officer at data broker Acxiom, this is because the data industry is the foundation of free content and knowledge online.
Given how valuable our personal data has become — it’s estimated that American companies spent roughly $19 billion in 2018 on consumer data acquisition and analysis — websites usually offer ad-supported free use. This, Colclasure explains, is the preferred alternative to hitting a paywall each time you browse. Others argue that GDPR punishes smaller companies that cannot afford to manage and protect all user data, ultimately giving larger tech companies greater market power.
Again, much of the criticism of the GDPR and CCPA is from within the tech industry. Consumers are largely supportive of laws that protect their personal information online, as evidenced by the global rise of ad-blockers.
Ad blockers are detrimental to Facebook’s business in particular, as its model relies on using information such as an individual’s location and website use to create targeted advertising.
Facebook is not the only tech giant that cares so deeply about its users’ personal data. A Washington Post writer found 974 apps and websites shared his online activity. While it may be obvious location is tracked through various apps and websites, it’s intentionally less apparent that another business may buy that location data to analyze retail behavior.
The majority of the websites we use, like Google Maps and Gmail, are free and do not require a subscription. Instead of money, users pay with personal data, which then helps these websites post targeted ads.
This is why legislation like the GDPR, CCPA and proposed Wisconsin bills are so important. Personal data is constantly tracked, mined and sold without the individual’s knowledge to profit online ad agencies and tech companies that survey anyone and everyone wherever they may scroll.
There is no telling what personal information may be used for in the future unless users can be informed and have control over how they are being tracked online and for what purpose.
Anne Isman ([email protected]) is a freshman studying economics.
