In your face, US citizens! Govt can’t save you from corporate eyes
Tech firms evading ‘basic limits on their ability to collect, monetise data’
Alvaro Bedoya, the founding executive director of the Center on Privacy and Technology at Georgetown Law, has claimed that industry lobbying is shutting down Washington’s ability to protect privacy in the face of the commercial exploitation of consumers' data.
In an article in Slate, Bedoya, a former chief counsel to the Senate Judiciary Subcommittee on Privacy, Technology, and the Law, explained the details behind his colleagues' decision to finally exit from talks being held to establish a code of conduct for the commercial application of facial recognition technology in the US.
Although lauding the glories of 2 June, when the US Senate passed the USA Freedom Act, which in practice added but a minor inconvenience to the US government's surveillance activities, Bedoya notes that a mere fortnight later privacy advocates walked out of talks with industry regarding consumer privacy.
The talks, which were to establish a voluntary set rules for companies employing facial recognition technology, collapsed after the privacy advocates left, citing industry representatives' non-cooperation.
As checks strengthen on government surveillance, tech companies are evading even basic limits on their ability to collect, share, and monetise your data.
At the heart of this divide is an increasingly formidable force: industry lobbying.
The Georgetown Law bod explained that the NTIA-hosted talks collapsed when trade groups representing the US' leading tech companies, advertisers, and retailers, rejected the privacy advocates proposal that, in general, companies should get consumers' permission before using facial recognition technologies to identity them.
Bedoya states that representatives from Facebook and Microsoft rejected the proposal too, despite what he notes is an established business standard in favour of receiving prior, informed consent from consumers when using facial recognition technology, excluding the ZuckerBorg.
"So why did companies reject a voluntary rule to codify it?" he asks.
"I believe it had to do with the fact that most of the industry representatives in the room didn’t work for companies," Bedoya answers, claiming a lack of understanding about the consumer pressures their member companies experience, and those pressures which the association lobbies to mitigate.
While privacy violations from major companies might provoke user revolt, and stock price tumbling, industry associations are insulated from the immediate market effects of poor policies. "The end result," said Bedoya, "is a lobbying apparatus that is untethered from the realities of many of the businesses that it serves."
You may have heard of 'yes men.' In Washington we have 'no men': industry lobbyists whose primary purpose is to stop attempts to regulate their members' products and services, and who have no product or brand that could be hurt by their efforts. The tech industry can increasingly afford a lot of 'no' men.
The breakdown in the facial recognition talks must be placed within "a broader pattern of industry lobbying that is shutting down Washington's ability to protect consumer privacy", he added.
Citing the creation of the FTC and the passing of privacy laws which have applied to, among others, banks, phone companies, ISPs, schools, telemarketers, and online companies targeting children, Bedoya said Congress has championed commercial privacy protections for decades.
"Then, after updating the federal health privacy law in 2009, it essentially stopped. Aside from passing a 2011 law that narrowed the federal video privacy law, Congress hasn’t passed a single consumer privacy law since 2009."
Bedoya claims that in the absence of industry lobbying, he would not expect "a flood of new consumer privacy laws", nor for Congress to rush through some kind of "comprehensive consumer privacy legislation".
Moreover, the proliferation of data-mining technologies (the Internet of Things) is creating an enormous area for malicious attackers to snap up individuals' sensitive information; essentially a Loophole of Things, a legal atmosphere in which "the digital facts of our physical lives are subject to startlingly few privacy protections". ®