Follow Datanami:
April 13, 2018

Are Strict New Data Regulations In the Offing?


Following an extraordinary week of testimony by Facebook CEO Mark Zuckerberg on Capitol Hill, the possibility of stricter data regulations in the United States is more plausible than ever. A groundswell of support to give U.S. citizens stronger digital privacy protections seems to be on the precipice of reaching a critical mass, and Web giants even seem to be inviting government intervention. But will that be enough to pass a GDPR-style law in the land of the free and the home of the brave?

The rise of the digital economy has been, up to this point, a decidedly American creation. The combination of free-market capitalism and unfettered technological innovation has resulted in an incredibly robust digital marketplace of goods, services, and ideas. According to the Bureau of Economic Analysis, the digital economy accounted for 6.5% of the total U.S. economy in 2016, or $1.2 trillion. Of course, the Internet’s potential reach goes far beyond that, which explains why three of the most successful Silicon Valley firms — Google, Facebook, and Apple – are collectively worth more than $2 trillion in stock market capitalization.

We’re currently in the midst of a second dot-com boom in Silicon Valley, and the fuel driving this boom is data. Firms that develop the capability to collect and store the most data have an inherent competitive advantage over their data-deprived competitors. With the advent of deep learning techniques that deliver better predictions the more data you feed them, data itself has become a highly valued commodity, not unlike dollars or gold.

Consumers have been the early beneficiaries of this 21st-century land grab, thanks to an array of Web and mobile applications that cater to their every need. Outside of Silicon Valley, we’re watching big data tech dribble out into the broader economy, where the same math applies: Those companies with the better grasp of what customers and consumers want, and when they want it, have an inherent competitive advantage compared to those who don’t. And data, once again, is the key to unlocking that knowledge.

The U.S.’s laissez-faire approach to data may no longer work

But of course, there’s a price to all those free apps and highly personalized services: your personal privacy and control over your data. The Web giants have developed hugely sophisticated systems designed to collect and monetize every piece of data consumers share with them – whether consumers know it or not. They’ve been allowed to do this because, well, this is the United States of America, and we believe folks should largely be able to do what they want (within certain limits, of course) until somebody makes a law that says they can’t.

In other words, the general lack of regulation isn’t a bug of American society; it’s a defining feature.

But the time might be up on this Wild-West, anything-goes approach to life and law in the emerging digital economy. The Cambridge Analytica scandal, in which psychographic profiles of 73 million Facebook users were improperly used to construct highly targeted social media outreach during the United Kingdom’s vote to exit the European Union and 2016 Presidential Election, brought things to a head. As Zukerberg admitted in testimony before two Congressional committees, Facebook made mistakes in how it handled data and, in particular, how it vetted access to the data that it collected. Zuckerberg has vowed to do better in the future, which is good. But the big question before American lawmakers now is what, if anything, should be done about it.

What’s so remarkable about Zuckerberg’s testimony is that it comes just weeks before the European Union begins enforcement of the General Data Protection Regulation (GDPR), which gives EU citizens sweeping new powers to control how companies collect, store, and use their personal data. On May 25, every company in the world that serves EU citizens must comply with GDPR or face steep fines that reach into the millions of U.S. Dollars and Euros. While nobody knows exactly how the European Commission’s regulatory body will act, those closest to GDPR remediation efforts expect the EC to make an example out of one of the big American Web firms.

Facebook CEO Mark Zuckerberg was grilled by Senators and Representatives for 10 hours over two days this week.

Zuckerberg faced some of those GDPR questions this week from Senators and Representatives. On Wednesday, in his testimony before the House Committee on Commerce and Energy, Zuckerberg stated clearly that Facebook planned to offer the same data protections to Americans that it is required to provide to Europeans under the GDPR. “All the same controls” will be available, he told Democratic Representative Gene Green of Texas, according to a Wednesday story on The Verge. Zuckerberg told reporters the same thing a week earlier, when, during a conference call, he said: “Overall I think regulations like this are very positive…We intend to make all the same controls available everywhere, not just in Europe,” according to a TechCrunch story.

Whether or not Facebook extends GDPR protections to US citizens or people of other countries, as it has indicated that it will do, has yet to be seen. The Web giant is surely under pressure to self-regulate its global operations as it complies with GDPR for EU citizens. The Trans Atlantic Consumer Dialogue issued a letter to Zuckerberg on Monday in which it urged Facebook “to adopt the [GDPR] as a baseline standard for all Facebook services.”

However, it may be too late for self-regulation, if comments from American lawmakers from both ends of the political spectrum are any indication. “In the past, many of my colleagues on both sides of the aisle have been willing to defer to tech companies’ efforts to regulate themselves… But this may be changing,” said John Thune, the Republican senator from South Dakota. “If Facebook and other online companies will not or cannot fix these privacy invasions, then we will,” said Senator Bill Nelson, a Democratic senator from Florida. Iowa Senator Chuck Grassley, the Republican chairman of the Judiciary Committee, summed it up neatly when he stated “The status quo will no longer suffice.”

Facebook says it will provide GDPR controls for users all over the world

As the countdown for GDPR continues, a drumbeat of increased regulation is picking up steam in the US. This week, the Mozilla Foundation called for tighter regulations of Google, Amazon, Facebook – as well as Chinese Web giants like Baidu, Tencent, and Alibaba — as a way to fight the monopolistic business practices that undermine privacy, openness, and competition on the Web. “Corporations are gaining unfettered access to our personal lives,” Mozilla wrote in its inaugural Internet Health Report. “As their capacity to make sense of massive amounts of data grows through advances in artificial intelligence and quantum computing, their powers are also likely to advance into adjacent businesses through vertical integrations in hardware, software, infrastructure, automobiles, media, insurance and more – unless we find a way to disrupt them or break them up.”

Of course, the big powerful Web giants aren’t the only businesses who are amassing big data collections with the intent to use powerful AI algorithms to glean insights from them. That’s exactly what every Fortune 2000 firm is facing as it struggles to remain relevant in a quick-changing competitive environment, and what thousands of plucky startups are hoping to master as a way to shake up the aforementioned establishment vendors. It’s a corporate case of survival of the fittest, where big data and AI are the new mechanisms for accelerating evolution.

Without regulation, people won’t trust the new algorithmic economy that’s just starting to take hold. If people believe they must trade their own personal privacy to obtain better personalization or pertinent recommendations (which is sort of the case right now), they’ll be less willing to partake of AI-powered innovation in the future. It’s likely better for everybody, the smart thinking goes, to get in front of problem and address it in a fair manner before throwing the AI baby out with the bathwater.

The likelihood of increased regulation of data could be what drove Zuckerberg to Washington D.C. in the first place: An attempt to obtain favorable terms in future regulations. In fact, if an American facsimile of GDPR presents stiff roadblocks to amassing and exploiting big data in the future, it could work as a windfall for those who’ve already gotten a headstart.

“The harder the government make it for companies to access shared data or data that changes…between different platforms, the stronger it makes the companies that have tons of data within their own right,” Kevin Knight, former Team Lead of Facebook Creative Shop in New York, told CNBC this week. “That means Facebook, Amazon, Google. So I think any regulation that emerges from this is most likely to entrench Facebook and hurt competition more than anything else.”

If Zuckerberg’s testimony this week is any indication, it seems quite likely that greater regulation of data and data-based products will happen in this country. Now it’s just a question of when it will occur, and what the details will look like.

Related Items:

Momentum Builds for a ‘Data Labor Movement’

Big Data Backlash: A Rights Movement Gains Steam

Who Controls Our Algorithmic Future?