Last month, I travelled to the United States, in part to attend the Global Privacy Summit.

During the visit, I had several days of appointments with members of Congress, thought leaders and internet regulators to learn about US efforts on the domestic privacy front. I’ve previously written about my trips to Washington (see my posts from 2015 and 2017). It’s fascinating to have witnessed first-hand how the public discussion around regulating big tech companies has evolved over time.

Productive meetings with privacy thought leaders and legislators

Much of my visit this time was organised by our embassy in Washington, which meant in addition to my usual rounds of officials, many doors were opened to legislators on Capitol Hill. I wish to extend my thanks to the Ministry of Foreign Affairs and Trade and the embassy staff for their assistance.

Two broad themes dominated the meetings I had throughout this trip. Firstly, the need for privacy data protection regulation at the federal level. Secondly, the increasing need to combat the harms arising from social media. The call for federal legislation is being driven by a combination of factors – recent Facebook scandals have brought treatment of user data by social media networks into focus and honed the desire by many US regulators to implement better federal data protections. Legislators’ minds have also been focused by the effect of European regulation on US businesses operating internationally, and the fact that if the US Government does not act, the very progressive California Consumer Privacy Act will become the de facto regulation across the US.

Challenges facing federal privacy regulations in the US

Despite a broad willingness to address privacy related issues by US lawmakers, both Democratic and Republican politicians I met were not universally optimistic of federal privacy legislation passing during the Congressional term (which runs through to January 2021). The challenges facing federal privacy legislation are numerous and include the wish of regulators to create new laws without stifling innovation; creating a safe online environment while upholding the deeply beloved First Amendment; section 230 of the Communications Decency Act (which treats online platforms as postmen, rather than publishers responsible for content) and finally, US politicians’ ability to grapple with the tech sector.

Monday 29 April

Meeting with Republican Senator for Tennessee, Marsha Blackburn

Senator Blackburn has introduced the Balancing the Rights of Web Surfers Equally and Responsibly (BROWSER) Act. The Act would require both internet service providers and content providers (such as Facebook) to obtain opt-in consent from users before sharing the user’s personal data with third parties. She believes her legislation strikes the right balance between allowing the tech industry to innovate without inhibition and requiring adequate transparency to allow consumers to make informed choices. We discussed how the tech industry was no longer in its infancy and needed to play by the rules. She is concerned about a liberal bias in the West Coast coders and engineers which suppresses or deemphasises conservative values and believes that now is the time to move and put regulations in place, and that her legislation has a good chance of passing this session.

Meeting with staff of Republican Senator for Missouri, Joshua Hawley

Senator Hawley is a lawyer and former Attorney General for Missouri. His staff told me he is very concerned with the preservation of free expression online. While Attorney-General for Missouri, Hawley opened investigations into whether Google's business practices violated state consumer protection and anti-trust laws and issued a subpoena to Facebook relating to how the company shares user data. He believes that if federal regulators do not create legislation soon, the California legislation will become the default for the whole of America.

Roundtable with staff for Democratic Senator from Oregon, Ron Wyden

At this roundtable, New Zealand embassy staff and I spoke with Senator Wyden’s senior technologist, Chris Soghoian. He told us the senator felt it was a great time to work in privacy and there were increasing options on the table for legislators looking to reign in big tech companies - including jail time for CEOs. Senator Wyden co-authored Section 230 of the Communications Decency Act. It was created as both sword and shield. The shield gives social media providers immunity from what is published on their platforms, while the sword gives tools to providers to moderate content on their platforms without being liable for supressing free speech. The senator felt that the shield was being used too much and the sword not enough. He believed the Federal Trade Commission should play a greater role in regulating tech companies. Soghoian was interested in the amendment to New Zealand’s Customs Act (see our blog post discussing the Customs and Excise Bill here) which would allow for searches of devices. We were able to clarify that rather than creating new powers for Customs officers to search US citizens’ devices at the border, the law actually creates more protections and oversight than is the case in many jurisdictions. Senator Wyden plans to introduce legislation to require a warrant for US border agents to search people’s devices (such as smart phones or laptops).

Meeting with Adam Klein, Chair of The Privacy and Civil Liberties Oversight Board

I re-established relationships with the new board since last meeting with them in 2016. Adam Klein reported that the new strategic goal was for the board to anticipate new and emerging technology. They also said they see rising public interest in biometric and facial data. The PCLOB is a key oversight agency in the Five Eyes intelligence community and has done important work examining the legality of bulk collection of citizen data, among other things. By working together, and maintaining strong links, we improve the network of oversight of what are fundamentally, but necessarily, extremely secret and opaque organisations.

Blog continues in Part 2

International