New US Congress set to see push to regulate tech firms

WASHINGTON • The newly installed United States Congress is expected to see a fresh effort to develop new regulations for big technology firms, with a focus on tougher enforcement of privacy and data protection.

The wave of data scandals that has hit Facebook and other online platforms has prompted growing calls for action by lawmakers looking to curb abuses of how private information is used and give consumers more clarity.

Significantly, most tech companies are pledging to willingly accept new regulations to set a uniform standard in the US following a sweeping set of rules that went into effect in the European Union last year, although few have offered details.

Federal regulations could pre-empt the enforcement of legislation enacted in California, which was modelled after the EU's General Data Protection Regulation (GDPR).

"Whether big tech and little tech like it or not, 2019 will be a year of regulation," said Mr Doug Clinton of the investment firm Loup Ventures, in a recent blog post.

The analyst said he expects the US to consider "the most important points" of GDPR including consent, access, portability and erasure of personal information.

Senator Brian Schatz and 14 other Democrats have endorsed a Bill aimed at requiring online firms to safeguard personal information and stop the misuse of data.

"People have a basic expectation that the personal information they provide to websites and apps is well-protected and won't be used against them," Mr Schatz said in a statement last month.

"Just as doctors and lawyers are expected to protect and responsibly use the personal data they hold, online companies should be required to do the same."

Another proposal unveiled last month by the Centre for Democracy and Technology, a digital rights group in Washington, in consultation with industry and activist groups, covers consumer rights to access and correct data held by online firms, data portability, and limits on third-party access to data.

Significantly, it limits the kinds of data that companies can collect to what is needed for their services.

"Many apps collect your location information even if it has nothing to do with the service they are providing," said Ms Michelle Richardson, head of data and privacy for the organisation. "We want to fundamentally change how companies collect and use data."


Since the revelations over the hijacking of personal data of tens of millions of Facebook users by the political consultancy Cambridge Analytica, tech firms have come under heightened scrutiny from lawmakers and privacy activists.

Instead of pushing back, big tech firms have offered to cooperate with lawmakers on a national privacy Bill - although sceptics say this may be an effort to limit the reach of tougher state laws.

Google chief executive Sundar Pichai told a hearing last month: "I'm of the opinion that we are better off with more of an overarching data protection framework for users, and I think that would be good to do."

Apple CEO Tim Cook last year called for federal privacy legislation, while assailing the "weaponised" used of private data that is bought and sold online.

Mr Alan McQuinn, policy analyst at the Information Technology and Innovation Foundation, a Washington think-tank, said that following the passage of a California privacy law, "the tech sector is now trying to get out in front of having segmented privacy rules".

Yet details of any new privacy Bill are likely to be complex, with battles looming on how far legislation should go.


A version of this article appeared in the print edition of The Straits Times on January 07, 2019, with the headline 'New US Congress set to see push to regulate tech firms'. Print Edition | Subscribe