The Obama-era Federal Communications Commission (FCC) gained regulatory oversight over Internet service providers (ISPs) from the Federal Trade Commission (FTC) in 2015 when the FCC reclassified ISPs as telecommunications service providers under Title II of the Communications Act. A year later, the FCC enacted an ‘open internet order’ that included stronger consumer data privacy regulations than that of the FTC. One of these privacy regulations required ISPs such as AT&T, Comcast, and Verizon, to obtain opt-in approval for the use and sharing of sensitive customer personal information, such as browsing history; the FTC, on the other hand, only requires an opt-out measure. Before these new rules came into effect, President Trump signed a congressional resolution into law, nullifying the consumer data privacy regulations established by the FCC, which is part of a larger effort to bring ISPs back under the jurisdiction of FTC and its weaker consumer privacy rules.
Most consumers have no idea that their confidential information is being collected and sold by ISPs and media conglomerates such as Google, Twitter, and Facebook to third party advertisers. The issue is exacerbated when considering the fact that the privacy of user data is poorly regulated after the information is distributed to advertisers. The most recent and publicized example of this is the Facebook-Cambridge Analytica scandal.
Aleksandr Kogan, a psychology professor at the University of Cambridge, was paid over $800,000 by a political consulting firm called Cambridge Analytica to create a personality quiz on Facebook to collect data about users. The data of more than 50 million users was given to Kogan by Facebook under the assumption that the data was being used for academic purposes. However, due to poor oversight by Facebook, the data was shared by Kogan with Cambridge Analytica to inform their ad targeting. Cambridge Analytica went on to use the ill-gotten Facebook user data for political campaigning after being hired by both the Cruz and Trump camps in the 2016 presidential elections.
Long story short, the sensitive data of over 50 million Facebook users, who innocently provided opt-in consent for their data to be shared only with Kogan for academic purposes, was instead leaked to a political consulting firm that was hired by two presidential nominees, one of whom became president. The rate at which confidential information is leaked is impossible to track because of poor oversight, but must assumed to be incredibly high because the largest social media platform in the world was unable to stop it. Seeing as the federal administration is making it even easier for these injustices to happen, action must be taken on the state level to prevent them.
States around the country should follow California’s lead with the introduction of the California Consumer Privacy Act of 2018. The measure will be on the ballot in November 2018 and requires businesses to allow consumers and users to request that their information not be sold or disclosed and that the business release information on how and to whom the consumer’s personal information was disclosed. There are policy limitations, however; it is possible that Trump administration challenges this law on the grounds of federal preemption.
At any rate, thanks to the Facebook scandal, consumers are now more aware of the issue and companies are stepping back their measures to oppose stronger consumer privacy rights. For example, since the scandal, Facebook left its alliance with Comcast and Google, who oppose this California bill. Passing this bill into law will set an example for other states to follow suit and send a message to media conglomerates that consumers refuse to be complicit in the manipulation and mishandling of their confidential data.