It’s no secret in Washington that headline scandals drive congressional interest. The American people know what this political theater looks like: men lining up to testify with their hands raised, lawmakers reading questions from staff-prepared scripts. In many cases, the public and Congress move on, lacking sustained public interest or political will. Other times, it’s a watershed moment that results in landmark legislation like Sarbanes-Oxley and the Foreign Intelligence Surveillance Act.
When Aleksandr Kogan, the scientist who developed the app that mined the data of Facebook users for Cambridge Analytica, recently shared details on how the data of approximiately 80 million people was taken from Facebook and used during the 2016 election, he shared that he was one of a new breed of data hoarders. The fact is no industry or sector has been able to effectively fend off major hacking rings or nation-state backed cyberattacks. And yet, for nearly a decade, Congress has been unable to get legislation protecting consumer privacy and data across the finish line. Instead, data breaches have piled up: Equifax, Target, Yahoo, Uber, the Office of Personnel Management — and there is now a necessity that something must be done.
The debate reached a tipping point this month, when Washington stopped to listen to a 34-year old billionaire defend the most popular advertising business in the world. Mark Zuckerberg did admirably, even impressively well, and ultimately, after two back-to-back hearings, the media characterized members of Congress as very much out of touch and out of the loop on “the internet” and “social media.”
However, the media coverage of the hearing missed a major point.
The reality is that Congress is a stand-in for the American people and how they feel about an issue. Does the average American really want Big Tech, Little Tech, or even Great American Tech, to be watching their every move while feeling that they have little control where their data goes, or to whom it goes to? The answer is no. According to a recent Harris X poll, an overwhelming 83 percent of Americans think we need tougher regulations and penalties for breaches of data privacy, and 67 percent support major online privacy and security regulations. Changing public sentiment is pushing members of Congress to a much more proactive and legislation-friendly stance.
And the public sentiment may have some underlying wisdom. The global internet and advertising ecosystem is a $300 billion market. Consumers and businesses will have 55 billion internet of things devices by 2025. Cloud computing is a $141 billion market and growing. Each of these industries depends on the trust of consumers and businesses to grow, and each industry holds a massive amount of personal data. Public trust is essential.
But the data hoarders just want your data, and want as much of it as possible – and they range from state-sponsored hackers to your average criminal. Yesterday, it was Cambridge Analytica. Tomorrow it may be a popular game, shopping app or even a personal device. Data hoarders exist to take advantage of the system and take massive amounts of consumer data, either through third parties or directly through new innovations.
Many of the stakeholders in the technology ecosystem are aware of their responsibilities and are trying desperately to keep their systems protected. The current legal frameworks at the state and federal level draw muddy distinctions between perpetrators and victims; but the American public is uncomfortable with status quo. And, it remains to be seen if Congress will distinguish between those that are doing their best, and those that are taking advantage of the system.
In the meantime, as Congress works through these issues, the burden will be on those safeguarding the data of Americans to speak up and speak clearly.
Maryam Khan Cope is the managing partner, technology practice, of GoldsteinCope Policy Solutions.
Morning Consult welcomes op-ed submissions on policy, politics and business strategy in our coverage areas. Updated submission guidelines can be found here.
Correction: A previous version of this op-ed misspelled the author’s name.