Imagine you look outside your window one day and see a crowd of people staring back at you. Someone has been selling tickets to a public viewing of your private life. Everything about you, from the toothpaste brand you use in the morning to the phone calls you make at night, is being sold to a plethora of interested viewers – viewers you don’t know, can’t identify and have no way to stop.
That sounds like a nightmare. But the truth is stranger than fiction. Every day, our most personal information is bought and sold online to the highest bidder. We don’t realize it, but the digital platforms we rely on are selling tickets to our personal lives. If tech companies won’t self-regulate their data collection practices and impose meaningful privacy-protecting restrictions on the way they handle our data, then it’s time for Congress to step up and take action.
Americans know it’s time for something to change. Americans began this year more privacy-conscious than ever before. A Pew Research survey from November 2019 found that over 80 percent of Americans feel they have little or no control over their personal information online. This lack of control has exacerbated Americans’ feelings of digital vulnerability: Privitar’s 2020 Consumer Trust and Data Privacy Report found that a whopping 78 percent of Americans today are concerned or very concerned about their data privacy.
These widespread feelings of insecurity and vulnerability are perfectly fitting. Big data giants like Google don’t just collect our data at an unprecedented scale and rate; they have built their entire business models around data exploitation. We lose control over our digital privacy in precise proportion as big tech companies gain in power and market share. And even while the rest of the economy is struggling, big tech just continues to boom.
In fact, all that growth has finally started to raise some eyebrows. Just last month, 11 state attorneys general joined the Justice Department in filing regulatory enforcement actions against Google for monopolistic behavior. While the regulatory enforcement actions name a variety of anti-competitive practices by Google, the heart of Google’s competitive superiority is its extensive data mining. Google rakes in profits like none of its competitors because it has the most extensive and complete command over user data: with 90 percent of the search engine market share, Google can effectively sell data from more than 4 billion people.
But we need more than these actions to restore our compromised digital privacy. Even if Google is broken up by the Justice Department’s antitrust action, another of its competitors will surely rise to take its place. Google’s business model is simply too lucrative. In the absence of extensive and clear privacy protection laws, the profits to be made through data mining will always outstrip any motivation tech companies may have to self-regulate the collection and sale of data through their platforms.
That’s why we need Congress, and not just the Justice Department, to take action.
There are precedents that Congress can follow. The General Data Protection Regulation in Europe and the California Consumer Privacy Act here in the United States provide noteworthy examples of powerful and comprehensive data privacy legislation. But at the heart of effective digital privacy protections will have to be some guarantees that consumers can exercise their data rights with ease. Americans deserve the right to reclaim their data, control who sees it, stores it and sells it, and demand businesses protect their data with industry-leading software. Private companies, government agencies and our politicians in power can’t afford to cut corners anymore.
In the meantime, it’s up to individual Americans to take charge of their digital privacy as best they can. Individual responsibility, empowered by the best consumer privacy protection software, is still the strongest first line of defense. Nonetheless, it’s time Americans received from their governing officials the legal protections they need to feel safe online. In our digital age, privacy protections are as important as traffic laws and Food and Drug Adminisrtation regulations for ensuring that our daily activities are precisely as safe and secure as they need to be.
I hope Congress starts to take action soon, and I encourage every American voter to make their voice heard. Cybercrime, identity theft and privacy violations don’t have to be, and should not be, as common as they are today. But it’s up to our politicians to help make privacy a priority.
Tom Kelly is president and CEO of IDX, a Portland, Oregon-based provider of identity protection and privacy services such as IDX Privacy; he is a Silicon Valley serial entrepreneur and an expert in cybersecurity technologies.
Morning Consult welcomes op-ed submissions on policy, politics and business strategy in our coverage areas. Updated submission guidelines can be found here.