1. Two Silicon Valley lawmakers call for a federal agency to regulate consumer data; privacy lobby backs initiative

Two U.S. Congress members whose districts include Silicon Valley introduced HR4978, the “Online Privacy Act of 2019” in a news release accompanied by expressions of support from key privacy advocates, including Free Press, Public Knowledge, the Electronic Privacy Information Center (EPIC) and Soshana Zuboff, the emeritus Harvard Business School professor and book author who has popularized the phrase “surveillance capitalism.”

“This legislation is a game-changer in several key ways,” Zuboff wrote in her endorsement of the proposal from two Democrats. “First, it reframes the privacy debate from the notoriously flawed regime of ‘notice and consent’ to the human rights of users. Also, the Act establishes a long-overdue Digital Privacy Agency with important new investigatory, legal, and law enforcement powers.”

“The [act] sets out strong rights for internet users, promotes innovation and establishes a data-protection agency,” wrote Caitriona Fitzgerald, EPIC’s policy director.  She said it “changes the privacy debate.” 

The bill includes two provisions that most Republicans and tech-industry lobbyists have so far argued are non-starters at the federal level — a private right-of-action for consumers, and no federal preemption of state laws such as the California Consumer Privacy Act. 

The measure argues for data minimization and purpose limitations. It expressly allows journalists to use or disclose personal information for investigative journalism no differently than they do today, as long as it is not used for non-journalistic purposes. The independent data-security web site Decipher’s detailed analysis of the bill’s language said  it “places significant restrictions on the kinds and amount of personal data companies can collect and what they can do with that information while they have it.”

The bill full text and summary are available online, along with a section-by-section breakdown. 

“Encouraging to see federal activity on this front, particularly as it racks closely to the proposed initiative,” tweeted Ashkan Soltani, one of the principal architects of the California Consumer Privacy Act, which takes effect Jan. 1. 

One sponsor, Rep. Zoe Lofgren, of San Jose, Calif., wrote that she consulted with more than 100 academics, businesses, regulators and advocacy organizations to “craft a comprehensive set of protections for users and their data.” She thanked EPIC for supporting the measure. The other co-sponsor, Rep. Anna G. Eshoo, D-Calif., represents California’s 18th Congressional District — the heart of Silicon Valley. 

RELATED LINKS:

Silicon Valley’s congresswomen want a new tech regulator | Ryan Tracy, Wall Street Journal

Silicon Valley Dems unveil bill creating U.S. privacy agency | Law360.com 

Bipartisan data-portability act introduced by Hawley, Warner, Blumenthal | Kimberly Gold, Reed Smith

2. Spanish academics profile 13 initiatives at data-privacy cutting edge; decry “winner-take-all” as unsustainable

Three researchers at a Spanish business school focused on innovation and social good have published a 125-slide report  (in English) that includes case studies of 13 initiatives on the cutting edge of data privacy.  The report, published Oct. 17, is entitled, “My Data, My Rules: From data extractivism to digital empowerment.”  The authors are Liliana Arroyo, Obaid Amjad and David Murillo of the Esade Ramon Llull University Institute for Social Innovation in Barcelona. 

“In a ‘winner takes all’ economy, the present balance between private profit, collective benefits and individual agency has become unsustainable,” the trio writes. “A host of vices, ranging from fiendishly complex web privacy policies to opaque, pervasive malpractices in the commercial exploitation of users’ personal data explain why the debate on individual empowerment, sovereignty and self-determination is heating up.”

They say individuals’ battle for ownership of their data is now echoed in many research projects and legal frameworks (such as the GDPR and the California Privacy Act), spawning a number of start-ups and social innovation projects. They say their report “takes a thought-provoking look at digital empowerment through ownership of one’s personal data. The academic debates on such empowerment now go beyond avoiding harm from data misuse to consider how users could be given more choice.”

The three cases analyzed in the greatest detail present the best practices for empowerment in their respective fields.

• Digital Estonia, an electronic administration initiative, represents the public sector. 

• Cozy Cloud, a French start-up offering storage solutions “with an interesting anti-GAFA (Google, Amazon, Facebook and Apple) proposal”, is an example of a private initiative. 

• MIDATA.coop is a cooperative platform from Switzerland that enables people to control the reuse of their health data.

In addition to these examples, the report also analyses 10 other initiatives engaged in a variety of public, private and activist interests: Blue Button US, CitizenMe, Digi.me, Meeco, MyData Global Network, Mydex CIC, Savvy.Coop, Sesam Key, SOLID and Tactical Technology Collective.

RELATED LINK:

• Money is not the only reward for sharing data online, according to Esade report | Science-Business blog

3. Mozilla, Center for Human Tech seek funds and survey responses to help curb privacy and other abuses

Two technology non-profit organizations have launched separate outreach efforts aimed at figuring out how society should manage unintended negative consequences of artificial intelligence and big data. 

On Tuesday, the Center for Humane Technology emailed a “dear friends” appeal to help by taking a 15-minute survey by Nov. 17 “if you are currently working in technology, or recently left.” Tristan Harris, the CHT’s co-founder and executive director, said the survey results would help with CDT’s mission to make sure technology does not make humans vulnerable. “To change how products are built, we need a clear understanding of the culture that’s creating them today,” he wrote. He said the results would be widely shared. 

Meanwhile, a day earlier the Mozilla Foundation emailed thousands of supporters asking for donations to help with what it said has become the primary focus of its long-term work — a drive to promote “trustworthy AI [artificial intelligence].”   At stake, Mozilla said, are data privacy, unfair bias or discrimination, content trust and algorithmic transparency.

The Mozilla Foundation is sole owner of Mozilla Corp., the for-profit maker of the Firefox browser and related services.  “We’re experienced at building effective coalitions to get big things done, and our global network of millions of supporters is a potent force to bring consumer demand for positive change to the market,” the foundation’s email said. 

RELATED: 

• EVENT: How can AI foster local-news innovation? | Jan. 25 Brooklyn | NYC Media Lab