The days of federal privacy laws coming to Silicon Valley may happen sooner than you think. In a much-publicized keynote speech given at the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC) in Brussels, Apple CEO Tim Cook gave his full-throated support for a new federal privacy law in the United States that would be at least as stringent as the new General Data Protection Regulation (GDPR) in the European Union. At a time when federal lawmakers in the U.S. are growing weary over the failure of tech giants like Facebook and Google to self-regulate their own businesses, it might finally be time to enact external regulations from above.
Tim Cook’s comments about federal privacy laws
What was striking first and foremost was how firmly Apple’s Tim Cook came out in favor of federal privacy laws. The Western media characterized his presentation as “fiery,” and the speech was clearly designed to grab the attention of the event’s participants. Cook started off by lamenting the current state of the tech industry, where the big tech giants are “weaponizing data” and using all the personal information and personal data they acquire to target and track users wherever they go on the Internet, without the consent of the individual. He then characterized the situation as a “data industrial complex,” clearly echoing President Eisenhower’s comments more than 50 years ago about the dangerous formation of a “military-industrial complex” in the United States.
“This crisis is real,” said Cook. “It is not imagined, or exaggerated, or crazy.” In fact, he claimed that many big tech companies seemed to know customers better than they know themselves. When you combine all the information that is available about many tech consumers – including financial, medical and personal – it is not out of the realm of possibility that Silicon Valley tech giants simply have too much power. Consumers in the U.S. – unlike their counterparts in the European Union – do not have rights to data minimization, disclosure, security or user access. All of these are granted under the terms of the landmark GPDR, which went into effect less than six months ago.
The only real solution to the current state of affairs, suggests Tim Cook, is the passage of federal privacy laws with act requirements that spell out exactly the rights of consumers, much like the GDPR. Within the U.S. context, similar types of federal laws exist for financial information (such as the Fair Credit Reporting Act of 1970 regulating credit reports), for telecommunications information (such as the Telephone Consumer Protection Act of 1991), and health information (such as the Health Insurance Portability and Accountability Act of 1996). So why not similar laws for online information shared with the biggest tech companies in the world? Or at least the creation of a new federal agency with the real power to protect the data privacy of individuals via a new privacy protection act?
According to Colin Bastable, CEO of Lucy Security, public opinion certainly seems to be shifting against Silicon Valley, “Like the auto and tobacco industries years ago, the social media conglomerates are a consumer safety issue. They used to say, ‘What is good for GM is good for America.’ Now Silicon Valley claims to be the arbiter of all that is good for us, but we know how that ends – badly. Social media cyber-insecurity is the ‘Unsafe at Any Speed’ issue of our times.”
Apple vs. Facebook
Without actually bringing up the names of Facebook and Google, Apple CEO Tim Cook was focused enough in his remarks that it was very clear whom he had in mind when he mentioned the term “data industrial complex.” He was clearly sending a shot across the bow at two of Apple’s biggest rivals, Facebook and Google. From Cook’s perspective, Apple is a hardware company and would be much less affected from the application of rigorous new federal privacy laws. Instead, these federal privacy laws might have a crippling impact on Facebook, and to a lesser extent, Google.
In fact, one could argue that the entire basis of Facebook’s business model is the collecting, collating and then selling of personal information to the highest bidder. When advertisers buy ads from Facebook, it is because Facebook does an unparalleled job of delivering the right types of customers. Facebook knows so much about you – where you live, who your friends are, where you went last night, and what you “like” – that it’s a veritable gold mine for potential advertisers.