Vermont's Welch, Donovan Seek Federal Digital Authority
A national digital authority to rein in big tech companies proposed by Rep. Peter Welch, D-Vt., got support from Vermont Attorney General TJ Donovan (D) and some privacy experts at a National Association of Attorneys General (NAAG) event Friday. Panelists supported state privacy work until consensus around federal privacy legislation can form.
Congress should create “a digital authority that has significant responsibility to make rules, to get access to information, like algorithmic designs, that has as its goal the protection of democratic values,” Welch told the partially virtual NAAG eastern region meeting in Burlington. “One-off legislation is difficult for Congress.” The proposed agency would balance technology’s benefits to society with a “clear-eyed view that it is not up to the owners of big tech to make decisions about how what they’re doing is interfering with elections,” children’s well-being, and “free and fair debate,” said Welch. It would have rulemaking authority and make recommendations to Congress, he said. Otherwise, the Democrat fears “a continuation of the Wild West, and it’s not good for our democracy.”
Welch praised state AGs filing antitrust suits against big tech companies like Google and Facebook. That litigation “is extraordinarily important because these huge companies” are “an indication of the enormous success that our biggest players have had in consolidating market power to an extent that we have not seen in industries or ... so-called competitive sectors since the robber barons.”
Donovan backs Welch’s “call for a federal digital authority and certainly will reach out to our colleagues to support you in that endeavor,” said NAAG’s eastern region chair. New York AG Letitia James (D) picked up the thread as she moderated a subsequent panel, asking privacy experts what they thought about Welch’s idea.
It “makes a lot of sense” to Jennifer Urban, a University of California, Berkeley professor. “We do have models to look at,” including European data protection authorities and the new California Privacy Protection Agency that Urban chairs (see 2106140035), she said. “You can watch us and ... learn from our mistakes and hopefully from our successes.” Other countries have authorities that cover not only digital but also analog privacy issues, noted World Privacy Forum Executive Director Pam Dixon.
The proposed authority mustn’t “become a bureaucratic morass in itself,” said Digital Citizens Alliance Executive Director Tom Galvin. Consolidating agencies into the Department of Homeland Security sounded like a good idea at the time but had mixed results, he warned. SPQR Strategies Principal Tim Sparapani said he backs the proposed authority if it doesn’t throw away state AGs’ many years of work. The former Facebook public policy director said he would rather that AGs get more resources.
Big tech has a role in society, but James sees evidence they use wealth and information to hurt competition, the New York AG said. “We need better [privacy] laws that we can enforce to protect consumers because most current laws focus on requiring companies to disclose their data collection and give consumers the ability to opt out,” she said. “I want to see laws that provide clear limitations on data collection and what companies can do with that data.” James asked panelists if other states should join California, Virginia and Colorado in enacting comprehensive privacy laws.
“There is a very important role for the states” as the U.S. works toward finding consensus, said Dixon. “I like the idea of each state looking at its context, doing its own analysis based on its stakeholders and really having a robust conversation.” Oregon is doing that with a task force convened by AG Ellen Rosenblum (D), said Dixon, one of the group’s members. Saying she prefers the term “laboratories of democracy” to state patchwork, Urban agreed it’s valuable for states to consider what works best for their populations.
The first three state laws give consumers rights to understand, access and possibly correct what data has been collected, “but they don’t give us yet a way to stop the misuse of data that is happening,” said Sparapani. A proposed Massachusetts privacy law (S-46) by state Senate Majority Leader Cynthia Stone Creem (D) should be a model for other states because it sets “bright-line rules” listing what businesses may not do with data “at the most important moments in consumers’ lives” on education, housing, credit, jobs and health, he said.
Skirmishes over a private right of action frequently derail meaningful talks, Dixon said: A nuanced way to include individual enforcement could be found if stakeholders can learn to “have discussions without falling on our swords.” Policymakers should limit the private right to redlining and other discriminatory issues that could go unaddressed by AGs with their current limited resources, said Sparapani: An overly broad private right could draw attention from such harms.