France made headlines on Jan. 21 for fining Google US$57 million – the first fine to be issued for violations of the European Union’s newly implemented General Data Protection Regulations. GDPR, as it’s called, is meant to ensure consumers’ personal information is appropriately used and protected by companies. It also creates procedures to sanction companies who misuse information.
According to French data privacy agency the National Commission on Informatics and Liberty (CNIL), which levied the fine, Google didn’t clearly and concisely provide users with the information they needed to understand how it was collecting their personal data or what it was doing with it. Additionally, CNIL said Google did not obtain user consent to show them personalized advertisements. For its part, Google may appeal.
This case demonstrates the increasingly prominent role that the EU intends to play in policing the use of personal information by major companies and organizations online. The U.S. lags behind Europe on this front. As a researcher who studies computer hacking and data breaches, I’d argue the U.S. may have ceded regulatory powers to the EU – despite being the headquarters for most major internet service providers. Why has the U.S. not taken a similarly strong approach to privacy management and regulation?
Do individual Americans even care?
There’s no single answer to why the U.S. hasn’t taken similar measures to protect and regulate consumers’ data.
Americans use online services in the same way as our European counterparts, and at generally similar rates. And U.S. consumers’ privacy has been harmed by the ever-growing number of data breaches affecting financial institutions, retailers and government targets. The federal government’s own Office of Personnel Management lost millions of records, including Social Security numbers, names, addresses and other sensitive details, in hacks. My research demonstrates that hackers and data thieves make massive profits through the sale and misuse of personally identifiable information.
It is possible that years of constant breaches have created a sense of “breach fatigue.” Maybe Americans no longer react to the loss of information because it seems there’s nothing we can do to stop the problem.
There may also be generational differences in the perceived value of personal privacy in online spaces. Millennials, who have only known a world with the internet and social media, seem more willing to disclose personal details through online platforms compared to older groups. However, several studies suggest that younger generations may be willing to do so simply because they are not as aware of the threats they face from online data collection and mismanagement as older generations are.
At the same time, studies demonstrate consumers may be willing to provide personally identifiable information in certain circumstances, especially if they may gain some benefit. They likely do not fully comprehend how and why information collection poses a threat to their overall privacy.
Companies don’t want these regulations
Social media sites’ and internet service providers’ resistance to external regulation is also a likely reason why the U.S. has not acted.
Facebook’s practices over the last few years are a perfect example of why and how legal regulation is vital, but heavily resisted by corporations. After hearings and investigations into the role of Facebook in distributing Russian political disinformation, as well as in the Cambridge Analytica scandal, Facebook implemented a new set of political transparency rules to help individuals understand who paid for content and why it’s being shown.
Meanwhile, Facebook executive management took extraordinary steps to target public critics calling for increased oversight, sowing confusion as to why Facebook should be regulated at all. And past attempts to regulate the platform appear to have been ignored by Facebook for years.
If the providers won’t protect data privacy on their own, I believe that the government needs to implement increased regulatory guidelines.
Should the U.S. continue on its current path, it faces a substantial risk not only to personal information safety, but to the legitimacy of governmental agencies tasked with investigating wrongdoing. Many tech researchers, including myself, already see this happening in law enforcement investigations of cybercrime. The transnational nature of these offenses, coupled with a lack of reporting to police, has reduced the ability of local, state and federal agencies to respond.
Corporate entities are filling the regulatory gaps in cyberspace, whether it is in the response to computer hackers or the removal of child pornography. If the U.S. continues to allow internet service providers to regulate themselves with minimal external controls over data privacy, it is not clear how to ever regain this lost ground.
Trump’s tumbling support among ‘the poorly educated’ may crush his 2020 prospects: report
When Donald Trump famously declared, “I love the poorly educated” during his 2016 campaign, it was obvious that he was taking a much more populist (or rather, pseudo-populist) approach than Republican presidential candidates were typically known for. And white males without college degrees continue to be a key part of the president’s base. But Washington Post columnist Aaron Blake, analyzing an NBC News/Wall Street Journal poll released on Monday, stresses that when Trump is up against a “generic 2020 Democrat,” he finds himself struggling with non-college educated white women.
Trump chief of staff Mick Mulvaney told Republican donors any recession will be ‘moderate and short’
President Donald Trump has spent the last week claiming that any talk of a recession is a conspiracy theory by the media and part of a leftist coup against him.
The message didn't seem to get to his chief of staff Mick Mulvaney, who told Republican donors this week that the recession will be a quick one.
Politico reported the comments Tuesday, saying that it was part of a Jackson, Wyoming fundraiser with White House aides Ivanka Trump and Jared Kushner, who are supposed to be "camping" with their family, according to her Instagram channel.
Former Defense Secretary warns: ISIS is back, and Trump can’t ‘pretend it’s not there’
On Tuesday's edition of CNN's "OutFront," former Defense Secretary and CIA head Leon Panetta warned that ISIS is gaining strength in the Middle East again — and that after all of President Donald Trump's boasts that he had utterly defeated the terrorist organization, now it is time for him to get serious.
"Roughly estimated 15,000 ISIS fighters in Iraq and Syria now," said host Kate Bolduan. "Secretary Pompeo saying the terror group is, in some ways, stronger than it was three or four years ago. How big of a concern should the news be for Americans?"
"It should be a very serious concern for the president of the United States and for our country," said Panetta. "Because his first responsibility is to protect our country. And we learned from 9/11, the fact that these terrorists have one fundamental aim, which is to attack the United States and attack countries in the West. And now what we're hearing is that ISIS is clearly re-mobilizing to the tune of almost is 15,000-18,000, that are mobilizing into secret cells, mobilizing into attack teams, conducting not only attacks but kidnappings and assassinations and bombings, as we saw in Afghanistan. So this is, in the end, a national security threat that the United States cannot simply stand back and pretend it's not there."