On Friday, New York state senators expressed their impatience and frustration on Congress’ lack of haste in addressing the issue of data collection and privacy with New York state businesses. Legislators have begun advocating for more legislation that would restrict how businesses would use and share consumer data.
The senators gathered for a five-hour public hearing in Manhattan where the Senate’s standing committees on Consumer Protection and Internet and Technology heard from 11 panels of witnesses, which included representatives from leading business groups, consumer advocates, and state government officials.
This gathering comes at a very relevant time, as California’s Consumer Privacy Act (CCPA) comes into legal effect January 1, 2020. With the CCPA in mind, New York’s mindset in adopting a similar framework to California’s privacy law is parallel, but takes a “time-is-of-the-essence” approach.
The proposed legislation at work here, New York’s Privacy Act, was introduced by Senator Kevin Thomas (D) back in May. The Act takes the CCPA framework a step further with respect to data use restrictions and transparency requirements, advocating for a national privacy framework. According to WIRED Magazine, it’s “even bolder” than California’s legislation.
Specifically, the Act would establish a broad private right of action and requiring businesses to act as “data fiduciaries.” No different than any other legal fiduciary, these “data fiduciaries” under the proposed legislation, would prevent these businesses from using personal information in a way that would place users in a legal detriment.
Brittany Kaiser and David Carroll, who played pivotal roles in bringing to light now-defunct political consulting firm, Cambridge Analytica, agreed that providing consumers with a cause of action is vital.
In today’s digital age, the consensus is that consumers should be and deserve to be in control of their personal information and how it is collected and used. And the Cambridge Analytica data breach demonstrated that to the world, recently being fined $5 billion by the FTC, a record-breaking fine ever assessed against a tech giant.
The New York lawmakers in attendance at Friday’s hearing indicated that they were ready to hop on board, expressing their frustration with lack of haste Congress has taken with respect to these concerns.
“The frustrating part of this is that we want to comply and we want baseline standards, and we’re doing our best to protect consumers’ data in the absence of that,” John Evers, senior director of government affairs at the Business Counsel of New York. “We just want something that’s workable.”
However, there are those in the New York business community whose frustration is geared more towards its simplicity and a nationwide framework that benefits neither companies nor consumers.
Justin Brookman, director of consumer privacy and technology policy for Consumer Reports believes that regulators involved here aren’t the only available resource; that we must look to others when we are in discussions about policing data collection.
“There’s a consensus that there is an issue here, and I think we see a growing awareness and concern among constituents and the general public about the trade-offs that need to be made between convenience and privacy,” Thomas said.
Jim Halpert, co-chair of DLA Piper’s global cybersecurity practice and general counsel for the State Privacy and Security Coalition, distinguished what happened with Cambridge Analytica and Facebook as one that was “extreme conduct” and “far from representative of the way most businesses operate.”
“Whatever law we pass, the Cambridge Analyticas of the world are always going to exist and they are going to do things that violate the law,” Halpert said.
It’s now time we hold these tech giants accountable for the very roles they are so proud to uphold.
