A Long Overdue Discussion on Digital Privacy

EPIC attended a panel discussion on privacy and consumer data protection hosted by The Atlantic.

The goal was to bring tech leaders, policymakers, and privacy scholars together to better understand the issues and challenges surrounding privacy in the digital age.

Steve Clemons, Atlantic’s Washington Editor and facilitator of the discussion remarked, “If you go back and look at some of the things Marc [Rotenberg] was talking about – as I did last night, almost all of them became true.”

It was an important point that could not be overlooked. The consensus among scholars in the privacy community is that a conversation like this is long overdue – especially from the legislature.

“We better get on with a federal debate on how to balance all these interests and get it right.” Harriet Pearson, Partner at Hogan Lovells and EPIC Advisory Board Member said.  Although Pearson supports federal legislation, she emphasized the need to be thoughtful in its creation.

Citing the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) as examples, Pearson acknowledged the need for a federal law that clearly defines what these laws have not.

“What is personal information? What is information that is capable of identifying us?” Pearson said. “One of the issues with the California law is that the definition is really broad and vague, and so is the GDPR – the European law.”

Sen. Mark Warner also believed in the importance of a law on privacy for company accountability. “The days of ignoring the policy world are gone,” Warner said. “These companies have a responsibility as communities are built online.”

Rep. Jerry McNerney echoed these sentiments by highlighting the feelings of most Americans regarding privacy. “The American people feel very strongly they’ve lost control of their data.”

Still, getting others in the legislature to push privacy to the top of the agenda presents its own set of challenges. Clemons tried to gather intel from Warner and McNerney on colleagues they might enlist for a privacy bill, but they offered little insight.

Regardless, government enforcement is the “missing piece” to the privacy debate according to Bruce Schneier, Harvard University Fellow at the Berkman Klein Center for Internet and Society and EPIC Advisor.  “The problem is that the market doesn’t reward privacy.” Schneier said. “What’s missing are government incentives.”

Schneier explained that companies like Equifax, that store large amounts of our personal data, have no real motivation to re-evaluate their privacy protections. He also noted that consumers may not mind giving up certain personal data for conveniences. That’s why government must get involved. “It’s really contextual and requires a much firmer hand, because the market is not going to do it.” Schneier said.

With so many stakeholders, it’s easy to lose sight of whose interest should be at the heart of the debate: Consumers. Schneier considers the issue a moral imperative that requires government regulation – even if the consumer doesn’t recognize its importance yet. “Rights are hard. We tend not to notice them until they’re gone.” He said. “We should think of privacy as more of a fundamental right.” Schneier opined. “In the end, I think as citizens we really do care about our privacy, even though as consumers we tend to forget at the point of purchase.”

See full discussion below.

For more information visit www.EPIC.org. Defend Privacy. Support EPIC.