There’s a lot of debate over whether Internet companies should be more regulated and how because of recent privacy breaches and other incidents.
More than half of U.S. respondents to an Axios poll in February about whether the federal government was doing enough to regulate technology companies said it wasn’t. Concern about government inaction was up significantly—15 percentage points—compared with the same survey conducted in November.
Facebook CEO Mark Zuckerberg recently conceded that the time probably has come for more regulation. In his testimony before the U.S. House energy and commerce committee on 11 April, Zuckerberg said federal regulation of Facebook and other Internet companies is inevitable, according to USA Today.
Zuckerberg was called to appear before the committee after revelations that information from up to 87 million Facebook users was shared with Cambridge Analytica, a data-mining firm used by Donald Trump’s campaign leading up to the 2016 presidential election. Users’ information was shared without their knowledge.
“Our position is not that regulation is bad,” Zuckerberg said. “The Internet is so important in people’s lives, and it’s getting more important. The real question is, What is the right framework for this? Not, Should there be one.”
U.S. lawmakers have not decided what action to take.
Google and Twitter also have come under scrutiny from lawmakers. Their revenue, like Facebook’s, is based on advertising, and there are concerns that their platforms have been abused as well, according to the CNet. Google, for example, stores information about search history, email, and Google Maps queries. In November lawyers from the two companies as well as Facebook testified before Congress about the integrity of their platforms plus their roles in the 2016 election.
Google and Facebook have been fined over the years by the U.S. Federal Trade Commission for failing to protect users’ privacy. Facebook entered into a settlement agreement with the FTC in 2011 after breaking its promise to keep user data private. The FTC is investigating whether Facebook’s arrangement with Cambridge Analytica violated that 2011 consent decree. A German privacy regulator is investigating the data breach as well.
NEW EUROPEAN REGULATION
While the United States is still deciding what to do, the European Union is rolling out its General Data Protection Regulation, which goes into effect on 25 May. The regulation marks the biggest overhaul of personal data privacy rules since the birth of the Internet, according to the Daily Mail.
The GDPR is designed to restrict how Internet companies collect, store, and use EU citizens’ personal data. It requires them to explain in simple language how they use the information. Data breaches must be reported within 72 hours, and customers have to be allowed to export their data and delete it. Moreover, users won’t be required to sign off on complicated agreements in order to access their personal information.
RULES VERSUS INNOVATION
Zuckerberg testified that he would not oppose new U.S. rules as long as they are the “right regulations.” He did suggest policy changes such as directives designed to give people complete control of their data, according to a ZDNet article. Zuckerberg said that, since the Cambridge Analytica breach, Facebook has introduced several security measures including redesigning its privacy-setting menu and making it easier to control who sees posts and user information.
Zuckerberg acknowledged that if Congress implements new regulations, it probably wouldn’t be that hard for Facebook to follow them, but he warned that too much government oversight might stifle innovation.
“There’s a balance that’s important to strike here, where you obtain special consent for features like face recognition,” he said, “but we still need to make it so American companies can innovate.”
What type of regulations do you think should be implemented?