Data Risk Intelligence
Automated Data Mapping
Do Not Sell/Do Not Share
Cookie Banner Solutions
Consent & Preferences
Data Rights RequestsAfter the Facebook Privacy Hearings
It will certainly be an interesting two days in the journey toward enhanced data privacy. Roughly six weeks before Europe starts enforcing the world’s leading data privacy and protection law, members of the U.S. Congress and the media will be focused on the issue of privacy as Facebook CEO Mark Zuckerberg will answer their questions regarding Cambridge Analytica and Facebook’s privacy disclosures.
Zuckerberg will testify this afternoon at 2:15 PM Eastern before a joint session of the Senate Judiciary and Senate Commerce Committees. The hearing is titled: Facebook, Social Media Privacy, and the Use and Abuse of Data. The link to the live stream for the Senate hearing (for those who will be watching with us) is: https://www.judiciary.senate.gov/meetings/facebook-social-media-privacy-and-the-use-and-abuse-of-data
Tomorrow, he will be at the 10 AM hearing held by the U.S. House Committee on Energy and Commerce for the hearing on Facebook’s Transparency and Use of Consumer Data. The live stream on Wednesday morning is available here: https://energycommerce.house.gov/hearings/facebook-transparency-use-consumer-data/
The hearings will likely be the first in a long series as members of Congress grapple with what action to take about data privacy. There are too many stories about other companies with privacy problems and data breaches to think that the results of the Congressional inquiries will be limited to Facebook. Members of Congress have previously asked Google and Twitter to appear about their data practices as well, although they won’t appear today or tomorrow. Zuckerberg is the only witness listed on the agenda for either hearing.
The Facebook hearings over the next two days will set the stage for a lot of important questions to be asked:
Is regulation needed or can businesses self-police on privacy? It seems likely that legislation is coming, although this is an important first question to ask. Government regulations are frequently a mechanism to ensure business operations are taking into account the external costs borne by third-parties. Before the Facebook data privacy scandal, organizations typically considered privacy a compliance or legal function rather than a profit center. In this world, regulation makes sense. The #deleteFacebook movement, however, is showing businesses that consumers and shareholders care more deeply about privacy than many previously thought. If consumers start boycotting businesses that don’t protect their privacy, any regulation to protect privacy will quickly be exceeded by businesses putting the interests of their customers and shareholders first.
If regulation is the right step, who should the privacy protections cover? Congress could create a limited bill to enhance the privacy of people sharing through social media companies. Or it could create the next GDPR and regulate how every business and organization in the United States handles privacy. There is also a lot of room in between for Congress to regulate search engines, website owners, app publishers, IoT devices and more. Congress could seize on the momentum created by the Facebook scandal for a powerful solution, or opt for a smaller piece of legislation that has a higher odds of gaining consensus without controversy.
How to deal with privacy at small businesses? A local restaurant in Philadelphia just launched facial recognition technology to make the ordering process faster. If the business was in Europe, its use of the technology would be governed by the GDPR starting in May and it may have decided not to launch it. Yet, there still need to be appropriate protections in place to guard this data from hackers and limit sharing to and by third-parties. If technology companies as large as Facebook are getting their privacy protections wrong, do we have any faith that local businesses have put in place the right privacy protections to get informed consent from consumers and protect their privacy? If small businesses are excluded to protect them from the cost of compliance, are we simply making it harder for bad actors to get troubling data by shifting their targets from a few large companies to many small businesses?
How to protect innovation while enhancing data privacy? Big data and data-driven decision making are capable of radical improvements to society. Yet, the future is one where privacy by design is embedded into every technology built and data collection effort. What is the best way to proceed with the transition from where we are now to where we want to be?
What are the appropriate regulations to improve privacy? Additional transparency (through layered privacy notices or just in time notice) and improved consent mechanisms will almost certainly be at the top of any list about how businesses can improve data privacy. Third-party data sharing restrictions also seem likely given what happened at Facebook. Furthermore, there are so many data breach alerts in the news to create a question as to whether additional privacy protections will matter if hackers can steal the data and share it among bad actors, so regulation in this are could also be required.
We will be struggling with these issues at Clarip over the next few months and years as we continue to help consumers take control of their privacy and businesses respect the privacy of their customers. If you are a business looking for help, ask us for a demo of our SaaS privacy platform (in person if you are seeking GDPR compliance in Philadelphia!. If you are a person looking to enhance your privacy, try out our beta program for consumers and give us feedback!
More from Clarip:
Are you ready for the new CA privacy law? Start preparing compliance efforts with Clarip for the California Consumer Privacy Act. Enforcement starts January 1, 2020 so better start planning funding in your 2019 budget now.
Read the most recent posts on the Clarip Blog.
Learn more about the GDPR consent management.
Other Blog Posts on Facebook:
Three Steps to Prepare for a Record Privacy Fine Against Facebook
Vendor Risk Management Lessons Coming From Facebook
Facebook, FTC Hearings Top Privacy News Yesterday
Vendor Risk Management at Facebook Back in Headlines
Facebook Updates on App Privacy Investigation, Bans myPersonality
Warning from Facebook Stock Drop: Take Privacy Seriously!
SEC Investigates Facebook for Non-Disclosure of Cambridge Analytica Risks
UK Privacy Office to Issue Maximum Fine for Facebook Over Cambridge Analytica
Senate Consumer Protection Subcommittee Further Explores Facebook Data Privacy
Facebook Answers Senate Questions on Privacy
Privacy Bills in Congress Get Boost From Facebook’s Latest Data Scandal
Germany Demands More From Facebook on GDPR
Overview of the Facebook-Cambridge Analytica Data Privacy Scandal
