Amid all the privacy debates we’ve seen in recent years, one consistent complaint is that companies don’t face harsh enough punishments to discourage the misuse of user data. Today, US Senator Ron Wyden from Oregon introduced new legislation that could change that. Dubbed the “Mind Your Own Business Act,” this bill would empower the FTC to levy harsher punishments for privacy violations and give end users more power when it comes to determining what happens with their data.
“Mark Zuckerberg won’t take Americans’ privacy seriously unless he feels personal consequences. A slap on the wrist from the FTC won’t do the job, so under my bill he’d face jail time for lying to the government,” Wyden said in a statement on his website today. He went on to note that his bill revolves around three basic tenets: Giving consumers more control over their data, forcing companies to be more transparent about how they use that data, and holding executives responsible when they knowingly lie to the FTC.
That last part is particularly big – not only would Wyden’s bill give the FTC to impose fines up to 4% of a company’s annual revenue on their first privacy offense, but it would also be able to impose “10-20 year criminal penalties for senior executives who knowingly like to the FTC.”
This is where things get somewhat complicated, because a lot of companies out there offer their services for free and instead tap into user data as a way of making money. With a Do Not Track registry in place, the FTC would have corporations offer “another, similar privacy-friendly version of their product, for which they can charge a reasonable fee.” Low-income consumers who don’t want their data harvested could have those fees waived, assuming they’re eligible for the FTC’s Lifeline program.
The Mind Your Own Business Act would also require that corporations give consumers access to their data, including information on how that data is used after it’s been collected. It would give the FTC the go-ahead to hire 175 more staff specifically for privacy enforcement and, finally, require that corporations “assess the algorithms that process consumer data to examine their impact on accuracy, fairness, bias, discrimination, privacy and security.”
This bill is one that’s been in the works for quite some time. Wyden first presented the Mind Your Own Business Act as a draft back in November 2018, and in the time since then, he’s added a number of changes to the text. Key changes include giving each state the ability to designate a “protection and advocacy” non-profit that can file lawsuits against corporations on behalf of consumers. He’s also added language to make it clear that the Mind Your Own Business Act won’t preempt state privacy laws, so states are free to create laws alongside what Wyden’s Act requires.
The protections that Wyden wants to implement here seem to go hand-in-hand with the European Union’s General Data Protection Regulation, but Wyden says that the Mind Your Own Business Act takes things even further. Obviously, since this bill is just being introduced, it has a long way to go before it’s actually signed into law. There’s no guarantee that will actually happen, even though there seems to be a lot of unrest surrounding how corporations handle our data. We’ll see what happens from here on out, but here’s hoping that Wyden’s bill can gain some traction in Congress.