Online privacy

[Speech] As public attention has been drawn to the practice of collecting data, there is a heightened concern about the value of privacy and the value of consumer data. This concern is no longer limited to privacy advocates and policymakers who have sounded the alarm for years, only for their concerns to fall on deaf ears.

Facebook has moved more than 1.5 billion users out of reach of European privacy law, despite a promise from Mark Zuckerberg to apply the “spirit” of the legislation globally. In a tweak to its terms and conditions, Facebook is shifting the responsibility for all users outside the US, Canada and the European Union from its international HQ in Ireland to its main offices in California. It means that those users will now be on a site governed by US law rather than Irish law.

If Facebook has to pay a  Federal Trade Commission penalty for the Cambridge Analytica data scandal, it will join a very short list of companies to have done so. Of 91 cases involving online privacy issues the Federal Trade Commission has brought since the first in 1998, just two companies have paid civil penalties specifically for violating adult users' privacy. They are Google, which paid $22.5 million in 2012 and Upromise, which paid $500,000 in 2017. The numbers aren't surprising to experts because of the constraints on the FTC when it comes to policing consumers' privacy rights.

Facebook outlined its data collection practices. According to Product Management Director David Baser, some third-party websites and apps send data about their users to Facebook, regardless of whether those users have Facebook profiles. In return for that information, Facebook helps those websites serve up relevant ads or receive analytics that help them understand how people use their services. The company gets this data from websites and apps that let people share or like posts using Facebook plugins, or log into the website with their Facebook accounts.

On April 12th, the Irish High Court elevated a series of questions to the European Court of Justice (ECJ, the Supreme Court of the European Union) regarding the validity of key legal instruments used by American tech companies to process Europeans’ personal data. Judge Caroline Costello of the Irish High Court is concerned about the national surveillance practices of the United States and the level of privacy rights observed there.

Thousands of free, popular children's apps available on the Google Play Store could be violating child privacy laws. Seven researchers analyzed nearly 6,000 apps for children and found that the majority of them may be in violation of the Children's Online Privacy Protection Act, or COPPA.  Thousands of the tested apps collected the personal data of children under age 13 without their parent's permission, the study found.

Here are just some of the issues as the capital and the nation focused on how better to protect online users' data in a world of almost universal collection and sharing. 

Technology companies are readying themselves for sweeping new privacy rules that go into effect in May 2018 across the European Union. They could face billion-dollar fines if they fail to give European users far more control over their personal information. Whether the US Congress follows the European model, as some lawmakers floated, or whether big tech companies determine it’s too cumbersome to treat the 500 million people of the EU differently from the rest of the world, Europe is likely to keep setting the global pace for aggressive regulation.