Q&A: Sen. Ron Wyden, D-Ore.

‘There Really Is an Opportunity to Pass Meaningful Privacy Legislation’

By Jeff Benson

First of two parts.

Sen. Ron Wyden moved from the U.S. House of Representatives to the Senate in 1996 on the most analog of agendas: He was a big proponent of wood products, an industry that forested Oregon dominated.

Yet his move coincided with the advent of the digital age.

Before his House term ended, he crafted what became known as Section 230, which gave websites the power to moderate user-generated content while protecting them from libel laws applicable to newspapers.

The law helped turn internet companies into big business.

Now, Wyden is grappling with how to keep Big Tech from abusing citizens’ privacy.

Last year, he introduced the Mind Your Own Business Act, which would hold big-tech companies responsible for protecting users’ personal data — and impose criminal penalties for CEOs who lie to Congress or regulators about privacy.

Next month, he plans to introduce the Fourth Amendment Is Not for Sale, another law that seeks to prevent government agencies from buying personal data that otherwise would require a warrant or court order to obtain.

Wyden struck a hopeful note, however, telling Digital Privacy News that he believed Congress could step up with tough-hitting legislation to end Big Tech’s laissez-faire attitude toward data privacy.

Sen. Ron Wyden, D-Ore.

Age: 71.

Birthplace: Wichita, Kan.

Education: Stanford University (B.A.), University of Oregon (J.D.).

First Elected to Senate: 1996.

Key Committees: Finance (ranking member), Budget, Energy and Natural Resources, Intelligence.

U.S. House Service: 1981-1996.

Personal: Married, five children.

You’re perhaps the biggest privacy advocate in the Senate. What got you started on this path?

It was such a central part of the debate.

I recognized when I came to the Senate that I was going to fight like crazy for wood products, but I was also going to get into new areas.

As we began to promote these policies that would unleash innovation and small companies got big, I was struck by the fact that these big-tech companies were basically asleep at the wheel when it comes to protecting Americans’ privacy.

You can almost set your clock by the typical privacy violation: From the news story about somebody obtaining personal data; a company apologizes, promising to never do it again; and then, a few weeks later, it happens all over again.

Wash, rinse and repeat.

“Americans’ privacy rights shouldn’t depend on whether the government is willing to pay for their data.”

So, we’re seeing some legislators showing they’re getting up to speed on privacy and how the industry works. They’re recognizing some of the issues related to algorithms and facial recognition.

The typical member of Congress wouldn’t have known anything about those kinds of issues.

But we’ve also seen that when we need to do some heavy lifting on meaningful privacy legislation, which I consider to be our Mind Your Own Business Act and the Fourth Amendment Is Not for Sale. There are some who have knee-jerk responses that actually make things worse.

A Knight Foundation poll earlier this year found that 77% of Americans think big-tech companies like Facebook and Google “have too much power.” Does that foster a good environment for regulating online privacy?

There really is an opportunity to pass meaningful privacy legislation in the next few years.

The kind of legislation that we’re talking about, the Mind Your Own Business Act, really sends a very different message.

It makes it clear that these big-tech companies … if the CEO lies to the government and the American people about their privacy policy, and we put out standards with respect to that policy, there’s got to be personal consequences.

“Mark Zuckerberg lied about privacy policy.”

That speaks to what you said on what people are concerned about, in terms of polls, but also does it in a way that sends a real message that privacy policies are going to improve — or if you lie to the American people, there are going to be consequences.

Then, the Fourth Amendment Is Not for Sale legislation speaks to the fact that, basically, if you have a credit card, you can get around the Fourth Amendment.

You have shady data brokers exploiting these loopholes, selling Americans’ information and location data to enforcement agencies.

It’s outrageous. 

Americans’ privacy rights shouldn’t depend on whether the government is willing to pay for their data.

So, you have the interception of some of the polling that you were talking about and the fact that there are two long bills that speak, in my view, to a practical way to deal with these issues.

What are your thoughts on the July 29 Big Tech hearing. Do you sense that the CEOs took the House subcommittee investigation seriously? How has the tech industry historically responded to your questions about privacy and data issues?

You want to know about the antitrust issue first?

One reason why they’re such monopolies is because they have people’s data. That’s part of the reason that it ties in with privacy issues.

It very much does. You look at these questions: Google with DoubleClick; YouTube; Facebook purchasing Instagram and WhatsApp.

Facebook was basically just reading the tea leaves.

They were going to lose young customers, so they got bigger and bigger.

And it’s all about ads — and it’s all about collecting data and not having a whole lot of privacy protection.

That’s why I put in the legal actions in Mind Your Own Business, including the possibility of perjury charges.

Mark Zuckerberg lied about privacy policy — and with these companies getting bigger and bigger, the government hasn’t got the resources to deal with them.

These are questions that are very much related to privacy. There’s a good case to be made to arm the consumer from a competitive standpoint.

That’s going to affect protection of their data.

One company that wasn’t there was Twitter. You recently noted that Twitter’s direct messages aren’t encrypted, even though you talked to CEO Jack Dorsey a couple of years ago — and he said they were working on it. That’s a big privacy concern, but given… 

It sure as hell is!

That’s why we’re continuing to push for minimum cybersecurity standards for apps and products and services Americans have brought into their homes and have trusted with their data.

“There’s a good case to be made to arm the consumer from a competitive standpoint.”

Without it, the end result is data breach after data breach.

We did ask Jack Dorsey right before he came to the Senate Intelligence Committee last September. I asked him whether data privacy was a national-security issue, because of some of the privacy violations.

That’s when Jack Dorsey and (Facebook COO) Sheryl Sandberg said that it was.

So, that was also, I thought, a significant point for the cause of future privacy protection.

Before the testimony, I asked him about Twitter’s promise to encrypt direct messages. He said it was coming — and we still haven’t got it.

That was one of the reasons why we’re going to continue to push for legislation, so that we have minimum cybersecurity standards.

Tuesday: Reigning in Data Brokers, Pushing Encryption and Minding Your Own Business.

Jeff Benson is a Nevada writer.

Sources (some external links):

Filed under: