Mark Lennihan, Associated Press
In this Dec. 17, 2018, file photo, a man using a mobile phone walks past Google offices in New York.

A bipartisan effort in Congress to create laws to govern how internet companies handle private data gathered from users of social media and other platforms should be welcomed by consumers, just as it is ostensibly being welcomed by tech companies who say they recognize the need for regulatory oversight, even though they are wary of how far it might go.

Tech giants like Google, Amazon and Facebook make enormous profits harvesting personal data that may be sold to third parties to target consumers with specific advertising, political messaging or for other reasons. Those companies and others have also been rightly criticized for lapses in maintaining the security of private data that from time to time has leaked into cyberspace for perusal by any number of potentially malicious players.

Consumers absolutely must be confident their personal information is secure; this is one instance where government regulation is the best means by which such confidence can be reasonably assured. That realization is taking hold in Washington, as it has in Europe and in the halls of some state legislatures.

The 28-nation European Union last year enacted a sweeping General Data Protection Regulation that allows agencies to pursue recourse against companies who peddle private data without consumer’s consent. Under the law, the French government in January fined Google $57 million for distributing private data without consent, while also criticizing the company for making it too difficult for users to find out what information is being stored and how it is being used.

In California, a law set to take effect next year would set stringent rules allowing consumers to see what of their personal information is being shared and allow them to forbid sale of private data. The law would also give consumers the authority in some cases to demand their information be deleted entirely.

The tech companies are worried that laws like that may result in a stampede of demands by users for data to be quarantined or erased, which would put a giant dent in their ability to profit in the burgeoning consumer profile market.

A federal law would supersede state statutes, and though it may not grant consumers the same level of authority as, for example, the California law, it’s best in the long run for both consumers and companies to have a single set of rules that set consistent standards nationwide.

There are several factions in Congress currently working on a variety of approaches to a national data privacy law, with the support of both parties and the apparent consent of the Trump administration. Lobbyists for tech companies are going to be influential in the process, but at this point, it’s good to see those companies express willingness to adapt to some regulatory oversight. As Facebook founder Mark Zuckerberg has written, “The internet needs new rules.”

3 comments on this story

Those rules need to bolster the rights of individual patrons, offering the option, for example, of withholding consent for their information to be sold to an advertising entity that would use it to endlessly pepper their browsers or social media pages with tailored messaging.

The internet has been viewed as wide-open territory best left unfettered by regulations that could impede innovation, but transparency and consumer protection must also be a part of that framework. Internet users should welcome government action that aims at granting individuals a higher level of freedom over preserving the sanctity of their own personal and private information.