Source: site
PERSONAL DATA HAS become the de facto currency of the digital age, and we’ve surrendered more control over our lives than we may have realized.
Our every click is treated as a commodity, and our everyday comings and goings—including our visits to health care facilities, places of worship, political rallies, and more—are collected and shared with innumerable third parties, including shadowy data brokers, marketers, and even the government. It’s easy to see how the widespread availability of this sensitive information can be used against us.
Recognizing the threat, the Massachusetts Senate recently passed legislation (S. 2619, the Massachusetts Data Privacy Act) that would strengthen privacy rights in the state. The legislation would create baseline restrictions on when our data can be collected in the first place, and would put enhanced guardrails around our most sensitive personal information.
Upon the bill’s unanimous passage, Senate President Spilka hailed the legislation as “part of our ongoing effort to protect our residents, defend our values and lead Massachusetts during a time when those values are under attack.”
Now the debate turns to the House, and Big Tech is pulling out all the stops to fight the bill. To them, the notion that Massachusetts residents might gain real control over their personal data is cause for concern. To combat the legislation, they are pulling tricks from a well-worn playbook of opposition to strong privacy legislation in other states.
What’s in the Big Tech playbook to kill data privacy proposals that protect our rights and safety as individuals? It’s simple: Spread misinterpretations about the bill. Fearmonger about its impact on small businesses. Hide behind them. And profess to support privacy protections — as long as they don’t meaningfully change what Big Tech does with our personal information.
The first thing to know is that the biggest tech companies rarely oppose strong privacy legislation publicly using their own brand names. They know that it would be unsympathetic for some of the richest companies in human history to complain that privacy rules would hurt their bottom line. So instead, they seek cover behind industry front groups with generic sounding names, to make it appear that small businesses agree with Big Tech’s talking points.
One of their key arguments revolves around the idea that if companies like Google, Amazon, and Meta are subject to laws restricting their surveillance of consumers, the advertising tools they sell to small businesses will be less effective. But real world precedent suggests otherwise. For example, the vast majority of iPhone users chose to opt out of being tracked when Apple allowed them to do so in 2021, dramatically reducing the universe of personal data available to large surveillance advertising companies. But despite the large number of opt-outs (which, incidentally, shows how much consumers want strong privacy protections), the app marketplace remains strong and many businesses have found alternative ways to reach customers or otherwise monetize their products.
The truth is that giant tech companies resist changes to their privacy practices because the absence of strong privacy laws allows them to dominate the market and make a fortune off of our personal data. In fact, Big Tech’s data domination harms small businesses too. For example, Google is currently being sued by the Department of Justice for cornering the market for advertising tools and abusing their power in a way that has been shown to increase costs for their small business customers. They are no friend to small business.
Ultimately, the Massachusetts Data Privacy Act would simply require businesses to approach the collection and use of personal data with respect for the consumer. For one, the bill would require businesses to limit collection of personal information to that which is actually necessary to provide the consumer with the product or service they’ve requested.
For example, your flashlight app doesn’t need troves of personal information to function and certainly shouldn’t be collecting that information just so it can sell it behind your back. The bill would prevent this type of extraneous collection by default, instead of putting all the work on consumers to read dense privacy policies and decide whether they should opt in or out.
Second, the bill would put restrictions around sensitive data, which includes information about your health, children, geolocation, DNA, religion, race, sex life, and more. Selling data about our precise location throughout the day poses an enormous danger to everybody, but especially children, seniors, women, the families of military, veterans and law enforcement, and victims of domestic violence. The bill would ban the sale of this sensitive data outright, and would prevent companies from using it unless it is strictly necessary to provide the service requested by consumers. While some companies say they would never sell sensitive data, enough do so to create significant risk for all of us — so a ban on the sale of our sensitive data is absolutely essential.
The good news is that the Massachusetts Senate’s unanimous approval of the bill, and engagement from leaders in the House, has shown that these ideas are sensible and bipartisan. In some states, legislators have fallen for Big Tech’s exaggerations. We’re hopeful that Massachusetts lawmakers will chart a different course.
Massachusetts is a world leader in technology development, and the state can be a beacon of light on privacy, too.
Matt Schwartz is a policy analyst at Consumer Reports.
Upcoming Events
