Controversy spurred by revelations of National Security Agency spying on U.S. citizens has curled back to lax privacy provisions on major technology giants such as Google and Yahoo. They also lead to a very different kind of recommendations for protecting consumer and citizen privacy.
Georgetown University Professor Abraham Newman writes in Foreign Affairs that Silicon Valley data masters protest too much about routine NSA poking around. "The companies pledge to step up privacy protections," Newman says, "but such protections run counter to the business model and public policy agenda that tech companies have pursued for decades."
"For years, U.S. information technology firms have actively backed weak privacy rules that let them collect massive amounts of personal data," Newman explains. "That strategy enable the companies to work their way into every corner of consumers' lives and gave them a competitive edge internationally. These same policies, however, have come back to haunt IT firms. Lax rules created fertile ground for NSA snooping."
Newman says U.S. officials, including the Obama administration, have acquiesced to self-regulation by American IT giants. "Until this year, the self-regulation strategy paid off," Newman writes. "With their nearly unrestricted access to U.S. consumer data, IT companies were able to mine information in ways that many of their European competitors could never imagine."
So what was good for Google became great for NSA, Newman says. The data had already been collected and was just waiting for NSA to pore through.
Newman's assertions suggest a far more fundamental approach to reining in NSA excesses than adding a public advocate to the Foreign Intelligence Surveillance Court proceedings. Newman is suggesting tighter data privacy rules that affect both Google and NSA. Politically that is a much greater leap, but according to Newman nothing less may truly address the problem.
He calls for a strengthened privacy system with these elements:
- A consumer advocate similar to European data privacy offices that assist online users navigate the tricky and quickly changing waters of information technology.
- National data-breach legislation, requiring consumer notification if their information has been hacked, stolen or lost.
- IT companies must move from harvesters to stewards of consumer data. "Firms need to find ways to limit unnecessary data collection and integrate privacy and consumer stakeholders into their business models. Doing so will make good business sense: The trustworthy companies will sell more products."
- U.S. IT firms need to move from advocating weaker international data collection regulation to a constructive role in "building a global framework for the protection of personal information."
Abraham L. Newman, professor at the School of Foreign Service at Georgetown University and author of “Protectors of Privacy: Regulating Personal Data in the Global Economy.”