Friday, March 29, 2013

Ex-White House Official Joins Group Fighting "Excessive" Online Privacy Laws



As the Obama administration and tech company lobbyists chip away at the European Union's attempts to protect online privacy, a new pro-industry coalition has popped up to join the fray. Not quite two weeks ago, the Coalition for Privacy and Free Trade announced its existence. The group's senior academic adviser is Daniel Weitzner, who, less than two years ago, was working as the White House's deputy chief technology officer for internet policy.

Weitzner tells Mother Jones that he joined the coalition because he wants to strengthen privacy laws while ensuring the free flow of information. He worked for the administration from March 2011 to August 2012, leading the development of the much-lauded Consumer Privacy Bill of Rights, a blueprint that asserts Americans' right to control what happens to their online data. Marc Rotenberg, president of the Electronic Privacy Information Center, calls the document "a significant achievement" and says that "Danny deserves a fair amount of credit for it." But, he adds, "the critical question is whether it will be enacted into law." For now, its recommendations are voluntary.

Some privacy experts are concerned that Weitzner and the Coalition for Privacy and Free Trade will help companies like Facebook and Google continue to have free rein over their users' personal information. "This coalition appears to be a well-oiled campaign driven by the special interests of tech companies," says Jeffrey Chester, executive director of the Center for Digital Democracy. "The use of a former, now revolving-door, White House official is also disturbing, because it gives them influence to win major concessions." Joe McNamee, the EU advocacy coordinator at European Digital Rights, a coalition of privacy groups, notes, "There is a fundamental concern whenever high-level staff or politicians take a corporate position."

"It's true that I worked on privacy in the administration and I continue to work on privacy issues," Weitzner says. "But I believe really strongly that privacy tends to make progress when there are broad coalitions." He says he is not lobbying the Obama administration in any way.

Weitzner is currently the director and cofounder of MIT's Computer Science and Artificial Intelligence Laboratory's Decentralized Information Group. He has also worked as the policy director of the World Wide Web Consortium (which has been criticized for emphasizing voluntary regulation over privacy laws) and cofounded the Center for Democracy and Technology.

"This coalition appears to be a well-oiled campaign driven by the special interests of tech companies."

The Coalition for Privacy and Free Trade was launched on March 18 by Hogan Lovells, an international law firm that has worked with corporations like Apple, IBM, and Amazon, as well as various governments. The coalition's members include legal experts, a former EU ambassador to the United States, and Reagan-era trade representative Clayton Yeutter. Christopher Wolf, director of Hogan Lovells' privacy and information management practice group, says that the coalition is not intended to be comprised solely of tech companies, but instead, "we welcome all companies that collect, use, and transfer personal data." Wolf says the coalition is not ready to announce its members, but will soon.

The coalition plans to participate in the upcoming Transatlantic Free Trade Agreement negotiations, pushing for laws that provide privacy protections like those found in Obama's consumer privacy bill, while also making sure that "excessive" regulations don't inhibit economic growth. Earlier this month, Wolf testified before the US International Trade Commission that one of the big differences between the US and the EU proposals is that the United States still intends to rely on "self-regulation" and won't require companies to report data breaches within 24 hours.

Companies like Google, Yahoo, Facebook, Amazon, and eBay have been spending millions of dollars lobbying against the European Union's attempt to protect internet users' personal information. In January, the EU proposed requiring its member states to let users opt out of targeted advertising and web tracking (similar to what the struggling "Do Not Track" bill proposed by West Virginia Sen. Jay Rockefeller would do). It also proposed giving users the right to erase any of their personal information from the web, meaning that you could ask Facebook to stop holding on to your information even after you delete your profile (Facebook tends to hang on for dear life to your info) or, more controversially, ask Google to remove information from its search results that you plain just don't like.

It's not just tech companies that are trying to weaken the EU proposals: The Department of Commerce is also lobbying the European Parliament. "The Obama administration has been very destructive in the EU privacy discussions so far," says McNamee of European Digital Rights. "It intervened even before the draft regulation was published and put sufficient pressure on the European Commission to have entire swaths of text deleted."

McNamee thinks that the Obama administration will have better luck influencing the EU Commission through the upcoming free-trade negotiations. In a letter the Department of Commerce sent to the Center for Digital Democracy on March 12, Lawrence E. Strickling, assistant secretary for communications and information, acknowledged that discussions about the privacy regulations were taking place between the US government and European governments, but said that they "are not intended to limit the protections that the European law would provide its citizens. Our primary focus is to achieve interoperability between our systems."

Interoperability is the big, snazzy word in these discussions, but what does it mean? Weitzner explains, "I think there's a real opportunity to improve privacy standards both in the US and Europe and do so in a way that keeps the free flow of information on the internet…I want to make sure that we don't end up with a privacy law only because people think a law sounds nice." In other words, interoperability is about finding a way for different privacy frameworks to work together—be it in China or the EU—without necessarily changing the way US corporations do business.

Ben Wizner, director of the ACLU's Speech, Privacy, and Technology Project, notes this could lead to a scenario where "interoperability becomes this race to the bottom, where the weaker protections of the American system are exported to Europe and the world."

But Weitzner says some of the proposals the EU is suggesting, like the "right to be forgotten," could be "very damaging for the right to free expression around the world" because anyone could have the right to erase information from the web that makes them unhappy. He also says that the United States "has a lot of very good, strong privacy practices that US companies are held legally accountable for by the Federal Trade Commission." Wolf agrees: "Tech companies generally know their practices are subject to extreme strict scrutiny by regulators, including the FTC and state attorneys general."

Wizner concurs that the FTC has been "admirably aggressive in enforcing its mandate" but points out that "the FTC mandate is limited—they can only police outright deceit and unfairness. There is no basic privacy law that governs whether those companies can collect information, what information they can collect, and how long they can store it."

Rotenberg, who supervised Weitzner as an intern when they both worked for the Washington, DC, office of Computer Professionals for Social Responsibility, calls the concerns about the Coalition for Privacy and Free Trade "legitimate" but says that "Danny Weitzner should be working to ensure that the White House makes good on its commitment to establish privacy legislation…The fact that the president has made clear his support for stronger privacy laws is very important. I tend to be an optimist."

No comments:

Post a Comment