Privacy News: July 22
Probing how tech companies data handling could put people looking for information about abortions at risk, Federal privacy legislation advances, and more
Privacy after Roe
Democrats widen scrutiny of tech over abortion data privacy
Marcy Gordon, Associated Press (apnews.com)
In the aftermath of the Supreme Court, Congressional Democrats are pushing tech companies on their privacy policies.
Six House Dems sent letters to Amazon, Oracle, Near Intelligence Holdings and Mobilewalla asks asking how the companies handle location data from mobile phones, and what they're doing to protect the privacy rights of individuals seeking information on abortion. As Reps. Lori Trahan (D-MA), David Cicilline (D-RI), Yvette Clarke (D-NY), Debbie Dingell(D-MI), Adam Schiff(D-CA), and Sean Casten (D-IL) highlight:
Data collected and sold by your company could be used by law enforcement and prosecutors in states with aggressive abortion restrictions. Additionally, in states that empower vigilantes and private actors to sue abortion providers, this information can be used as part of judicial proceedings....
When consumers use apps on their phone and quickly tap ‘yes’ on ‘use geolocation data’ pop-ups, they should not be worried about the endless sale of their data to advertisers, individuals or law enforcement. And it most certainly should not be used to hunt down, prosecute and jail an individual seeking reproductive care. Companies can take action today to protect individual rights.
And Senators Elizabeth Warren and Edward Markey of Massachusetts sent letters to companies making software to monitors students’ online communications, asking whether their software flags students’ online searches for abortion and other related terms. My guess is that Bark Technologies, Gaggle.net, GoGuardian and Securly will say something like "it's our customers who choose what to monitor for", in other words "yes but it's not our fault." We shall see.
SEE ALSO:
Democrats press Oracle, AWS over their post-Roe data collection, Cristiano Lina in the Washington Post. The article has some excellent quotes from Michael Kleinman of Amnesty International, who also wrote to the companies.
Other post-Roe privacy news
South Carolina bill outlaws websites that tell how to get an abortion, Cat Zakrzewski on The Washington Post (washingtonpost.com)
Hamilton: Pregnant people in Indiana are about to lose state privacy protections, Mayor John Hamilton on The Herald-Times (heraldtimesonline.com)
The Most Popular Period-Tracking Apps, Ranked by Data Privacy, Kristin Poli, on WIRED (wired.com)
Amazon’s $3.9 billion One Medical acquisition is already raising data privacy concerns, Clint Rainey on Fast Company (fastcompany.com)
Federal privacy legislation
Federal privacy legislation progresses, but concerns about data brokers loom
Tonya Riley on CyberScoop (cyberscoop.com)
On Wednesday, the House Energy & Commerce unanimously advanced the bipartisan, bicameral American Data Protection and Privacy Act (ADPPA). It's the first time a consumer privacy protection bill has ever made it out of committee in Congress, so congrats to all involved!
The vote was 53-2, and many DC-based privacy organizations supported the amended version of the bill. The two no votes were both from Californians (Anna Eshoo and Nanette Diaz Barragán), although Donald McEachin of Virgnia and Doris Matsui of California said they were voting yes to advance the bill but it did not yet have their support on the floor. The highest-profile issue is that the current version of the bill preempts most current and future state laws, including California's CRPA. The bill's upporters say that this faustian bargain (as privacy scholar Daniel Solove describes it) is necessary to get industry's support for the bill.
But that's far from the only issue. From Riley's article:
“The bill before us has a major loophole that could allow law enforcement to access private data to go after women,” said Rep. Anna Eshoo, D-Calif., who voted against the bill. “For example, under this bill, a sinister prosecutor in a state that criminalizes abortion could use against women their intimate data from search histories or from reproductive health apps. That loophole must be addressed.”
And Senator Wyden continues to be concerned about the exemption of de-identified data.
“[T]his loophole could allow data brokers to sell location data to the government about visits to reproductive health facilities, for example, or other private information that is trivially easy to connect to individuals,” a Wyden aide wrote in an email to CyberScoop. “He strongly believes this must be fixed before any legislation becomes law.”
Interestingly, there was almost no discussion of these issues during the markup or the hearing – almost none of the other articles about ADPPA mention talk about the elephant in the room.
SEE ALSO
- https://www.vitallaw.com/news/house-e-c-committee-amends-approves-privacy-legislation/e832d1fbfa14479299e92c243bb65d98
- American Data Privacy and Protection Act heads for US House floor, Joseph Duball on International Association of Privacy Professionals (iapp.org)
- American Data Privacy and Protection Act Advances in Congress, on EPIC - Electronic Privacy Information Center (epic.org)
- National US data privacy law clears first legislative hurdle, Brandon Vigliarolo on The Register (theregister.com)
- Congress Might Pass an Actually Good Privacy Bill, Gilad Edelman on WIRED (wired.com)
- Conceptions of Privacy Shouldn’t Stand in the Way of Privacy Standing, Caprice Roberts on Lex (lex.jotwell.com)
- The Bipartisan House Privacy Bill Would Surpass State Protections, Stacey Gray of Future of Privacy Forum on Lawfare (lawfareblog.com)
- Federal privacy legislation that protects civil rights is critical for all Americans, Bertram Lee of Future of Privacy Forum on The Hill (thehill.com)
- Data privacy bill moves forward over objections from Gavin Newsom and two California Congress members, Bob Egelko on San Francisco Chronicle (sfchronicle.com)
- A Faustian Bargain: Is Preemption Too High a Price for a Federal Privacy Law?, Daniel Solove on TeachPrivacy (teachprivacy.com)
- Americans Deserve More Than The Current American Data Privacy Protection Act, Hayley Tsukayama, Adam Schwartz, India McKinney, and Lee Tien on Electronic Frontier Foundation (eff.org)
UPDATES:
- House E&C Committee Amends, Approves Privacy Legislation, Lynn Stanton, VitalLaw (vitallaw.con) has lots of quotes
- The Sunday Show: Prospects for the American Data Privacy and Protection Act, Justin Hendrix with Nora Benevidez of Free Press and Justin Brookman of Consumer Reports, Tech Policy Press (techpolicy,press)
And ...
Amazon’s $3.9 billion One Medical acquisition is already raising data privacy concerns, Clint Rainey on Fast Company (fastcompany.com)
California privacy rules target dark patterns through technology design, Robert Freedman on Cybersecurity Dive (cybersecuritydive.com)
A Frozen Document in China Unleashes a Furor Over Privacy, Wenxin Fan on WSJ (wsj.com)
The DHS Bought a ‘Shocking Amount’ of Phone-Tracking Data, Ashley Belanger, on WIRED (wired.com)
Some popular children’s apps contain ‘risky’ code transmitting sensitive data, audit finds, Conor Duffy and Leonie Thorne, ABC News (abc.net.au)
TROPT Ethical, Responsible & Privacy Tech Unconference 2022, The Rise of Privacy Technology on hopin.com
Proposed EU AI Act blurs lines between AI developers and data processors under GDPR, Alex LaCasse on International Association of Privacy Professionals (iapp.org)
UK and US seek out privacy-enhancing innovations, E&T editorial staff on E&T Magazine (eandt.theiet.org)
Indian women shunning Facebook due to safety, privacy concerns: Study, Ayushi Kar on The Hindu BusinessLine (thehindubusinessline.com)
Meta Platforms CEO Zuckerberg to testify in Cambridge Analytica privacy lawsuit, Al Arabiya English on Al Arabiya English (english.alarabiya.net)
Image Credit: Privacy by Nick Youngson CC BY-SA 3.0 Alpha Stock Images via PicPedia.