Today, Senator Brian Schatz (D-HI) led a group of 15 senators in introducing the “Data Care Act of 2018,” which would require online service providers like Facebook and Google to responsibly protect individually identifying information about consumers. The bill would also require that these providers, including apps and websites, be held to similar duties of care, loyalty, and confidentiality that other professions with unique knowledge and power — like doctors and lawyers — already adhere to. Public Knowledge welcomes the bill as a good starting point for a discussion about what responsibilities custodians of our personal information should have.
The following can be attributed to Allie Bohm, Policy Counsel at Public Knowledge:
“We’re excited to see this innovative addition to the federal privacy debate and hope that Mr. Schatz’s legislation spurs a much needed conversation about the appropriate responsibilities for custodians of our personal information.
“However, the bill leaves room for improvement. For example, the bill would only stop companies from using personal data for their own benefit at consumers’ expense when it will result in reasonably foreseeable, material physical or financial harm. This list of harms is woefully incomplete.
“Similarly, the bill only requires companies to notify end users of a data breach when ‘sensitive’ data are breached — this list is too limited to be effective. In fact, under the bill, Facebook would not have had to notify end users about Cambridge Analytica. Furthermore, the bill does not address how to handle conflicts between companies’ duties to their end users and their duties to their shareholders.
“We are very interested in Mr. Schatz’s idea and look forward to working with his office to improve this legislation so that it fully protects consumers.”
Members of the media may contact Communications Director Shiva Stella with inquiries, interview requests, or to join the Public Knowledge press list at email@example.com or 405-249-9435.