The first 10 amendments to the U.S. Constitution make up the Bill of Rights. James Madison wrote the amendments, which list specific prohibitions on governmental power, in response to calls from several states for greater constitutional protection for individual liberties.
Earlier this year, U.S. Rep. Ro Khanna introduced an "Internet Bill of Rights," proposing six principles designed to ensure the protection of Internet users:
- The right to universal web access
- The right to net neutrality
- The right to be free from warrantless metadata collection
- The right to disclose amount, nature and dates of secret government data requests
- The right to be fully informed of scope of data use
- The right to be informed when there is change of control over data
The Democratic representative, whose Silicon Valley district is home many major tech firms, believes such legislation is overdue. "There's great concern that Americans have about the protection of their privacy online and about their security online," Khanna told The Washington Post. "They are looking to the United States Congress to help put together well-crafted regulation to protect them in the cyber world."
Why it's needed
"Now is the time for Congress to act to protect the public interest and the integrity of the democratic process by adopting comprehensive and effective personal privacy protection legislation," said James Hendler, chair of the U.S. Technology Policy Committee for the Association for Computing Machinery, the world's largest scientific and educational computing society, restating testimony the organization submitted to the Senate Commerce Committee earlier this year.
Hendler believes that academics, industry, consumer advocates, technical experts and government all must be involved in designing a regulatory regime that fosters both privacy and profit. "ACM is non-partisan and non-political, but we recognize that different groups may have different agendas," he added. "We will be working to underscore that whatever is finally legislated is based on a real understanding by Congress of the technologies at issue and can truly be effective at a technical, not just rhetorical or political level."
"The IT community definitely needs to throw its full weight behind such a project," said Thomas Ujj, a cybersecurity expert and privacy advocate at BestVPN.com, a virtual private network (VPN) price comparison site. "Data breaches like the ones we saw at Equifax or Yahoo in recent years will only become more common as businesses battle for more and more consumer data," he observed.
Companies need to get behind the major initiative on the horizon of doing a better job to protect consumer data, concurred Jason Wang, CEO of TrueVault, a company that helps enterprises comply with government privacy rules. "While recent regulations like the CCPA (California Consumer Privacy Act) are important and a step in the right direction, it would simplify the process to put forward one federal law for companies to follow across the U.S. that does a better job of securing personal consumer data and notifying consumers when a breach occurs, rather than a patchwork of different regulations that may vary state by state," he explained.
Ujj noted that 2018 saw a number of privacy laws enacted in Europe, Japan and Brazil, while the only U.S. state to introduce meaningful privacy legislation was California. "The rest of the United States should strive to join California and the rest of the world in providing legislation that puts online privacy at the forefront," Ujj said. "The original Bill of Rights provided the first 10 amendments to the U.S. Constitution and shaped our great country into what it is today," he added. "Here’s hoping that the Internet version has the same effect."
Not so fast
Rahul Telang, professor of information systems at Carnegie Mellon University's Heinz College of Information Systems and Public Policy, is skeptical about the need for any legislation resembling an Internet Bill of Rights. "These ideas have been around for a long time, so there is nothing particularly novel about them," he observed. Some of the problems targeted by the legislation are directly a function of market power accumulated by firms like Facebook and Google, he noted. "Their very large reach automatically make them magnets for fake news, misinformation, data misuse and lack of oversight," Telang said. "I am not sure if there is an appetite in policy circles in the U.S. to take any particular action against the market power."
Ryan McMaken, an economist and editor at the Ludwig Von Mises Institute, a libertarian economic think tank, also sees little need for an Internet Bill of Rights. "First of all, many people can simply opt out of using many of these firms, such as social media firms," he explained. "Unlike a government agency, these firms are not actually monopolistic and, thus, need not be constrained by a new regulatory scheme."
"If the real goal is to help diminish the effects of these firms' huge market share, then lawmakers ought to strive to create a legal and regulatory atmosphere that fosters the creation of new competitors and small businesses that can compete against established firms," McMaken said. Additional regulations, he noted, will only raise the cost of doing business, favoring existing companies like Facebook, Google and Twitter, which currently dominate the marketplace. "Smaller firms, with less operating capital and with less ability to borrow large amounts of funds, will suffer from additional regulations," he concluded.