States are currently debating comprehensive privacy legislation. The federal government will likely join the fray within the next few months, if not earlier. There are a ton of questions to answer before policy is set. The discussions at the state level and the policy discussions in Washington, D.C. so far have identified the partisan lines, ideology, and have thus far failed to identify principles the various interests can agree on.
Part of the problem identifying solutions is that no one can agree on what the problem is. What harm, or injury, are policymakers trying to solve through legislation? I want to take a few hundred words to discuss two related points everyone interested in the “privacy” discussion ought to understand: 1) comprehensive “privacy” proposals do not solve the “privacy problem” and 2) the philosophy undergirding most pushes for “comprehensive” privacy legislation.
Let’s start with a disclaimer, though. I am not suggesting that no problem exists. Just that the “privacy problem,” as framed by a number of activists and advocates, is wrong. Or at least, that the way in which they frame “privacy” does not provide the full picture.
The privacy problem cannot be solved by comprehensive legislation. As discussed in an earlier article, there are too many facets of the debate. When an issue is complex, omnibus policy ideas simply don’t work. Instead, those omnibus proposals get in the way of things like innovation, disruption, and economic mobility.
State comprehensive privacy bills would make it difficult, if not impossible, for any entity to collect information about, or created by, a person. The proposals, which are modeled after Europe’s General Data Protection Regulation (GDPR), California’s Consumer Privacy Act (CCPA), or both, dictate what companies must do prior to collecting information about, or created by, people.
For example, CCPA requires businesses to make specified disclosures, delete information about consumers upon request, create a way to make information about a consumer portable, and much more. If a company runs afoul of the letter of the law, the state attorney general or private citizens can sue. New York would require companies to develop a “comprehensive security program” and submit it for approval by a state government office. Washington State would require companies that “intentionally target” residents and “control or process personal data of one hundred thousand consumers or more” to hire a personal data “controller.” The controller would be responsible for ensuring the business complies with the law.
None of these requirements would solve a “privacy problem.” Because they would not solve that problem, the laws or proposals relate not to privacy, but data governance. This also means that the “problem” activists and policymakers are trying to solve is something other than privacy.
I would posit that the “problem” a number of activists are trying to “solve” is not a problem at all. Instead, these activists despise the free market and want to prevent companies from earning profits. The “problem” they see is the private sector and they want to destroy, or otherwise regulate it.
In a 2009 interview, a technology policy leader from the left was interviewed in The Bullet, a publication of the Socialist Project. In that wide-ranging discussion, Robert McChesney laid out the philosophy and tactics the left would take over the next few years. The tactics include a government takeover of the internet, the nationalization of the press, and preventing companies from monetizing data. Here are a few of McChesney’s thoughts:
- “The final issue that we have to deal with... is what I call hyper-commercialism. This is the conversion of every space and moment of time in our lives to selling something, promoting something, branding something. This is a huge problem in the U.S...”
- “We need to organize against hyper-commercialism. This is an easy sell for the Left. We understand that advertising is not something done by all people equally, but rather done by a small group of people working on behalf of multinational corporations. Advertising is commercial propaganda...”
- “Advertising is the voice of capital. We need to do whatever we can to limit capitalist propaganda, regulate it, minimize it, and perhaps even eliminate it...”
- “We are at a critical juncture in the history of communication... The capitalist economy dominated by corporations has failed...”
This type of thinking has pervaded tech media, too. Take, for example, a New York Times article from 2018. The author’s thesis is that the internet’s villain—the problem policymakers need to solve—is “the advertising business.” The advertising business, he claims, abuses the consumer by collecting data and creating profiles for the purpose of making money. He then states that “for all its power, the digital ad business has long been under-regulated and under-policed, both by the companies that run it and by the world’s governments.”
Regulating the tech sector has long been a desire of the far-left. They achieved some of that goal when the California legislature enacted CCPA. But the legislature had a gun to its head. A couple of activists placed a ballot measure that was far worse and offered to pull the measure if the legislature acted. One of those activists spoke at a tech conference earlier this year, where she identified the problem they sought to solve as “the private sector.”
Data governance laws, or as activists want you to believe, “comprehensive privacy” laws are not rooted in free market philosophies. They are designed to control the flow of capital. They are designed to hurt corporations. They are designed to “solve” the “problem” of capitalism. They are rooted in socialist and Marxist ideology.
Rather than protecting consumers, which of course they are not designed to do, these data governance laws place significant barriers for entrepreneurs looking to launch new services and products. They seek to damage, if not destroy, the private sector, the ability to create innovative offerings, and protect incumbent providers.