Congress isn’t acting on data privacy, so Pennsylvania should
While Congress continues to dither about reigning in tech companies’ profiteering on users’ data, states must pass a consumer data privacy law. Some states already have. Pennsylvania has not. As Microsoft’s own senior director of public policy, Ryan Harkins, testified at a state House Consumer Affairs Committee hearing last Wednesday, the industry can’t be trusted to regulate itself.
Companies scoop up your data — your basic data like phone numbers, your web, streaming and shopping histories, even your voice and your keystrokes. They do this not only to sell you products you didn’t know you wanted, but to change your behavior.
Harvard Business School professor Shoshana Zuboff explains that driven by competition, companies like Google and Microsoft and thousands of lesser known ones, create ever more effective behavioral-prediction products.
“Ultimately,” she says, “they’ve discovered that this requires not only amassing huge volumes of data, but actually intervening in our behavior. The shift is from monitoring to what the data scientists call ‘actuating.’” These companies “develop ‘economies of action,’ as they learn to tune, herd and condition our behavior with subtle and subliminal cues, rewards, and punishments that shunt us toward their most profitable outcomes.”
Americans have been taught for generations to fear the creation of an omnipotent surveillance state. We have not been nearly as primed to fear private surveillance. Now, experience is teaching what American culture had not: Corporate surveillance of every moment of everyday life, using the powerful tools of the digital age, is at least as threatening to liberty and privacy as anything a government bureaucracy could cook up.
Everything about who you are is for sale to the highest bidder to do what they want with. Mostly it’s about selling products and suggesting media, but there’s no telling what other uses this data — including, we reiterate, sounds and keystrokes from private conversations — could be used for. Besides malicious and illegal activities, like identity theft and fraud, what about malicious and legal activities, like influencing credit scores and insurance premiums? Like using your health data to deny you insurance or otherwise control your life?
California led the way in 2020 with the California Consumer Privacy Act. Virginia, Colorado, Utah and Connecticut have followed suit. Pennsylvania legislators should study these laws and then quickly pass a version of their own. Every minute they fail to do so, “big data” gathers more data and gains more power over your lives.