Big Tech As Its Own Privacy Regulator

The privacy power-players in 2021 aren’t federal lawmakers – they’re tech giants. However, the year is young, and lawmakers already have the enthusiasm to drive privacy progress. They just need to channel it into a federal privacy law.

Big Tech Calling the Privacy Shots

Earlier this week, Jessica Davies succinctly summarized the current privacy situation: “Platforms, not regulators, are driving data privacy enforcement.” While state-level bills have proliferated – twenty-odd bills in 2021 alone – the lack of federal privacy legislation has allowed Google and Apple to set their own privacy standards.

Davies connects the dots between many of 2021’s big privacy stories. I’d add another point to the picture. We need federal lawmakers to pursue federal privacy legislation with the bipartisan enthusiasm that they pursue anti-monopoly issues against Big Tech. Not just because we want them to, but because the two issues are connected. When large companies set the rules of the road for privacy, they determine who can collect that precious commodity: data. Without federal standards, they take on the role that federal privacy legislation should, to their own competitive benefit.

Privacy Power Moves

In a nutshell, Google and Apple‘s privacy moves restrict third-party data processing while leaving their own first-party data practices unaffected. The updates drive up the value of data that they can collect in abundance but smaller businesses and start-ups cannot. Indeed, Google and Apple’s new requirements are not laws. But with each of them dominating their markets, they effectively determine the behavior of smaller businesses using their infrastructure.

These moves might appear as a welcome development to a privacy-concerned public. However, the companies’ updates work to their competitive advantage and leave privacy concerns with their own product largely unresolved.

Harnessing Momentum for Privacy Progress

Federal privacy legislation would help to level the playing field, setting data standards that don’t just benefit companies already at the top of the food chain. The legislative appetite is there. Lawmakers just need to see it.

In the past six months, lawmakers on both sides of the aisle have criticized Google and Apple for market dominance in their data practices. A Democrat-led report highlighted Big Tech’s gatekeeping practices in October. In December, 38 states’ attorneys general filed lawsuits against Google. And last month saw a GOP-backed bill against Google and Apple regarding their dominance in the app market.

A common thread through these claims is that Big Tech’s data practices leave no room for competitors. A federal data privacy law will not resolve all tensions here. But it would provide clarity in what kinds of data businesses can handle. Crucially, it won’t be a business calling the shots at the expense of smaller businesses’ bottom line. State-level regulations alone won’t be enough to keep smaller businesses competitive. As Gary Shapiro, president and chief executive of the Consumer Technology association, recently emphasized:

“A state-by-state [approach to privacy regulation] is a killer to competition. It’s a barrier to entry for the smallest of companies and the greatest of ideas.”

Lawmakers just need to make the connection between their anti-competitive concerns and the void where a federal privacy law should be.

Privacy Legislation as a Bridge, not a Barrier

More regulation might sound like a roadblock to business, but codifying federal privacy standards where there are none would actually drive growth. A federal privacy law would help restore US competitiveness in the global market, where the EU is currently shaping the digital agenda. It would also give clear guidelines to businesses of all sizes, empowering them to innovate and be confident that they are respecting users’ data. To establish a more level playing field, foster growth for businesses, and address longstanding anti-competitive issues, a US federal privacy law belongs atop lawmakers’ 2021 priorities.