Microsoft Says It's Cool With California's New Privacy Law
from the competing-on-privacy dept
We’ve made it abundantly clear that California’s new privacy law is aggressively undercooked, and will require some very serious fine tuning if it’s going to be workable for many California companies. At the same time, giant companies like Google, Comcast, and AT&T have spent a lot of time aggressively misrepresenting what the law actually does, running ads outright lying about the bill’s impact, and downplaying the fact that states wouldn’t be wading into the privacy waters if these companies hadn’t lobbied to kill modest federal privacy requirements in the first place.
Whereas companies like Facebook have repeatedly and routinely tripped over themselves in almost dystiopian fashion to make their existing regulatory headaches worse, it has been interesting to watch Microsoft, steeled from its experiences in the late 90s, navigate the current minefield more deftly. That was on display again this week when Microsoft came out in seemingly total support of California’s new privacy law, with a blog post by Chief Privacy Officer Julie Brill stating the company intends to apply its adherence to the California Consumer Privacy Act (CCPA) law nationwide:
“CCPA marks an important step toward providing people with more robust control over their data in the United States. It also shows that we can make progress to strengthen privacy protections in this country at the state level even when Congress can?t or won?t act.
We are strong supporters of California?s new law and the expansion of privacy protections in the United States that it represents. Our approach to privacy starts with the belief that privacy is a fundamental human right and includes our commitment to provide robust protection for every individual.”
It may just be that I’ve covered telecom companies like AT&T for too long, but it’s interesting to note that nowhere in the blog post does Microsoft even fling so much as an underhanded, veiled criticism of California’s efforts. It’s a notable contrast to other Internet Association members, many of which have been running advertisements falsely claiming the bill will result in people having to pay per click just to access websites that used to be free:
Here are the ads that lobbyists for FB, Google and other tech giants are running in California as they seek to rewrite the state's landmark privacy law. My latest from Sacramento: https://t.co/Jw43CUlmbu pic.twitter.com/sK95ydEEn7
— Tony Romm (@TonyRomm) September 3, 2019
While Microsoft is still a member of the group running these ads, the blog post seems to indicate at least a few people at Microsoft understand that this is a battle you’re not going to win by swimming upstream or doubling down on idiotic behavior (oh hey Facebook, didn’t see you standing there).
Outside of the problematic COPPA, there’s no meaningful US privacy laws for the internet era, and the endless series of hacks, breaches, incompetence (like leaving private data in openly exposed Amazon cloud buckets) make it clear modern US industry is too incompetent to self regulate and we need at least some basic rules of the road on privacy. Yes, government dysfunction and corruption means it’s going to be ugly as hell as we figure out what that looks like, but that doesn’t somehow magically eliminate the necessity for some meaningful penalties for incompetent privacy-violating corporate giants.
Microsoft’s clear support for existing efforts is a far cry from the response by companies like Facebook and AT&T. Both companies claim they want a federal privacy law, but what they really want is their lawyers to write a loophole-filled federal law with only one real purpose: to pre-empt any tougher state or federal measures. They’re well aware that any good bill will result in informed, empowered consumers who’ll opt out of snoopvertising, costing them billions, and their response is to try and undermine those efforts at every opportunity.
And while it’s certainly possible Microsoft feels the same way and is just engaged in a convincing head fake here, it’s also possible Microsoft seriously intends to actually compete on privacy, realizes the die is already cast thanks to an incredibly pissed off public, and knows that swimming against the tide is going to prove counterproductive and harmful to their brand–and their customers–over the longer haul.