Forget A TikTok Ban, We Need To Regulate Data Brokers And Pass A Real Privacy Law
from the you're-not-actually-fixing-the-problem dept
We’ve noted for a while now how the great TikTok moral panic of 2023 is largely a distraction. It’s a distraction from the fact we’ve refused to meaningfully regulate dodgy data brokers, who traffic in everything from your daily movement habits to your mental health diagnosis. And it’s a distraction from our corrupt failure to pass even a baseline privacy law for the internet era.
Most of the folks crying the loudest about TikTok were the same people that created the policy environment that lets TikTok (and anybody else) play fast and loose with consumer data in the first place.
And they don’t want to actually fix the mess they created. U.S. corporations don’t want to make slightly less money under a policy framework that empowers consumers, and the U.S. government doesn’t want to have to get a warrant for all of that data it buys from brokers.
So you get what we have here: a big dumb performance in which we pretend that banning a single app actually does anything of use. After all, the Chinese, Russian, and U.S. governments can all just buy data from the poorly regulated data broker market. They don’t need TikTok for surveillance and propaganda; they have plenty of data brokers and U.S. tech giants for that.
For a while it was actually kind of hard to see this viewpoint reflected in press coverage of the TikTok fracas, which initially leaned heavily toward patriotic fervor. Fortunately that’s slowly starting to shift as calls for a ban begin to grow in earnest. Case in point: this New York Times piece by Julia Angwin that once again makes it clear that a TikTok ban isn’t thinking broadly enough:
The even deeper problem is that putting TikTok under state control, banning it or selling it to a U.S. company wouldn’t solve the threats that the app is said to pose. If China wants to obtain data about U.S. residents, it can still buy it from one of the many unregulated data brokers that sell granular information about all of us. If China wants to influence the American population with disinformation, it can spread lies across the Big Tech platforms just as easily as other nations can.
Angwin also points out something else I’ve found annoying about the myopic fixation on TikTok: we’ve never seen anything close to the same level of concern about the poorly-secured Chinese-made routers and internet of things devices Americans happily attach to their home networks with reckless abandon:
Not to mention that our national lack of focus on cybersecurity defenses means that it would be much more effective for China to just hack every home’s Wi-Fi router — most of which are manufactured in China and are notoriously insecure — and obtain far more sensitive data than it can get from knowing which videos we swipe on TikTok.
None of this is to say that TikTok is some innocent daisy and doesn’t pose a privacy risk.
Just that myopically fixating on the ban of one app — but doing nothing about the shitty policy environment that created the problem — is more political performance than meaningful solution. A performance that will annoy young voters, make it tougher on researchers and educators, uproot established community, face numerous First Amendment challenges, and not actually fix the core issues.
I still maintain that the most vocal supporters of a TikTok ban understand this perfectly well, and couldn’t actually care less about consumer privacy or national security. They’re eager to deflect blame for decades of failures on consumer protection, to pretend they’re being “tough on China,” to agitate a xenophobic base, and if they’re really lucky, to offload TikTok’s ballooning billions in ad revenues to U.S.-based cronies (as Trump indicated was his intention from the start).
Filed Under: chinese, data brokers, moral panic, privacy, privacy legislation, social media, surveillance, tiktok ban
Companies: tiktok
Comments on “Forget A TikTok Ban, We Need To Regulate Data Brokers And Pass A Real Privacy Law”
Good luck with getting real reform. With the government getting unfettered access to the data and courts not caring, there will be little interest in changing things.
This comment has been flagged by the community. Click here to show it.
Why not both?
One is bad, the other is malware sold by the CCP.
I would LIKE some requirement that law enforcement get a warrant just to purchase personal data (yeah, guess what, I fear governments more than people wanting to sell me stuff) but that isn’t ever going to happen.
Government: "Best I can do is more vague burdensome 'think of the children' regulations."
Meanwhile the state of Maryland is on track to copy California’s age appropriate design code garbage almost exactly word for word:
https://mgaleg.maryland.gov/mgawebsite/Legislation/Details/hb0901
This bill is moving fairly quickly but haven’t seen any serious critical coverage of it.
lets see
Lets see if the congress mail can deal with spam.
Lets get the address’s, Congress, Washington DC, and Home, and Put them out there to be scammed.
Do these laws work?
Ideally, a privacy law would be strict enough that companies would be reluctant to collect unnecessary data at all. But while Europe’s GDPR is often portrayed as strict, I don’t get the impression that it’s had any such effect. For example, Facebook wouldn’t comply till the regulators got involved, and they were found to have a ridiculously large amount of data on their users. “Cookie banners” are everywhere, despite not being necessary and usually not being legal (consent is not required for “necessary” cookies, such as those relating to logins; is not sufficient if it occurs after cookies have been sent, or is mandatory for “unnecessary” cookies; and must be handled separately for each purpose, with no pre-checked “approval” or tiny/nonexistant “decline” buttons). Can people in Europe actually get a credit card, sign up for electricity, or whatever, without giving implicit or explicit “consent” for data to be collected from or sent to credit bureaus?
California has a law too. How’s that going? I’ve heard California residents can cancel subscriptions from abusive companies (notably newspaper and magazine publishers) more easily now… and that’s about all I’ve heard. Facebook/Meta, Google/Alphabet, and Apple are all based in California, so all their users should be seeing the effects, right? But it seems everything’s still the same, except that maybe you can send a request and they’ll have to reveal how much data they’ve illegally collected on you.
We need more ways to prevent companies collecting any data at all. For example, there’s no reason why people should have to give their credit card numbers to subscribe to things; an account number could instead be given directly to the card provider, who would send money as needed without revealing anything other than that number (and could provide a two-click option to cancel). Of course, it’d be even better if card providers didn’t get so much data on how people spent their money (which David Chaum proved was possible 40 years ago).
A great book on this topic
Dr. Aynne Kokas, director of the University of Virginia’s East Asia Center, has a fantastic new book out on this topic, called Trafficking Data that includes some really thoughtful policy recommendations.
He printed
He printed everything in newspaper before the state allowed his abuse to the American family and children’s. Who all listen and pay attention. To use what they pay for to protect there family and children’s from the liar’s of his partnership.
Privacy
PERSONAL DATA IS NO ONE’S BUSINESS, EXCEPT FOR THE REAL OWNER.
PRIVACY IS PARAMOUNT.
THESE PIRATES DEMAND THEIR PRIVACY AND THEY NEED TO BE SLAPPED WITH STRINGENT PRIVACY LAWS, OR THEY HEAVY FINES &/OR GO TO JAIL.