Biden’s Executive Order: A Ripple in the Ocean of Personal Data Concerns
In the run-up to the 2024 United States primary elections in California, my phone has been buzzing non-stop with calls and texts from political candidates.
It’s a glaring reminder of the unchecked reach of data brokers, entities I suspect are behind this unsolicited barrage.
This week, the Biden administration took a stab at this issue, issuing an executive order aimed at curtailing the sale of US military personnel data to foreign entities.
On the surface, it sounds commendable. But in reality? It’s like trying to plug a single leak in a sieve — utterly insufficient.
The Trillion-Dollar Data Trade
We’re talking about an industry where our personal lives are open books to the highest bidder. Giants in the game include Meta, Google, Oracle, Equifax, and Acxiom, among others, trading our privacy for profit.
This access is disturbingly easy, painting a grim picture of our current privacy safeguards.
The Core Issue: Beyond Data Brokers
The issue extends far beyond the realm of data brokers. It’s a pervasive ecosystem where personal information is commodified at every turn.
Data brokers, while significant, are but one cog in a vast machine that includes corporations, advertisers, and even political entities — all leveraging personal data to further their objectives.
Collecting: The Ubiquitous Harvesting of Data
In today’s digital age, every interaction, every click, and every download is a potential data point being harvested. From the moment we engage with the internet, companies of all sizes begin collecting data. This isn’t limited to the digital giants like Google or Meta; it spans the spectrum, enveloping every online service, app, and platform we use.
Selling and Sharing: The Data Marketplace
Once collected, this data rarely remains in a silo. It’s sold, shared, or exchanged in a bustling marketplace where personal details are treated as currency.
This is where data brokers typically enter the picture, aggregating information from various sources to create detailed profiles sold to the highest bidder. You can buy any person’s information under 5 cents.
Using: The End Consumers of Data
The end users of this data are as varied as the data points themselves. Corporations use this information to tailor advertisements, aiming to convert personal preferences into profits. Political candidates and parties, much like the ones spamming my phone, leverage these insights to target potential voters, crafting messages that resonate on a personal level.
The Broader Implications
This cycle of collecting, selling, and using personal data highlights a systemic issue within our digital ecosystem. Data brokers, while often vilified, are merely fulfilling a demand driven by the advertising-centric models that dominate the internet.
The real challenge lies in addressing the underlying structures that incentivize the commodification of personal data.
A Call for Comprehensive Reform
The recent executive order, though perhaps crafted with good intentions, barely skims the surface of a deep and turbulent sea of privacy concerns. It’s a stark reminder that piecemeal solutions are insufficient against the relentless waves of surveillance capitalism that erode our privacy daily.
This moment calls not for incremental steps but for bold, comprehensive reform — a clarion call to lawmakers to weave a robust tapestry of privacy laws that protect every facet of consumer rights in the digital age.
Only through such sweeping legislation can we hope to construct a bulwark strong enough to shield individuals from the invasive practices that have become all too common.
Until we see transformative action, my phone will continue to ring with the unwanted echoes of a system, including the political candidates who are misusing the system and fail to respect the sanctity of personal privacy.
Appendix: US privacy law and executive orders
Fair Credit Reporting Act (FCRA) — 1970: Governs how credit reporting agencies use consumer data, focusing on accuracy, fairness, and privacy of personal information in credit reporting.
Health Insurance Portability and Accountability Act (HIPAA) — 1996: Applies to health entities, ensuring the protection of individual health information, excluding mobile health apps, media companies, online advertisers, and data brokers.
California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA) — 2018: Introduces comprehensive privacy rights for California residents, requiring data brokers to register and allowing consumers to opt out of data selling.
Executive Orders on Privacy: While numerous over the years, recent orders focus on specific issues like restricting the sale of U.S. military personnel information to foreign entities, showcasing targeted rather than comprehensive approaches to privacy.
Family Educational Rights and Privacy Act (FERPA) — 1974: Protects students’ privacy by regulating educational institutions’ use and disclosure of student data.
Children’s Online Privacy Protection Act (COPPA) — 1998: It protects the collection and use of data from children under 13, with no specific regulation for teenagers.
Gramm-Leach-Bliley Act (GLBA) — 1999: Requires financial institutions to explain their information-sharing practices to customers and to protect sensitive data.
Electronic Communications Privacy Act (ECPA) — 1986: Protects various forms of electronic communications, amended by the USA PATRIOT and FREEDOM Acts to address modern challenges.
Video Privacy Protection Act (VPPA) — 1988: Prevents wrongful disclosure of video tape rental or sale records, protecting consumer privacy regarding their entertainment choices.
Driver’s Privacy Protection Act (DPPA) — 1994: Regulates the privacy and disclosure of personal information gathered by state Departments of Motor Vehicles.
These laws and executive orders form the backbone of privacy protection in the United States, highlighting a fragmented and sector-specific approach to data privacy.
While they provide certain safeguards, the current landscape underscores the need for more comprehensive, nationwide privacy legislation that addresses the complexities of the digital age and provides uniform protections for all consumers.
