This week featured back-to-back privacy hearings on Capitol Hill to discuss principles for federal privacy legislation. With the one-year anniversary of the European Union’s General Data Protection Regulation implementation coming in May and the California Consumer Privacy Act taking effect in 2020, industry players that have fiercely lobbied against federal privacy legislation in years past are now suddenly calling on Congress to pass a comprehensive privacy bill this year. Here’s a quick look at what happened in each hearing and a few key takeaways.
It seems antitrust is finally having a new moment in the sun. From Attorney General Nominee Bill Barr to Senator Amy Klobuchar, to Congresswoman Alexandria Ocasio-Cortez, to and even President Trump, everyone is talking about antitrust in the context of Internet platforms. While antitrust is a powerful tool and essential to the proper functioning of the economy, antitrust alone cannot eliminate the full array of harms caused by highly concentrated markets. The excessive market concentration and corporate power we see today resulted not only from conservative jurisprudence and lax antitrust enforcement but also excessive deregulation. Antitrust is not sufficient to rectify the very real problems reform advocates identify.
Today, the Federal Trade Commission announced a consent decree in the Staples-Essendant merger. Commissioners Slaughter and Chopra dissented, arguing the consent decree would be insufficient to address their competitive concerns with the merger.
Yesterday, Senator Marco Rubio (R-FL) introduced the “American Data Dissemination (ADD) Act,” which would require the Federal Trade Commission to recommend privacy regulations in line with the 1974 Privacy Act to Congress and also prevent states from passing their own privacy laws. Additionally, the bill would preempt those state protections already in place, effectively walking back the few privacy safeguards consumers have.
Yesterday, reports surfaced that Voipo, a California voice-over-internet-protocol (VOIP) provider, exposed millions of consumer call logs and text messages stored on an “improperly secured” ElasticSearch database for several months before security researcher Justin Paine located them.