Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
United States Businesses Government Privacy Social Networks The Internet Technology

New Bill Promises an End To Our Privacy Nightmare, Jail Time To CEOs Who Lie (vice.com) 166

An anonymous reader quotes a report from Motherboard: Oregon Senator Ron Wyden has unveiled updated privacy legislation he says will finally bring accountability to corporations that play fast and loose with your private data. Dubbed the Mind Your Own Business Act, the bill promises consumers the ability to opt out of data collection and sale with a single click. It also demands that corporations be transparent as to how consumer data is collected, used, and who it's sold to, while imposing harsh fines and prison sentences upon corporations and executives that misuse consumer data and lie about it.

Wyden's bill authorizes the FTC to impose fines of up to 4 percent of annual revenues on companies that fail to protect consumer data. The bill also proposes 10-20 year prison sentences for senior executives who knowingly lie to the FTC. Companies whose executives are convicted will pay a tax based on the salary they paid to the officials who lied, Wyden's office told Motherboard. The Mind Your Own Business Act also mandates the creation of a national Do Not Track system that gives consumers the ability to quickly and easily opt out of the collection and sale of their private data without having to dig through confusing corporate websites. The bill also restricts companies looking to make privacy a luxury option. Wyden's proposal would also require that corporations give consumers an easy way to review all of the data a company has about them and correct inaccuracies. Giants like Facebook would also be required to analyze any algorithms that process consumer data -- to more closely examine their impact on accuracy, fairness, bias, discrimination, privacy, and security.

This discussion has been archived. No new comments can be posted.

New Bill Promises an End To Our Privacy Nightmare, Jail Time To CEOs Who Lie

Comments Filter:
  • by pz ( 113803 ) on Thursday October 17, 2019 @10:36PM (#59321180) Journal

    So at first, I thought, "4% is nothing, that's like a big rounding error," but then I double checked. It is 4% of REVENUE, not 4% of profit. Take away 4% of gross, and many companies will start showing net losses. And that's exactly what you want: punishment that allows the business to continue operating, but delivers a painful whack.

    It would be very interesting to understand how that number was chosen, and potentially enlightening as well.

    • Compare it to our salaries.

      4% may hurt in that one paycheck, but it won't exactly kill you.

      • Facebook made $55.8 billion in revenue in 2018. 4% of that is $2.23 billion.
      • There are about 225 million Facebook users in the U.S.
      • Divide the two and you get a fine of $9.91 per user.

      Estimates are that your data is worth between $1 to $100 [usatoday.com] to data collectors, with that high end being for Facebook specifically. So even 4% of revenue seems like it'll be too small. They'll basically pay a $10 fine to make $100. Companies like Facebook will simply use it as a cost they have to pay for legal permission to

      • This is why I believe the company should have to hand over stock, starting with whatever employee has the majority share. Nothing will make the owner of a company shit his pants faster than losing a majority share, because that's the point of no return.
      • $50,000 per violation but not greater than a sum aggregate of 4% of their annual gross revenue.

      • Appreciate that the 4% is not a one-time fine that protects Facebook in perpetuity. The fine is assessed for each infraction. That's how your figure of 225 million Facebook users in the U.S. becomes a multiplier.

    • But for the worst offenders such as Google, most of their revenue comes from violating people's privacy. Ending Google's invasion of privacy will end Google. 4% of their top line to continue as usual is a cost of doing business for them. A small down-payment on the corporate taxes they're avoiding.

      Even companies like Amazon which do have other revenue streams besides selling their customer's informational souls can get around this by spinning off their privacy violating divisions into another company
      • As I mention above, the 4% fine is not a license to continue violating the law. Each instance is the factor that determines the total amount.

    • by dabadab ( 126782 ) on Friday October 18, 2019 @03:59AM (#59321578)

      That "up to 4%" seems like it was taken verbatim from the EU's General Data Protection Regulation (GDPR).

      Of course it does not answer your question of how did calculate it whoever came up with it originally.

      • That "up to 4%" seems like it was taken verbatim from the EU's General Data Protection Regulation (GDPR).

        Of course it does not answer your question of how did calculate it whoever came up with it originally.

        Also, I don't think it's a particularly good approach. If a company operates on a 3% gross margin, then 4% may well destroy them. If a company has a 50% margin (some of the big tech companies have even higher margins... Facebook's gross margins over the past 10 years have ranged from a low of 73% to a high of 87%!), then 4% of revenue may easily be written off as a cost of doing business, if the violations are essential to the business model.

        I assume that the "up to" part means that regulators can scale

      • That "up to 4%" seems like it was taken verbatim from the EU's General Data Protection Regulation (GDPR).

        Of course it does not answer your question of how did calculate it whoever came up with it originally.

        I don't know the reasoning behind the 4%, either.

        I speculate that since 4% is a working number somewhere, it's convenient to use that figure as a precedent. GDPR may be establishing a standard.

    • by ytene ( 4376651 )
      It's the number the EU came up with for their GDPR violation fines.
    • It'll never actually pass, but I've been saying for years forget huge fines to corporations, jail the CEO and board of Directors.

    • by yacc143 ( 975862 )

      Well, it's 4% of global revenues in the EU's GDPR, but that might be just a happy random happenstance. Sounds all very similar to the GDPR on the surface, although the prison terms are a cool bonus ;)

  • to the USA gov, US mil, NSA, GCHQ. Can New Zealand still buy in bulk?
    5 eyes got to spy.
  • by Powercntrl ( 458442 ) on Thursday October 17, 2019 @10:47PM (#59321194) Homepage

    I honestly can't think of one thing Facebook has done by "selling my info" that has affected me in the slightest. My nerd rage lately is directed towards websites that block my adblocker, the lack of competition in the wired home broadband industry, and that every fucking show seems to be on a separate streaming service these days.

    It's trendy to hate on Facebook, but it's not as if they're dumping oil in the Gulf of Mexico or anything.

    • by gurps_npc ( 621217 ) on Thursday October 17, 2019 @11:12PM (#59321226) Homepage

      The reason Facebook etc. get away with it is that they take a lot of care to make sure no one knows what happens with the data.

      Things that might have happened:

      1) They sold access to companies that took more information than Facebook said (Cambridge Analytics) and then used it for criminal political ads. Russia is know to have targetted both Neo-Nazis and people they target such as Blacks, Jews, etc.

      2) They blocked you from seeing ads for jobs or housing based on illegal criteria, such as age, race, gender, etc. So you did not get a job or house that you did not apply for because they refused to show you it. While they showed it to other people.
       

      • Re: (Score:3, Interesting)

        by Powercntrl ( 458442 )

        criminal political ads.

        Back in 2016, the only political ads I saw on Facebook were ones that aligned with my own political views - once I told Facebook I didn't care to see all the Trump ads they kept showing me. I'm not doubting that it might've happened to some people, but I certainly don't recall seeing any "illegal" ads.

        So you did not get a job or house that you did not apply for because they refused to show you it.

        You seem to be laboring under the delusion that I have any desire to see ads. As far as I'm concerned, if a company doesn't want to show me ads because I'm gay (yeah, you forgot that one), they're doing me a

        • I certainly don't recall seeing any "illegal" ads.

          That means they were working as designed.

        • criminal political ads.

          Back in 2016, the only political ads I saw on Facebook were ones that aligned with my own political views - once I told Facebook I didn't care to see all the Trump ads they kept showing me. I'm not doubting that it might've happened to some people, but I certainly don't recall seeing any "illegal" ads.

          So you did not get a job or house that you did not apply for because they refused to show you it.

          You seem to be laboring under the delusion that I have any desire to see ads. As far as I'm concerned, if a company doesn't want to show me ads because I'm gay (yeah, you forgot that one), they're doing me a favor. Hell, I'd totally support if Google let me opt out completely from their ad network under that criteria.

          Yes, I realize discriminatory advertising practices are illegal. But if I could get all the homophobic companies to stop trying to sell me shit I don't want anyway, that would be totally worth it.

          You're talking about "free," platforms that are advertiser supported. Your wish is granted. The only right you have, according to the ToS is to leave.

      • 1) They sold access to companies that took more information than Facebook said (Cambridge Analytics) and then used it for criminal political ads. Russia is know to have targetted both Neo-Nazis and people they target such as Blacks, Jews, etc.

        Boo

        2) They blocked you from seeing ads for jobs or housing based on illegal criteria, such as age, race, gender, etc. So you did not get a job or house that you did not apply for because they refused to show you it. While they showed it to other people.

        Hoo

      • Exactly. And, if what they're doing is ethical and moral, then why go to such great lengths to hide what they're doing?
    • Pretty sure you were affected by the electing of Trump

    • P.S. I don't use FB but it might affect someone I know but I'll write as though it does affect me.

      Possible scenario: FB turns the IP addresses into zip code.
      It then figures out that there are fewer zip codes in my area and more 1 town over.
      They then sell that info to a supermarket
      The store wants to build a new building but doesn't know where to put it.
      Assuming FB use is correlated to store customers, they build one in the next town.
      But that it farther than it would, or could be, without selling the zip code

    • by Sebby ( 238625 )

      #1: you can't "lose" data you don't have - the bigger problem is when leaks happen and people's data gets in the wild. Get cross-referenced with other "leaks", increasing the potential for bad things to happen (ever get a bill for a credit card you never applied for?, etc.)

      #2: spy agencies - stuff like the Snowden revelations shows how data collection from companies have filled the spy agencies' harddrives with data. Companies are acting (unwillingly/inadvertently) as data collection devices for them. This

    • by ceoyoyo ( 59147 )

      I wish the adblockers would add a button so you could receive, but black hole, the ads from those web sites.

    • I honestly can't think of one thing Facebook has done by "selling my info" that has affected me in the slightest.

      The point is to eliminate the guessing (thinking) and force them to make you know for certain.

    • But, see, if your Very Personal Private Data wasn't being hoovered up by Facebook, Google, Amazon, and who knows who else, then you might not need an adblocker, because they wouldn't be rushing at warp speeds to insert ads into your internet datastream to stick in front of your face constantly.
      You also wouldn't have to worry about having something like these various digital voice assistants, especially the ones with cameras as well as microphones, because you wouldn't have to worry about them being used as
  • Point is moot (Score:2, Insightful)

    This is the Senate. Do you really think Moscow Mitch will let this little gem get even a committee hearing?
    • by thomst ( 1640045 )

      Patent Lover demanded:

      This is the Senate. Do you really think Moscow Mitch will let this little gem get even a committee hearing?

      You could have stopped at "This is the Senate." It's not even a matter of it being a partisan issue.

      I respect Senator Wyden's efforts. He is the most personally tech-savvy member of the Senate. He doesn't rely on staff briefings to formulate his positions on regulating corporations - especially tech companies - he actually knows what he's talking about. I consider him a true populist, in that his focus is protecting consumers from sociopathic CEOs, regulatory capture, institutionalized

  • by gavron ( 1300111 ) on Thursday October 17, 2019 @11:35PM (#59321248)

    I like Ron Wyden - his policies on data retention, end to end encryption, and data storage are priceless.
    I like Elizabeth Warren too - her ideas on healthcare, treatment, and government coverage of the college fees are also priceless.

    HOWEVER, this is YASI (Yet Another Stupid Idea) that would not help anyone. Here's why:
    - the corporate veil (yes that is what it's called) shields the owners/operators (shareholders/managers) from responsibility personally for what they do on behalf of the corporation.
    - when these operators (managers, CEOs, etc.) find they are NOW personally liable they just won't make public statements... which isn't a big change from now when all their official statements have so many disclaimers.
    - "LYING" is a matter of fact, not a matter of law, so it will require a JURY trial for every single enforcement attempt. (Judges solve "matters of law" but Juries decide "matters of fact") so it will require a PROSECUTOR to bring up charges, etc. etc.

    The overall complexity of "enforced tell-the-truth" won't work. There's no money in it, and these people are in it to make money for their shareholders. If they don't, they face a shareholder lawsuit!

    That lose-lose means no change in behavior no matter what the law says.

    Sorry Ron and Liz.

    Ehud
    Tucson

    • -The corporate veil doesn't apply - "the corporation" can't be questioned by the FTC - specific executives are. Making it a crime for them to lie to investigators has nothing to do with the corporation. Or do you imagine the corporate veil protects you from murder charges so long as you only murder on behalf of the corporation?

      - They want to shut up -that's fine. Unless they're required by law to answer questions of course. But if you have a choice between a company that promises a certain level of pri

    • - the corporate veil (yes that is what it's called) shields the owners/operators (shareholders/managers) from responsibility personally for what they do on behalf of the corporation.

      This law breaks some of the veil. If you as an executive lie to the FTC on behalf of the corporation you can go to prison. The shareholders aren't personally liable, but 4% fines on gross revenue are enough to dent share prices a bunch. That will affect shareholders.

      "LYING" is a matter of fact, not a matter of law,

      If it's illega

    • I am sure the shareholders can't sue a ceo for not lying or breaking the law in some way. If the only way a business increase share value is by lying, there probably ins't anything the shareholders can do.

  • Good luck (Score:4, Insightful)

    by wakeboarder ( 2695839 ) on Thursday October 17, 2019 @11:44PM (#59321268)

    The lobbyists will shoot this down as soon as it gets off the runway, way too much money riding on the line.

    • Re: (Score:2, Insightful)

      by Jason1729 ( 561790 )
      Well that makes sense. In Soviet Russia, government owns all companies. In America, opposite is true.
    • by Miser ( 36591 )

      .... and the cargo hold of the plane will be filled with cash, gifts, and other things of material value to bribe^H^H^H^H^H^H lobby the politicians.

  • Almost there (Score:5, Insightful)

    by The Evil Atheist ( 2484676 ) on Friday October 18, 2019 @12:02AM (#59321286)
    It's almost like you need some kind of general data protection regulation.
  • A MINIMUM of 400% of world-wide revenue, and a MINIMUM 10 years in prison for EACH DIRECTOR and EACH C-Level executive (as well as the guilty employee's and PHBs) of the company. Now that would actually perhaps have a chance of achieving something.

    This is just a pretend solution that will achieve nothing.

    And it should allow private action.

    • Sure, but only if you apply it to politicians, too, such as when they threaten extermination of a corporation for not censoring their political opponents.

      Deal?

      • You don't seriously believe there's a difference, do you?

        Revolving doors, think-tank-written legislation and all...

        The only people I can imagine not being proliticians like that, are Warren and Sanders. Which is why they will be / were destroyed.
        Although we see, after the election. Not falling twice for the Obama delusion. On office, they are different people.

  • So a minor misdemeanor then ...

    And if their profit due to privacy violations is above 4%, it's officially a profitable business venture, or what?

    • by godrik ( 1287354 )

      It is disingenious to compare 4% of an individual salary and 4% of a companies revenue.

      A company like walmart has 20% to 25% margin. so 4% of revenue is about 20% to 25% of profits. That burns a little more.

      Is it enough? That's a different question, but let's present the facts accurately.

  • They are too rich, have too many connections with other people with money and power.

  • Dubbed the Mind Your Own Business Act, ...

    Will this also apply to people who don't want *other* people to: get abortions, have same-sex marriages, or express their sexuality?
    Asking for several friends.

  • In the 90's, the first data solicited, collected and sold was a ZIP code. Because web counters were not at all accurate and distribution networks/inventories valued geographical data. This changed in 2007 with Google Analytics that, for a time, made a fair amount of money for bloggers with even a moderate audience.

    Social media platforms radically altered browsing, disrupting the first "portals", such as Yahoo's many services and even our beloved /. that achieved the first unintentional Denial of Service
  • On the whole a nice idea.

    But the problem with an opt-out model is that each citizen will need to maintain an "opt-out" flag/marker, which could be corrupted by malware, deleted by upgrades, etc. Instead, how about applying the equivalent of the "presumption of innocence" and only deliver tracking markers to those who explicitly set a "please track me" flag to on.

    Apart from anything else, that might drive home just how harmful the current model is.
  • How about making it illegal for cops to lie? Never ever talk to a cop: https://www.youtube.com/watch?... [youtube.com]
  • Comment removed (Score:4, Insightful)

    by account_deleted ( 4530225 ) on Friday October 18, 2019 @06:55AM (#59321732)
    Comment removed based on user account deletion
  • The U.S. Government collects more data than everyone else, combined. The "contract" with the government does not include this data. Nobody voted for it. The issue from the Government's perspective is that private companies may well end up rivalling the U.S. Government, which also includes the U.S. spy apparatus.

    A fine of this strength will destroy small businesses. Large, established companies will fight off all claims against them, likely their lobbyists are the ones who write the bill.

    Also note that the

    • The U.S. Government collects more data than everyone else, combined.

      That is 100% wrong.

      The US government doesn't know where you are every minute of the day. Your cell phone company and Facebook and Google do.

      The US government doesn't know where you spend every penny. Your credit card company all of the merchant services providers do.

      The US government doesn't know the content of all of your email. Google does.
  • By using this site you certify that all data collected is accurate. Click here to see a list of data collected. To receive a copy of your data on record, please mail a self addressed envelope and $25 to PO box 555005550055500. To see a list of our data partners, please mail a self addressed stamped envelope and $25 to PO box 000550000500500

    This site is for entertainment purposes only, and no statements on this site, nor any correspondence or statements by employees other than %LEGAL_TEAM should be considere

  • Extend this to any CEO who knowingly lies, period.
  • As long as prosecutorial discretion is allowed on American laws, laws to control businesses will rarely accomplish any more than placating voters. On the rare occasion that they are applied, it will most likely be because the business is in some way associated with the opposite side of the political spectrum from the party in power.
  • I mean they all lie...
  • "The bill also proposes 10-20 year prison sentences for senior executives who knowingly lie to the FTC."

    This might actually get some results if implemented.

"Confound these ancestors.... They've stolen our best ideas!" - Ben Jonson

Working...