Intel Publishes Draft Model Legislation to Spur on Data Privacy Discussion that seems to Protect Industry more than Consumers
Last month Patently Apple reported on a lobby group representing Apple & other tech companies establish a Privacy Framework that protects their interests. Today Intel has published a draft model of legislation to spur on a data privacy discussion. It's in-depth, it's interesting, and yet it appears that Intel is more interested in getting government to allow industry to gather consumer data that they feel is in their best interest without any recourse for consumers. While their opening statement sounds positive for consumers, it quickly refocuses on the needs of industry.
David Hoffman, Intel associate general counsel and global privacy officer: "The collection of personal information is a growing concern. The US needs a privacy law that both protects consumer privacy and creates a framework in which important new industries can prosper. Our model bill is designed to spur discussion that helps inspire meaningful privacy legislation."
Why Privacy is Important: Data are the lifeblood for many critical new industries, including precision medicine, automated driving, workplace safety, smart cities and others. But the growing amount of personal data collected, sometimes without consumers’ awareness, raises serious privacy concerns.
People need assurances that information that is shared – both knowingly and unknowingly – will be used in beneficial, responsible ways, and that they will be appropriately protected. The U.S. needs a comprehensive federal law to create the framework in which companies can demonstrate responsible behavior.
How It Works: Intel’s model data privacy bill aims to bring together policymakers and others in a transparent and open process that helps drive the development of actual data privacy legislation. Intel has launched a website where interested parties can review and comment on the model bill. Company leaders believe input will help to promote the development of constructive data privacy legislation in Congress.
More Context: Privacy is an important and ongoing issue in our data-centric world. In a white paper published last month, Intel’s Global Privacy team laid out six policy principles for safety and privacy in the age of AI, one of the technical domains that has significant privacy implications. These principles summarized here were among the factors that influenced Intel’s draft legislation:
- New legislative and regulatory initiatives should be comprehensive, technology neutral and support the free flow of data.
- Organizations should embrace risk-based accountability approaches, putting in place technical or organizational measures to minimize privacy risks in AI.
- Automated decision-making should be fostered while augmenting it with safeguards to protect individuals.
- Governments should promote access to data, supporting the creation of reliable datasets available to all, fostering incentives for data sharing, and promoting cultural diversity in data sets.
- Funding research in security is essential to protect privacy.
- It takes data to protect data: Algorithms can help detect unintended discrimination and bias, identity theft and cyber threats.
Intel Corporation released model legislation designed to inform policymakers and spur discussion on personal data privacy. Prompted by the rapid rise of new technologies like artificial intelligence (AI), Intel’s model bill is open for review and comment from privacy experts and the public on an interactive website. The bill’s language and comments received should provide useful insight for those interested in meaningful data privacy legislation.
Below is a copy of Intel's paper: An Ethical and Innovative Privacy Law
In many ways what Intel has stated sounds like the tech sector wants legislation to extract data from the public by law so as to protect their right to collect data required to advance their products and services.
So while Intel's opening statement may sound like they care about consumers, as you read further into their press release above and other documents they have on file, it seems as though the public's privacy is secondary to the needs of industry.
Unless there is a clear statement that each abuse of personal data from any company will require a hefty fine to be paid to individuals within 3 months without a lengthy trial, this is simply a nice PR paper to make the public feel that Intel and other tech companies are really the good guys here.
I'm certainly not alone on this. In fact, in one report found on Intel's site titled "Preventing New and Emerging Consumer Harms" Tim Sparapani writes:
"While I praise Intel for this forward thinking I urge Intel to go further and propose additional legislative language to protect consumers while facilitating innovation. Intel should spell out what a real corporate redress program must look like for those instances when corporations just plainly "get it wrong" and misjudge their customers (or worse).
No consumer should be forced to sue on some novel legal theory to not get charged an unfair price or when they are prevented from getting credit (for example) on fair terms.
Intel should help Congress by doing the hard work of building out what "corporate due process" should look like that allows customers to rapidly be made whole for corporate mistakes based on advanced uses of or processing of customers’ data.
A non-litigation redress mechanism would instill great confidence in the public and speed adoption of new data processing technologies, particularly those done purely or mostly by computers.
Surely the balancing act that facilitates innovators having legal clarity and consumers having new legal protections can be struck."
Recently Facebook, Google and others have simply notified their clients in public statements basically saying "Oops we were hacked and your data has been compromised."
In any future legislation there has to be an immediate fine slapped on the admitting company with a meaningful payout to their clients within 3 months of the findings or public statement.
In the end, if there isn't real pain for companies baked into future legislation, then all of these companies claiming to stand up for privacy are preaching dreams that you want to hear in the hopes of scoring PR points and little else.
One last thing: What's a little humorous about the noted article link and quote above from Tim Sparapani is that he served as the first Director of Public Policy at Facebook, the very company that has harmed consumers most with data breaches. He left Facebook to start SPQR Strategies.
So is Sparapani really rooting for "the consumer" or is he just selling us more spin on this issue knowing that financial relief for a data breach will never come to fruition? I guess only time will tell.
If you decide to participate in Intel's interactive webpage and join their discussion, tell us what you think about Intel's efforts on consumer data privacy below in our comment section.