Legislators in Minnesota and at least nine other states are racing to enact online privacy protections after President Donald Trump signed a law that allows internet providers to collect and sell information about customers without their consent.
“It’s clearly a fight that’s going to be happening nationally,” said Sen. Ron Latz, DFL-St. Louis Park. Days before Trump signed the federal bill, Latz persuaded the state Senate to support a measure that would give Minnesotans new online privacy safeguards.
U.S. Sen. Al Franken, D-Minn., co-sponsored a bill introduced April 6 to restore the ban on sales of online data without permission. He called Trump’s move “just a corporate giveaway to Comcast, Verizon and AT&T.”
“People don’t like this and are outraged by it,” Franken said in an interview. “We’re going to keep fighting.”
Privacy advocates warn that the erasure of landmark privacy regulations could be the beginning of a dramatic erosion of rules governing internet access by Republicans.
New privacy rules would have taken effect in December. They were meant to limit broadband and wireless companies’ ability to sell customer information — browsing habits, location information and app usage history — to advertisers and other third parties.
Opponents of the repealed rules argue that they would have given Facebook and Google, which have looser privacy limits, an unfair edge over providers like Comcast.
“Those flawed privacy rules, which never went into effect, were designed to benefit one group of favored companies, not online consumers,” Ajit Pai, chairman of the Federal Communications Commission, said in a statement.
Comcast is pledging never to sell customers’ names and addresses without explicit permission. “We have committed not to share our customers’ sensitive information (such as banking, children’s and health information), unless we first obtain their affirmative, opt-in consent,” the company said in a statement. That does not preclude sales of browsing history, location and app usage.
AT&T also is promising to “keep your personal information safe.”
Lucas Gerstner isn’t sure he trusts internet providers to do that. He’s a customer operations worker who is following the developments in Washington with dismay.
At a Bravura Training Centers computer class last week in Roseville, Gerstner called intrusions into his online data “incredibly wrong.” Besides doing what he can to secure his privacy — such as clearing his browser regularly — Gerstner said he’ll “definitely look for ways to keep a little better eye on the people we elect.”
Judy Horras, a legal assistant who also took a Bravura computer training class, does most of her online browsing on her smartphone. She has noticed more ads following her around online and more links that take her to sites that want to sell her something.
“Everybody,” Horras said, “is concerned about their privacy.”
Republicans called the original privacy regulations unneeded. “These rules are … just another example of big government overreach,” Rep. Marsha Blackburn, R-Tenn., said during the floor debate on the congressional resolution to reverse the pending rules.
The Senate’s 50-48 vote split on party lines. Fifteen Republicans, none from Minnesota, voted against the resolution in the House, where it was passed 215-205.
The battle has moved to states, said Ernesto Falcon, legislative counsel with the Electronic Frontier Foundation, a nonprofit organization that defends civil liberties in the digital world. “We’re going to want a strong set of rules for users across the country,” he said. “We win when the public takes it upon themselves to tell their legislators what to do.”
Connecticut, Illinois, Kansas, Massachusetts, Montana, New Jersey, New York, Washington and Wisconsin are also considering new protections.
“Apparently Congress is too craven to protect us, and thus states like Washington and Minnesota absolutely will,” said Washington state Rep. Drew Hansen, a Democrat who attracted considerable Republican support for his pending bill that would create new internet privacy rules.
“Public outrage,” Hansen said, “is a great motivator.”
That wasn’t enough in Maryland, where backlash over the moves in D.C. prompted “immediate and palpable outrage,” said House Majority Leader Bill Frick, a Democrat. The Democrat drafted legislation that included state privacy protections “literally within hours,” he said. As the legislative session ended last week, a House panel killed his bill.
Illinois state Sen. Michael Hastings, a Democrat, expects a vote late this month or early in May on his bill implementing state internet privacy rules.
“I want my information protected” from the $80 billion online advertising industry, he said. “My constituents are 100 percent behind me. … People have the right to know.”
Minnesota has generally been a leader in data privacy, said Ben Feist, legislative director of the ACLU of Minnesota. He supports the proposed privacy measure pending in the Minnesota Legislature, but isn’t sure it “can fully override what we see at the federal level.” Public alarm, he said, is warranted.
“If you ask common voters what they think about the fact that your activity on the internet can be up for the highest bidder,” Feist said, “most would be shocked to know that’s even possible.”
Feist worries, for example, about chilling effects on the First Amendment right to free speech. He said his organization wonders whether rule changes will make it easier for the government to get personal data from internet providers.
So does Latz. While much of the emphasis here has been “on making sure government data is open” to the public, he said, it’s also vital to protect “data from individuals that is held by the government.”
Gov. Mark Dayton said in a statement that he strongly supports Latz’s bill. “Everyone should have the right to decide for him or herself whether or not personal information is sold for commercial gain,” he said. “I thank the Minnesota Senate for supporting this essential protection.”
Franken and other privacy advocates worry what might come next. Their greatest concern: efforts at the federal level to overturn 2015 “net neutrality” provisions that treat broadband providers like public utilities and bar them from giving or selling access to an internet “fast lane” to certain services or companies.
Pai, the FCC chairman, has said that he wants to overturn that approach and ask internet providers to voluntarily agree not to obstruct or slow consumer access. He’s expected to make that proposal as soon as this month; an FCC vote could be held in May or June.
That proposal could transfer the policing of internet providers from the FCC to the Federal Trade Commission, a shift that would undo some of the net neutrality regulations.
Dallas Harris, a policy fellow at Public Knowledge, a national organization that promotes freedom of expression and an open internet, also thinks the privacy changes were “the opening volley” in a broader Trump administration effort to undercut consumer rights and privacy.
Franken shares that concern. “Net neutrality to me is the big one,” he said. Here’s how he explains the stakes: “It’s about continuing the architecture that we’ve had of the internet since the very beginning, which has allowed all of this innovation and growth and the creation of jobs and the free flow of information.”
Enough Americans understand the risks to make it hard for Republicans to undermine their privacy, Franken said, “But they’re going to try.”