The topic of data privacy (or lack there-of) has recently been thrust into the spotlight due to the United States government calling for a ban on TikTok, a popular social media platform among the Gen Z population. While I’m not a cybersecurity expert – in my opinion, banning TikTok is a reactive measure by the United States government that doesn’t solve the underlining problem of protecting consumers’ personal data from being collected, stored, and sold to the highest bidder (even if the highest bidder has nefarious plans for it).
But don’t take my word for it – take it from an actual cybersecurity expert. In an interview with PBS, Caitriona Fitzgerald, deputy director of the Electronic Privacy Information Center pointed out – “Even if Congress bans TikTok, millions of apps would still collect the most intimate details about us and profit off of them, and the endless web of data brokers who buy and sell our personal data would continue to exist.”
To solve the problem of data mismanagement – the United States government needs to be proactive. Instead of regulating one application – they should focus on data legislation that sets the precedent of how applications, companies, and websites collect, store, and use data collected from United States citizens.
While Iowa recently became the sixth US state to pass data privacy legislation – the federal government has yet to act. If the government wants to protect consumers’ data they should focus their attention on the American Data Privacy Protection Act (ADPPA). While it did make it out of the House committee last year, due in large part to bipartisan support – the Senate failed to vote on the ADPPA– leaving it dead in the water. Despite its previous failure, Rep Cathy McMorris Rogers (R-WA) is expected to reintroduce the bill in the House of Representative this year.
According to Information Technology & Innovation Foundation (ITIF) – since 2018, 34 states have either passed or introduced privacy bills that regulate how companies use personal data. While – one could argue that the Federal Government should leave data privacy laws to the State – ITIF estimates that it could cost companies over $1T over a 10-year period while creating confusion and reducing productivity. A ITIF study entitled, “The Looming Cost of a Patchwork of State Privacy Laws” argues, – “Not only do these laws create significant costs for in-state businesses, both in terms of direct compliance costs and decreases in productivity, but they also raise costs for out-of-state businesses that can find themselves subject to multiple and duplicative rules and create confusion for consumers.”
So what does ITIF study suggest instead? The study concluded that passing a federal privacy law would “simplify compliance for businesses, especially small businesses working across multiple U.S. jurisdictions, as well as help consumers better understand their privacy rights and avoid the confusion resulting from a patchwork of state laws.”
Regardless of whether TikTok is banned in the United States – it still doesn’t solve or regulate how companies manage personal data of United States consumers.