Governor Janet Mills last week signed into law LD 946 “An Act To Protect the Privacy of Online Customer Information”. The bill, sponsored by Sen. Shenna Bellows, bars Internet Service Providers (ISPs) from selling users data without their expressed consent, making it one of the strictest regulations of ISPs in the country. Despite this, LD 946 does nothing to protect consumers from one of the main sources of privacy violation: content providers.
Companies such as Amazon, Apple, Facebook, Google, Hulu and Netflix are some of the most well-known content providers. These outfits generally provide a service to the consumer, much like ISP’s, while at the same time collecting, using, and selling their data without consent. Additionally, many are not aware that these content providers often share their data with each other, allowing them to compile thorough profiles on users.
Undoubtedly, Facebook is one of the most widely-used content providers. For years, little was known about the extent to which Facebook uses the data it compiles on its users. However, due to recent Congressional scrutiny, more light has been shed on exactly how Facebook uses its users’ data. In fact, The New York Times discovered that Facebook shares their data with Amazon, Apple, Microsoft, Spotify, Netflix and more than 150 other companies. Nothing in LD 946 prevents Facebook from continuing this practice.
For years, Facebook has boasted that it has compiled more than five-thousanddata points on more than 230 million Americans. Additionally, many consumers are not aware that they have access to the data that Facebook has compiled. If you would like to see just how much data Facebook has on you, you can do so by clicking here.
I would warn you that downloading all of your Facebook data may take a substantial amount of time. I was surprised to learn that Facebook has compiled more than 2 gigabytes of data pertaining to me. Unfortunately, LD 946 does not apply to the data that Facebook has compiled on its users. Thus, the bill ultimately does nothing to prevent consumer’s privacy from being violated.
The bill may address data privacy with ISPs, but they are only one-half of the equation. What good is LD 946 when tech giants will continue to share and sell your information? LD 946 simply picks winners and losers without preventing some of the most egregious privacy violators from selling or sharing consumer data.
Additionally, LD 946 provides consumers no protection from the government accessing their data without their authorization. I do not contend the fact that certain circumstances may arise in which the government would need access to a citizens data without their authorization. However, there are other, more trivial reasons such as Maine accessing citizens’ personal location data to “analyze traffic patterns.” For a purpose such as this, the State should be required to have citizens’ authorization in order to access their data.
Why is it that ISPs are the only parties affected by this new laws? None of the safeguards established within LD 946 apply to the biggest abusers of consumer privacy in content providers, nor does it restrict the government’s ability to access your data without your consent. So you’re really not much better off than you were before.
If the objective of this bill was to protect consumer data, I am afraid it comes up well short of doing so. If the objective of this bill was to arbitrarily pick winners and losers in the tech arena and declare a pretend victory while allowing consumers’ data to continue being shared and sold without their consent, it has surpassed expectations.