Image by Photo Mix from Pixabay

Social media companies like Facebook, Instagram, and Twitter are becoming increasingly influential in daily life in the twenty-first century. New debates are growing over digital corporate practices as the intense spotlight on these companies widens. Social media data mining and rights to internet privacy have become a source of legal battles amongst politicians and tech CEOs. A malleable interpretation of data privacy law has allowed for tech giants and consumer groups to remain firm in their legal fights. In 2011, the Federal Trade Commission found that Facebook allowed third-party apps to connect to “almost all personal information about a user” despite telling users the opposite. Just a few short years after such revelations, President Trump repealed the Federal Communications Commission’s rules concerning a user’s right to privacy on the Internet. The rescinded guidelines stopped certain companies from “collecting, storing, sharing, and selling” users’ data without their expressed consent. 

Companies utilizing user data for profit is an urgent subject of discussion. However, while 80% of Americans believe data collection by companies is concerning, they do believe they have much control over such collection. Social media companies are flourishing right now, as data from users increases and the cost “of collecting, storing, and processing” decreases. Companies like Facebook and Twitter argue that new policies prohibit directly selling data, while privacy rights groups point out that what constitutes selling data is ambiguous. A push for updated law is the basis for new legal disputes as social media companies would need to reroute their systems or force consumers to be content with their private data being sold as a commodity. Social media relies on profits from users’ data, whether it be through advertising or other mediums, and a change in law about data practices would force CEOs to rethink how their platform works. 

Most Americans state they do not understand how their data is used by companies. There is a lot of misunderstanding and confusion when it comes to this issue, including how data is gathered and what it is used for. Basic measurements such as likes, hashtags, shares, and mentions are gathered, but collection can extend all the way to “who is speaking and sharing, where they are located, to whom they are linked, how influential and active they are, what their previous activity patterns look like and what this suggests about their likely preferences and future activities.” This information is being collected with complete legal consent. However, users are often unaware of such tracking because clauses lie deep in the terms of service. The information gathered can be used in a multitude of ways. Collected data can be bought and sold repeatedly until it ends up in the ownership of foreign or domestic governments, hackers, police, or researchers for academic purposes. Twitter openly states that data is only sold for commercial reasons, like targeted advertising. Facebook asserts that it does not sell user data, but other practices are used like “requiring a developer to purchase a certain amount of advertising in return for getting access to data in a sort of ‘subscription fee’ model.” The legality of such practices is dependent on loopholes in the definitions of what is selling and sharing user data. 

The history of data collection stretches back to the mid-twentieth century. The US government began storing large sets of data on citizens in “mainframe computers” in the 1960s. During this time corporations did the same to track consumer patterns. The Supreme Court has interpreted that the Bill of Rights guarantees that people have a right to privacy in many varying ways, whether of belief, the home, belongings, and more. However, it does not explicitly state that there is a general right to privacy. The Supreme Court has expanded those protections in a multitude of cases, effectively creating a more holistic legal approach to privacy. Cases like Griswold v. Connecticut (1965) have strengthened Americans’ right to privacy by declaring the “First, Third, Fourth, Fifth, and Ninth Amendments” assume privacy protections for the people. Soon enough, this decision was incorporated into legislation. Digital writer Louise Matsakis of WIRED discusses introductory internet privacy law, “…Congress passed a series of laws governing the use of personal data, including the Fair Credit Reporting Act in 1970 and the Privacy Act in 1974. The regulations mandated transparency but did nothing to prevent the government and corporations from collecting information in the first place…” There is little to no updated legislation regarding protecting internet and data privacy past these prefatory laws. There currently is no legal right amongst Americans to “know just how much we are being surveilled.” This gap has allowed for flexible interpretations of the law by social media companies. 

Arguments from companies like Facebook rely on a very loose construction of what constitutes sharing data and other company procedures. Facebook maintains that giving data access to companies who are considered partners is not sharing or selling users’ information. As previously mentioned, Facebook can require more abstract routines of data sharing, such as a developer subscription system, that can prevent future legal battles. Kalev Leetaru, a big data expert for Forbes states, “Zuckerberg is right to a degree in that a court of law might not consider these situations to rise to the level of ‘selling’ data…” Other social media companies follow different systems. Twitter communicates that it only sells data to advertisers to ensure ads relate to the consumer and connect users with other individuals. On the other hand, increased awareness has sparked a fire in consumer groups to argue against these policies. Privacy rights groups assert that there is minimal transparency by social media companies, so concerns over the legality of such practices supersede the current law. These groups argue that “whether their data is being traded for something else of value, included as part of a bulk subscription or charged individually, such distinctions mean little” regardless of the present law. 

Despite these contrasting rationalizations, there is some consensus amongst the two interests. Companies like Microsoft and Apple call for federal regulation about data usage.  Tech companies are beginning to acknowledge that there needs to be limits and guidelines for public safety. Large-scale companies like Google, Facebook, and Amazon are also pushing for updated internet privacy laws on the federal level. However, this concern comes from states passing stricter bills regarding the issue and wanting lenient federal law to take the place of state mandates. For example, California passed the Consumer Privacy Act in 2018 that gave unparalleled rights to consumers over their data. It included “the right to see what information businesses collect on them, request that it be deleted, get access to information on the types of companies their data has been sold to, and direct businesses to stop selling that information to third parties.” Tech companies are urging for federal law so that their practice can continue without individual states stopping them, such as California’s Consumer Privacy Act. Federal legislation would set the tone for how state governments can regulate corporate data routines and security journalist Issie Lapowsky argues Congress will have a lighter handed approach compared to state legislative bodies. Tech CEOs are scrambling to make sure the issue gets addressed without changing how their companies operate. 

Legal solutions to data mining and internet privacy vary. Research has found that effective solutions could involve “greater transparency and accountability of data mining as mechanisms to facilitate public understanding, debate and action.” The push for legislation of this nature has resulted in many rebuttals from tech CEOs. They argue they could legally disregard legislative demand for ethical clarity due to concerns over details advantaging “bad actors” such as hackers and other fringe groups. There are many examples of ill-intended groups using existing data systems to help political interests or hacking purposes, such as Facebook’s involvement in the Cambridge Analytica scandal. Cambridge Analytica was found guilty in the United Kingdom for illegally obtaining and storing data on 50 million Facebook users for political research and advertisements. Despite these concerns, lawmakers have pushed forward in their endeavor to regulate such practices. Multiple bills have been proposed by Congress in recent years such as the Consumer Protection Act or Data Care Act, but none have been made it into law. The Consumer Protection Act would allow the Federal Trade Commission to fine companies for data misconduct, a power it does not currently possess. The Data Care Act, a much more ambiguous bill  would, “require companies to ‘reasonably secure’ identifying information and vow not to use it in harmful ways.” Most bills do not make it far because they are either deemed too restrictive by technology lobbyists or too lenient by privacy activists. Bipartisan support for these bills lacks as well. Democrats and Republicans disagree on details in legislation like reporting collected data, whose key factors compose consent, and what consumer options should look like. Social media companies earn profit through data and have used these systems since their creation. While they have been found guilty of lying to their users about privacy protections, their updated practices currently operate within the law. Concerns over the ethics of corporate data procedures have sparked legislation efforts and updated legal positions. State and federal resolutions are growing in popularity, but the subtleties of legislation are not so minute to lawmakers and tech CEOs. Despite these disagreements, there have been valiant efforts towards revising current data privacy law. The conversation about Americans’ right to know about how their online activity is being traced and used is growing. It is now up to Americans, politicians, and technology giants to discern the law and move forward toward a more protected online web.