Consumer privacy laws do not concern the public

You may have noticed consent pop-ups on most websites, especially for collecting your cookies (not the ones you eat). Most of these messages are the result of the California Consumer Privacy Act (CCPA), which came into force on January 1. January 1, 2020, with the alleged intent to “give Californians more control over their personal information.”

Don’t let yourself be fooled. These laws do not functionally require consumers to be critical in their pre-registration decisions; instead, they are asked to consent to the collection of data or cookies without understanding what this would actually entail. Accordingly, only 6 percent of Americans say they actually understand what companies do with the data collected about them, and 81 percent say they have little or no control over the data companies collect about them.

With the commodification of data over the past decade, the centralization of big data in the hands of companies that own information about consumer behavior, their movements and basic personal facts is already creating privacy risks. When citizens consent to data collection, they make their personal information vulnerable to misuse and sale to third parties.

However, they usually overlook the fact that private companies are not the only ones collecting their data: so is the government. Examining the implications of data privacy laws as well as government access to citizens’ personal information is critical to understanding how data is and will be used in the future.

Government access to personal data undermines consumer consent

When data on human behavior is centralized in easily identifiable databases, companies are not the only actors interested in accessing and using this information. Government agents also want to use the power of data.

Supreme Court ruling known as third party doctrine, has dominated Fourth Amendment jurisprudence for over forty years. This doctrine states that a person loses a reasonable expectation of confidentiality regarding information shared with a third party, even in circumstances where confidentiality exists, such as information held by banking institutions.

However, due to the ubiquity of technology in society, the Court has begun to recognize the growing public expectation of consumer data privacy. In 2018 the court held that people have reasonable expectations for the privacy of cellular location information (CSLI), requiring government agents to obtain a warrant before accessing this data. Cell phone location tracking capabilities have been reviewed by the Court and remain a contentious element in the controversy over the growing use of law enforcement practices.

Despite legal regulations expanding the recognition of privacy, public authorities such as the police are moving in the opposite direction. The government sees the value of access to consumer databases containing digital data collected and stored in the private market. The investigative power of various data points tracking individual behavior has led to new methods of criminal investigation, including reverse orders..

Unlike traditional warrants, which look for information relating to specific suspects already involved in criminal activity, back-up warrants look for a suspect by looking at data related to the underlying crime rather than the perpetrator. Technology companies such as Google and Facebook are some of the most frequent recipients of such search queries.

Federal judges are fighting the constitutionality of reverse warrants, with a little declare them constitutionally invalid. In addition, the application of reverse orders is not limited to location information. Really, first lawsuit a challenge to the constitutionality of Google’s reverse keyword search warrants was filed earlier this year.

Of even greater concern is how the government is spying on citizens through social media platforms. Like the US Supreme Court said, “social media allows users to access information and communicate” on any topic, and that “complete shutdown of access to social media thus prevents users from participating in the legitimate exercise of First Amendment rights.” However, federal agencies such as DHS, FBI, State Department, USPS, IRS, SSA, and many others use social media monitoring. The lack of government transparency and room for individual action point to a clear government preference that consumer privacy is not a priority.

Current laws further exacerbate the privacy issue

Although the United States already has a Federal Privacy Act 1974, new data privacy policies have begun to roll out across states, most notably the California CCPA. These rules have little bearing on consumer understanding of the risks associated with data collection. Not surprisingly, the Pew Research Center in November 2019 study found that “among all American adults, only 8 percent say they have a good understanding of privacy policies.”

The core concepts of privacy tend to be static. They cannot be changed unless individuals are directly and tangibly affected, such as being fired by their employer due to publicly released political thoughts. Unlike talking in the real world, self-disclosure on the Internet is reproducible, scalable, searchable and shareable and thus creates risks for those who work without being aware of potential privacy breaches.

Although the extent to which information was disseminated in the past was unknown, in recent years it has become known about its practical application. For example, by “analyzing application data signals correlated with [his] mobile device,” said Catholic priest Monsignor Geoffrey Burrill. released July 2021 for using Grindr “almost daily” for many years.

It is therefore worrying that so many adults are turning away from government intervention as a means of tackling data privacy issues. Excessive government control in this context makes it very difficult for individuals to keep personal information private. This leads to the dangers of information misuse and access control methods to ensure privacy quickly and easily.

These privacy laws require more scrutiny and improved changes. Sending a consent notice will not change the functional understanding of privacy laws by consumers or their behavior. The already porous border between government and private companies violates consumer privacy, and new laws such as Utah Consumer Privacy Law will not change this dynamic.

There is no real incentive for the government to prioritize consumer privacy, so these laws usually provide political benefit rather than the benefit of the general public. Using consumer data as political football to try to initiate various “Privacy Laws” that will do nothing for consumers from the start is an inefficient use of resources.

In addition, data privacy laws focus on the regulatory framework, which exacerbates the already confusing relationship between corporations and government actors, as the government is vested with enforcement power over companies. The law manipulates the behavior of firms through regulation, because laws that give the government the right to take action against companies for violating consumer data inevitably change the behavior of firms. To avoid high penalties for non-compliance, companies now have an incentive to tailor business practices to government rather than society. In general, the possession by large technology companies of the databases that the government needs strengthens this circular link.

Privacy laws do nothing to prevent government access to information collected in the private sphere. Instead, businesses will be saddled with additional layers of bureaucracy while government agents will have easy access to the databases they want to access. In the end, the government wins and the existing corporate centers still win, but the citizens, as usual, are left in the dust.

April Liu

April is an intern researcher at AIER. In May 2022, she graduated from Mount Holyoke College with a double major in Economics and International Relations. Her research interests are in global and local data privacy.

Get notified of new articles by April Liu and AIER.

Leslie Corbley

Leslie Corbley is a privacy policy analyst at the Libertas Institute, where she researches and writes about privacy and individual rights in the 21st century. She holds a bachelor’s degree in journalism and a doctorate in law from the University of Oklahoma and is a visiting fellow at the American Institute for Economic Research.

Corbley is a contributor to Young Voices, where she regularly provides policy analysis through writing and media appearances. Her work has been featured in Real Clear Policy, Townhall, International Policy Digest, The Salt Lake City Tribune, Deseret News, and other publications.

Follow her on Twitter @CorbleyLeslie

Get notified of new articles by Lesley Corbley and AIER.