Last month, Silicon Valley purported to be shocked by revelations that the National Security Agency (NSA) has routinely accessed the servers of tech giants Google and Yahoo, which store data for hundreds of millions of users. In response, the companies pledged to step up privacy protections.
There is only one problem: Such protections run counter to the business model and public policy agenda that tech companies have pursued for decades. For years, U.S. information technology (IT) firms have actively backed weak privacy rules that let them collect massive amounts of personal data. The strategy enabled the companies to work their way into every corner of consumers’ lives and gave them a competitive edge internationally. Those same policies, however, have come back to haunt IT firms. Lax rules created fertile ground for NSA snooping. In the wake of the surveillance scandals, as consumer confidence plummets, technology companies’ economic futures are threatened.
Since the 1990s, companies from Google to Yahoo and Microsoft have done their best to ward off national privacy rules, calling instead for self-regulation. Early attempts to pass privacy laws, such as the Online Privacy Protection Act in 2000, died thanks to lobbying by the Direct Marketing Association and the Information Technology Association of America, which represent most of the country’s major information and communications technology firms. The firms have stood behind an older 1997 government framework, “Privacy and Self-Regulation in the Information Age,” which maintained that the best way to protect consumers was to let the technology market handle sensitive issues on its own.
More recent efforts at reform have stalled as well. Bills have included the Do Not Track Me Online Act of 2011, brought by Congresswoman Jackie Speier (D–Calif.), a new Commercial Privacy Bill of Rights of 2011, brought by then Senator John Kerry (D–Mass.) and Senator John
- Full website and iPad access
- Magazine issues
- New! Books from the Foreign Affairs Anthology Series