By Jim Steyer
State legislatures across the country are questioning how to respond to our national epidemic of privacy violations. Maryland’s Cybersecurity Council is suggesting answers.
Established in 2015, the council’s goal of responding to “threats to Maryland’s citizens, critical infrastructure and state operations,” in the words of Attorney General Brian Frosh, who serves as its chair.
Most pressing among those threats–for kids and adults alike–is the frequent abuse and violation of our privacy online. Common Sense Media asked parents and teens last year about their concerns and nearly all teens (97%) and parents (93%) say it is important for sites to ask permission before selling or sharing their personal information. More than 90% think it’s important that sites clearly label what data they collect and how it will be used.
Those privacy leaks are everywhere. In Maryland alone, more than 1.1 million people had their personal information misused in the Cambridge Analytica scandal, as part of 70 million people impacted nationally.
Nearly 3 million Maryland residents were among the 170 million people whose data was leaked from Equifax, potentially as a result of a hack by a hostile foreign state.
As just one more of many examples, last year, the state of New Mexico filed suit against Google, Twitter and app manufacturers for tracking and targeting kids who play games online, even including their precise location.
The market for online advertising to kids will approach $1.2 billion this year one study finds, leading 50% of apps to illegally target ads to kids. As parents, we have to focus on our kid’s digital wellbeing and that means cleaning this problem up.
This problem has become so urgent that the time for action is now. Even 59% of workers in the tech industry itself are hoping for more regulation to crack down on abuses.
Online Consumer Protection Act
The Maryland Cybersecurity Council has proven itself to be committed to the task. The Council is recommending the passage of an Online Consumer Protection Act which would become one of the strongest state privacy laws on the books, SB 613, introduced by Sen. Susan Lee, D-Montgomery, will be considered on Friday, March 8 by the Senate Finance Committee. A companion bill, HB901, will be considered by the House Economic Matters Committee on Wednesday, March 6.
The bill will give consumers a new series of tools to protect their privacy rights online. Consumers would be able to know if their data is being collected, what is being sold, and to demand access to much of that information. Consumers could delete that information, and opt-out of its disclosure or sale. Kids under 18 are protected against any disclosure or sale of their data.
This is only a first step to making it safe to enjoy the Internet and social media without losing all privacy, but it is a good first step. The Maryland Online Consumer Protection Act is designed to align with a new law in California, helping build a national web protecting online privacy.
The other strength of Maryland’s bill is its enforcer, Attorney General Brian Frosh. While it would be even better for consumers if there was a private right of action, since enforcement lies solely with the AG, it is necessary to have a strong AG.
AG Frosh has built an aggressive legal profile, frequently taking on the president as well as industries that harm their consumers. He is part of a new generation of state Attorneys General who are modernizing their approach to the office, and he is the perfect figure to enforce these new privacy rights.
Let’s be clear: the online environment is tilted in favor of the biggest tech companies, and it is everyday families who pay the price.
We need to turn this around, and help build a better Internet, one that is both safer and far more private.
That will be a long process, and the state of Maryland should be doing its part in getting us there.
Jim Steyer is the CEO and founder of Common Sense, a non-profit organization devoted to improving media and entertainment for families.