{"id":16799,"date":"2019-11-06T09:10:07","date_gmt":"2019-11-06T17:10:07","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/11\/06\/news-10538\/"},"modified":"2019-11-06T09:10:07","modified_gmt":"2019-11-06T17:10:07","slug":"news-10538","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/11\/06\/news-10538\/","title":{"rendered":"ACCESS Act might improve data privacy through interoperability"},"content":{"rendered":"

Credit to Author: David Ruiz| Date: Wed, 06 Nov 2019 16:00:00 +0000<\/strong><\/p>\n

Data privacy is back in Congressional lawmakers\u2019 sights, as a new, legislative proposal focuses not on data collection, storage, and selling, but on the idea that Americans should be able to more easily pack up their user data and take it to a competing service\u2014perhaps one that better respects their data privacy. <\/p>\n

The new bill would also require certain tech companies, including Facebook<\/a>, Google, and Twitter, to introduce \u201cinteroperability\u201d into their products, allowing users to interact across <\/em>different platforms of direct competitors. <\/p>\n

These rules, referred to in the bill as data portability and interoperability, would presumably allow Americans to, for example, download all their data from Facebook and move it to privacy-focused social network Ello<\/a>. Or talk directly to Twitter users while using the San Francisco-based company\u2019s smaller, decentralized competitor, Mastodon<\/a>. Or even, perhaps, log into their Vimeo account to comment on YouTube videos. <\/p>\n

Data portability and interoperability are nothing new: Mobile phone users can keep their phone number when switching wireless providers; enterprise software can today read the files made on competitor programs, like the various documents made by Apple Pages, Microsoft Word, and Google Docs. <\/p>\n

But few, if any, notable examples of data portability and interoperability came at the behest of federal legislation. Whether this new bill will succeed\u2014in passage, in improving data portability and interoperability, and in its stated purpose of improving data security\u2014remains to be seen. <\/p>\n

Avery Gardiner, senior fellow of competition, data, and power for the Center for Democracy and Technology, said that the bill has a few good ideas, but in trying to improve data privacy, it strangely does not focus on the issue itself. <\/p>\n

\u201cIf we have a privacy problem, which we do have in America, let\u2019s fix that with privacy legislation,\u201d Gardiner said. <\/p>\n

Cory Doctorow, a writer, activist, and research affiliate with MIT Media Lab, appreciated the bill\u2019s focus on interoperability\u2014a topic that could use smart rule-making and which is getting little attention in Congress, as opposed to the constant, possibly futile attempts to strictly regulate Big Tech offenders, like Facebook. <\/p>\n

\u201cThis aims to fix the Internet,\u201d Doctorow said, \u201cso that Facebook\u2019s behavior is no longer so standard.\u201d<\/p>\n

The ACCESS Act <\/strong><\/h3>\n

On October 22, US Senators Mark Warner (D-VA), Josh Hawley (R-MO), and Richard Blumenthal (D-CT) introduced the Augmenting Compatibility and Competition by Enabling Service Switching Act, or, ACCESS Act. <\/p>\n

The bill would regulate what it calls \u201clarge communications platforms,\u201d which are online products and services that make money from the collection, processing, sale, or sharing of user data, and that have more than 100 million monthly active users in the United States. The bill calls the owners of these products \u201ccommunications providers.\u201d <\/p>\n

Plainly, the bill applies to both Big Tech companies and the platforms they own and operate, including Facebook and its Messenger, WhatsApp, and Instagram platforms, Google and its YouTube platform, and the primary products of LinkedIn and Pinterest. <\/p>\n

But rather than placing new rules on these tech giants in an effort to break them up\u2014a rallying cry for some Democratic presidential candidates<\/a>\u2014the bill instead aims to open up competition against them, potentially creating a level playing field where users can easily leave a platform that betrays their trust<\/a>, runs afoul of federal agreements<\/a>, or simply stops providing an enjoyable experience<\/a>. <\/p>\n

\u201cThe exclusive dominance of Facebook and Google have crowded out the meaningful competition that is needed to protect online privacy and promote technological innovation,\u201d said Sen. Blumenthal, who helped introduce the bill, in a prepared statement<\/a>. \u201cThe bipartisan ACCESS Act would empower consumers to finally stand up to Big Tech and move their data to services that respect their rights.\u201d <\/p>\n

The ACCESS Act has three prongs\u2014data portability, interoperability, and \u201cdelegability,\u201d which we’ll discuss below. <\/p>\n

First, on data portability, any company that operates a large communications platform would need to develop a way for users to grab their user data and move it over to a competitor in a secure, \u201cstructured, commonly used, and machine-readable format.\u201d <\/p>\n

While some companies already provide a way for users to download their data\u2014one Verge reporter downloaded 138 GB of their own data following the passage of the European Union\u2019s General Data Protection Regulation<\/a>\u2014the potential to seamlessly port it over to a competitor could lower barriers to leaving behind Big Tech companies that dominate today\u2019s social media ecosystem. <\/p>\n

CDT\u2019s Gardiner said that the bill\u2019s attempt to introduce data portability is good, but whether it will be effective depends on a robust, competitive landscape where upstarts can actually accept a user\u2019s data in a meaningful way. Right now, she said, that landscape does not exist. <\/p>\n

\u201cThe way that your data would be useful is pretty specific to the way it is already in someone\u2019s platform,\u201d Gardiner said. \u201cYou\u2019re not going to port your Facebook data into Twitter because it wouldn\u2019t help you do anything, as a user.\u201d<\/p>\n

Gardiner said she understood what the bill is trying to accomplish, but she questioned whether it was the most effective route. <\/p>\n

\u201cWhen I read the press statements, I think part of what they\u2019re saying is that privacy failures by some of the Big Tech companies are, in part, due to the lack of competition, so we should facilitate competition for communications platforms,\u201d Gardiner said. \u201cI have a simpler approach to solve that problem, and that\u2019s to pass privacy legislation.\u201d <\/p>\n

On the bill\u2019s demands of interoperability, companies must develop an \u201cinteroperability interface\u201d for every large communications platform they own. For a company like Facebook, that would mean allowing interoperability with its Messenger, WhatsApp, and Instagram platforms, as CEO Mark Zuckerberg prom<\/a>i<\/a>sed earlier this year<\/a>, as well as with outside competitors that want to enter the field.<\/p>\n

Finally, on \u201cdelegability,\u201d the bill asks that Americans be given the opportunity to select a third party to manage their privacy and account setting across the various platforms they use. Those third parties, which the bill calls \u201ccustodial third-party agents,\u201d must register with the US Federal Trade Commission and abide by rules that the Commission would need to issue after the bill\u2019s passage. <\/p>\n

Custodial third-party agents could charge a fee for their services, the bill says, and must protect the privacy and security of their users\u2019 data.  <\/p>\n

Interoperability\u2019s importance<\/strong><\/h3>\n

The ACCESS Act seeks a type of interoperability in which competitors can attract new users to their platforms by making their services compatible with a dominant player in the market. If users don\u2019t need to use Facebook\u2019s Messenger to stay in touch with their friends, for instance, they may find it easier to leave Messenger behind altogether, loosening Facebook\u2019s hold on users today. <\/p>\n

This type of interoperability has already helped dislodge the near-monopolies of Microsoft and IBM out of their respective markets\u2014the enterprise software applications Word, Excel, and Powerpoint; and the PC itself. <\/p>\n

But interoperability could do more than put large tech companies on watch. It could actually lead to a safer Internet for users, Doctorow said. <\/p>\n

Doctorow told an anecdote about his friend, a comic book writer who receives targeted harassment from a group of predominantly male Twitter users. The users, angered by the writer\u2019s feminist views, send threatening direct messages to her. But, after she reads the direct messages, they delete them. <\/p>\n

This is for two reasons, Doctorow said. One, users cannot report a direct message to Twitter unless that direct message is still available and not deleted. Twitter does not accept screenshots in harassment reports because of the potential for faked claims. <\/p>\n

Two, once the direct message has been deleted, the same harassers will comment publicly on the comic writer\u2019s Twitter feed, and to several other women in her online community. These public comments, Doctorow said, reference the same content of the threatening direct messages, re-traumatizing the writer. <\/p>\n

This is a cycle of harassment in which direct threats skirt consequences, only to reappear in similar content, increasing the feeling of powerlessness for the victim. <\/p>\n

Interestingly, Doctorow said, there might be an opportunity for interoperability to help. <\/p>\n

The comic writer and her small community of friends could use an outside competitor (or develop one themselves) to continue their discussions\u2014which typically take place on Twitter\u2014while setting up rules that would prevent the harassers\u2019 direct messages and Tweets from showing up in their feeds and inboxes. <\/p>\n

It\u2019s more than a blocklist, Doctorow said. It\u2019s giving power to users to engage with meaningful, online communities that already exist in a way that supports and protects them. <\/p>\n

Interoperability, then, might offer a potential solution for users to avoid online harassment\u2014until aggressors find them on a new platform. But will interoperability actually serve the ACCESS Act’s stated goal of improving data privacy? <\/p>\n

How to regulate data privacy<\/strong><\/h3>\n

The ACCESS Act is at least the sixth federal bill proposed in the past year that aims to improve Americans\u2019 data privacy. <\/p>\n

As Malwarebytes Labs has reported, each federal bill seeks to improve data privacy through various means.<\/a> One Senator\u2019s bill would enforce a \u201cDo Not Track\u201d list, another would create a \u201cduty to care\u201d for user data, and another would require clear and concise terms of service agreements. <\/p>\n

The ACCESS Act, on the other hand, is the first data privacy bill to focus on data portability and interoperability. Both concepts have provided proven, better experiences for technology users across multiple sectors. College students can take their transcripts to a new university when they wish to transfer schools. Healthcare patients can take their records to a new provider. <\/p>\n

But with Congress taking a winter recess in just six weeks, there is essentially zero chance that any of these data privacy bills will pass in 2019. <\/p>\n

Maybe 2020 will be better for users and their data privacy. <\/p>\n

The post ACCESS Act might improve data privacy through interoperability<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: David Ruiz| Date: Wed, 06 Nov 2019 16:00:00 +0000<\/strong><\/p>\n\n\n\n
<\/a><\/td>\n<\/tr>\n
Data privacy is back in Congressional lawmakers\u2019 sights, as proposed legislation called the ACCESS Act focuses not on data collection, storage, and selling, but on the idea that Americans should be able to easily pack up their data and take it to a competing service. But will this actually protect privacy?<\/p>\n

Categories: <\/p>\n