Dan Morain

Big data, big money collide with privacy

On June 12, Technet, a trade group that lobbies on almost any privacy legislation that affects Silicon Valley interests, spent $1,938 to cover food and drinks at DeVere’s Irish Pub. That’s pocket change in today’s politics.

Assemblyman Ian Calderon, a Los Angeles-area Democrat, was one of the legislators who showed up for the fundraiser. Nothing extraordinary.

Two weeks later, on June 26, a bill to rein in the sale of the digital footprints you leave behind whenever you traipse across the Internet died in the Assembly Committee on Arts, Entertainment, Sports, Tourism and Internet Media, which Calderon chairs. Technet opposed the bill. Business as usual.

In the U.S. Senate, a similar attempt to regulate data brokers died when only three Democratic senators signed on as supporters; they weren’t named Feinstein or Boxer.

Civil libertarians on the left and libertarians on the right wring their hands about National Security Agency data sweeps. The Senate failed last week to limit the practice, because of Republican opposition.

California Attorney General Kamala Harris reported three weeks ago that data breaches increased by 28 percent last year, representing 18.5 million bits of information about you and me. Social Security, bank, credit, debit card and personal information numbers and more all fell into miscreants’ dirty hands or, oops, were accidentally released for the world to see.

The Legislature this year finally prohibited brokers from selling individuals’ Social Security numbers. Who knew that was ever legal? But on several privacy measures, legislators bowed to tech lobbyists who argued the bills threatened to stifle innovation.

That might start to change in 2015. Or not.

Assembly Speaker Toni Atkins broke with long-standing jurisdictional tradition by creating a new committee, Privacy and Consumer Protection. Previously, privacy issues had been heard by one of at least three committees.

Atkins told me the committees with jurisdiction over privacy have a huge workload. She hopes to smooth the operations. She also hopes the committee will delve more deeply into questions of privacy.

“Don’t think I’m not frightened about my data being compromised,” Atkins said. She was among the 7.5 million Californians who had shopped at Target and whose financial information was breached last year. “Clearly, a lot of this (legislating) needs to be done at the federal level. But California has a special role to play.”

We Californians care deeply about our privacy, and we love our smartphones, tablets, Facebook and Twitter.

Even before Jerry Brown became governor the first time, voters worried about invasion of their space, and overwhelmingly approved a California constitutional amendment in 1972 explicitly granting the right to privacy.

Among the signers of the argument in the voter handbook supporting that 1972 measure was a state senator, George Moscone, who became San Francisco’s mayor and was assassinated 36 years ago this week. It’s more than a footnote. The Moscone statement, signed four years before Jobs and Wozniak built their newfangled machine in their garage, was prophetic:

“Computerization of records makes it possible to create ‘cradle-to-grave’ profiles on every American.” A right to privacy would prevent “government and business interests from collecting and stockpiling unnecessary information about us and from misusing information gathered for one purpose in order to serve other purposes or to embarrass us.”

Four decades later, some of the biggest legislative battles involve business interests collecting and stockpiling private information. A bill this year sought to require car markers to disclose whether new vehicles collect and store data about driving habits. It died.

Another bill sought to require that cellphones contain anti-theft devices. It fell two votes short of passage when six Democrats voted against it, and a seventh abstained.

“We don’t want any legislation to have a negative impact on jobs in Silicon Valley,” Jim Beall, a Democrat whose district includes Apple’s headquarters in Cupertino, was quoted as saying after voting against it.

The kill switch bill’s author, Sen. Mark Leno, D-San Francisco, managed to push through a retooled version later in the year, after tech companies dropped their opposition.

Sen. Mark DeSaulnier, a Contra Costa County Democrat who won a congressional seat on Nov. 4, introduced the data broker bill, Senate Bill 1348, after one of his constituents told him she had been stalked by people who purchased her personal information.

The bill sought to grant us some control by empowering us to be able to tell data brokers that we don’t want them to sell or share personal information that they’ve collected or bought. Keepers of the data would have been barred from charging fees for taking down the information.

The Senate approved the bill in May, and sent it to the Assembly, where the Judiciary Committee, which traditionally heard many privacy bills, provided an exceptionally detailed analysis of the issue and the bill’s implications.

“Virtually every time a consumer visits a website to make a purchase, book a hotel, reserve a rental car, search for information, play a game, communicate with loved ones, donate to a cause, or even post a video of a cat playing a piano, chances are the information is being collected, stored, analyzed and eventually sold or shared to third parties without many consumers being aware of that background development.”

Much of the information is put to innocuous use. Perhaps you’ll get targeted ads for shoes if you visit a site looking for socks. But it’s not called Big Data because it’s small potatoes. Big Data poses a “threat to Americans’ personal privacy, and it can create unprecedented opportunities for identity theft,” the staff analysis said.

Opponents included the California Chamber of Commerce, California Retailers Association, Technet, Internet Association, and TechAmerica, which are funded by Internet and tech companies, private investigators, debt collectors, data brokers and more.

Through their political action committees, the Chamber of Commerce and other trade groups opposing the bill spent $2.5 million on California campaigns in the 2013-14 election cycle, by my count. Three Internet companies that would have been affected, Facebook, Google and eBay, spent a combined $502,000 on California campaigns in 2013 and 2014. I could go on.

“They’re the ones who are threatening innovation. They’re the ones selling private information,” DeSaulnier said. “Apple or Google have to decide whether they value their goodwill, or they will become like the tobacco companies, and no one will trust them.”

The Assembly Judiciary Committee approved the measure and sent it to the Assembly Committee on Arts, Entertainment, Sports, Tourism and Internet Media. Given the committee’s unwieldy name, its purview and its 29-year-old chairman, Calderon, Capitol denizens, snarky creatures that they are, dismiss it as the Assembly Arts and Crafts Committee.

Calderon didn’t call me back, but an aide said the assemblyman thought DeSaulnier wasn’t willing to compromise. DeSaulnier says Calderon suggested amendments that were “verbatim” what the tech industry sought. And so the bill died, two weeks after Technet spent $1,938 to host the fundraiser at DeVere’s.

Maybe some legislator will take it up in 2015. Members of Atkins’ new Privacy and Consumer Protection Committee might craft a thoughtful solution that guards consumers’ privacy. Or any protections will get buried beneath the mounds of money the industry can spend.

Follow Dan Morain on Twitter @danielmorain.

  Comments