Governments will have to use more than updated privacy laws if they want to stop technology companies from leveraging disinformation and lies for profit, says British Columbia’s information and privacy commissioner.
“I do worry the current approaches we are pursuing have already gone beyond their best before date,” Michael McEvoy said Friday in an online keynote speech during the Victoria Privacy and Security Conference. “It’s evident to me that privacy laws alone cannot sufficiently restrain the predatory behaviour of technology companies, particularly the giants among them.”
Countries will have to use many tools, including anti-competition, consumer protection and anti-trust laws, he added. One example he noted was the European Union fining Google 2.4 billion euros for manipulating its search engine to direct people to its own products. The U.S has also been aggressive: Last year, the federal government sued Google under its antitrust legislation, and the U.S. Federal Trade Commission fined Facebook $5 billion in 2019 for the collection of data relating to the Cambridge Analytica scandal.
Still, McEvoy said even if our progressive current laws stop the amplification of disinformation and hatred on social media platforms, it might be time to start thinking about new approaches, including recognizing privacy as a human right.
For example, he noted building codes have long regulated the construction industry. If a bridge collapses, the engineer and associated company can be held responsible for harm to life and property. So why not something similar, he wondered, for holding a software company responsible if its technology accelerates the spread of disinformation during a pandemic and causes harm to people?
“Where is the responsibility on the part of the computer engineers who design these products and the companies that employ them?” he asked.
“Where is the responsibility on the part of the computer engineers who design these products, and the companies that employ them?”
“If there were doubts, the past year has completely unmasked the untrammelled powers of big tech,” he said. “Facebook users have given over much of their personal information only to have it mediated in a way that has wreaked havoc and destruction.”
Social media companies don’t want to be places where people can exchange ideas, he stated. Instead, they “determine what you see on your screen. It’s all carefully calibrated to hold your attention for advertisers.”
“Outrage, hate and conspiracies” are fueling the spread of lies and disinformation that capture people’s attention, he explained.
“The U.S. — and it is not alone — is being torn apart on this sea of disinformation that claims their president was elected through subterfuge. It raises the question of how can we bring companies and others who inspire to be like them to heel?”
McEvoy applauded the Canadian jurisdictions reviewing current privacy legislations and praised the federal government’s proposed Consumer Privacy Protection Act for giving the federal privacy commissioner the ability to make compliance orders.
However, he complained only a separate Data Protection Tribunal would be able to levy fines for breaking the law and asked why the privacy commissioner couldn’t do both.
“I do not understand the government’s almost fetish desire to separate certain of these functions and to do so in a less than logical manner,” he said.
Separating the power raises the potential that the CPPA will be applied inconsistently, he said, in addition to taking up time. “This cannot be to the benefit of citizens the legislation is designed to protect,” he argued.
The Consumer Privacy Protection Act is still before Parliament.