By FIA FounderÂ Kenya Wiley
In the wake of the latest privacy scandal, weâ€™ve seen how a technology giant can go from a tech star connecting billions of users to a PR nightmare in a matter of minutes. Facebook CEO Mark Zuckerberg has publicly advocated for legislation to support Deferred Action for Childhood Arrivals (DACA) recipients, transgender troops in the U.S. military, and other social causes. But when it comes to issues around privacy and data securityâ€Šâ€”â€Šcore to Facebookâ€™s platform and other Internet-based businessesâ€Šâ€”â€ŠZuckerberg has taken a more reserved approach.
As a former counsel and senior policy advisor for the Senate Homeland Security and Governmental Affairs Committee, I understand the importance of holding corporate executives accountable and advancing effective legislation to keep consumer data safe and secure. I also understand the value of collecting and analyzing customer dataâ€Šâ€”â€Što both brands and consumersâ€Šâ€”â€Šthrough my experience advising companies in fashion, tech and retail. Well-managed consumer data allows more relevant product and movie recommendations, smart apparel that responds to body temperature and movement, and the ability to simply stay engaged with shoppers.
This balance between safeguards for consumers and flexibility for innovators is an ongoing issue that policy-makers are finding harder and harder to ignore. After all, this is not the first time that Washington has investigated Facebookâ€™s privacy and data security practices.
In 2011, the Federal Trade Commission (FTC) entered into a consent decree with Facebook for the companyâ€™s privacy practices. And in March, the Commission opened a new investigation into Facebookâ€™s privacy practices following reports about the companyâ€™s unauthorized use of data.
Congressional oversight is also rising, with recent hearings in the House and Senate and increased momentum for new privacy legislation.
While agency investigations and congressional hearings are important steps, making long-term change on privacy protection and data security will require great muscle and compromise from a diverse group of stakeholdersâ€Šâ€”â€Ša significant challenge at any time, but especially during an election year.
There are a few things we can do to help build privacy and trust inside and outside Washington:
Start with relatability and transparency.
As more companies collect data from consumers, building trust and transparency will be key if companies are to sustain relationships with their users. In the same way that brands use storytelling to engage and build trust with their consumers, Internet-based companies, retailers and other entities collecting consumer data should do the same with their privacy disclosures. These disclosures should be written in plain language that lets consumers easily understand what theyâ€™re signing up for. Companies that rise to the challenge of writing clear and brief consent language optimized for small devices and short attention spans will be far ahead of those that continue to rely on long legal disclosures designed to be ignored. Proactive self-regulation and transparency are necessary if companies are to build trust with consumers.
Educate and engage with lawmakers through the lens of industry.
Attorneys and lobbyists in Washington serve an important role in analyzing regulations and building relationships with legislators, but individuals that know the inner workings of tech, financial services and retail companies should also play an integral part in educating and working with government officials on meaningful legislation. When I was a Hill staffer, I always valued and respected the company executives (often not based in Washington) who would take the time to provide a deep dive into how their businesses worked and how the Committeeâ€™s draft billsâ€Šâ€”â€Šas technology continued to evolveâ€Šâ€”â€Šwould impact their employees and customers. I continued that practice after I left the Hill and joined the Motion Picture Association of Americaâ€™s (MPAA) legal departmentâ€Šâ€”â€Šoften working on-site in Los Angeles and New York on government compliance and delving into legal and policy issues with experts in the companiesâ€™ departments. I continue this practice today through my day-to-day work with startups and enterprise companies in fashion, tech and retail. The in-depth work with companiesâ€™ business teams and educational moments with government officials help inform lawmakers and their staffers so that they are able to ask the right questions in hearings and investigations, and ultimately are able to move meaningful legislation forward.
Look to Canada and Europe.
Many U.S. companies are currently preparing for the European Unionâ€™s new General Data Protection Regulation (GDPR), effective in May 2018 and some advocates have recommended that the U.S. adopt elements of the EUâ€™s data protection law. While there is no privacy law in the U.S. that directly applies to Internet companies (outside of the FTCâ€™s consumer protection authority), Canada and the EU have taken a stronger stance on data protection. In the EU and Canada, users have clearer rights to the privacy of their data, and the right to know exactly how their data is being used and accessed.
While saying â€śIâ€™m sorryâ€ť is a polite gesture to users who have had their privacy rights violated, an apology alone will not improve consumer trust. Clear communication, straightforward disclosures, and a proactive commitment to privacy protection and data security are a good start.
Kenya Wiley is a former counsel and senior policy advisor for the Senate Homeland Security and Governmental Affairs Committee. She currently serves as founder and CEO of the Fashion Innovation Alliance.