Over the past several years the business of privacy has grown exponentially. The International Association of Privacy Professionals indicates that it now has more than
As advocates, privacy professionals will face at least three inherent challenges in the pursuit of legislative solutions to address privacy harms. Foremost, privacy is such a broad topic that addressing the issue can seem like an overwhelming task. The answer is to personalize privacy and connect theoretical harms to real world scenarios. The most successful privacy initiatives have been able to move legislation by clearly defining harms and mobilizing support. For example, a collection of advocates were recently able to pass, FOSTA-SESTA, a law designed to remove civil immunity from those online platforms that knowingly facilitate human sex trafficking. Through effective collaboration and public engagement, advocates were able to raise awareness for the issue and gather broad support for the legislation.
Another problem is that privacy is a component of many other causes. Privacy issues are raised within the context of online safety, online content moderation, civil rights, criminal and economic justice, women’s rights, mental health and technology. While existing and established organizations working in these spaces address privacy, they typically do so within the confines of their limited spheres. For example, the American Civil Liberties Union works on issues surrounding constitutional rights and threats to privacy from government surveillance, data tracking and corporate collection of information. The ACLU does not address broader privacy objectives such as preventing online harassment or reforming Section 230 of the Communications Decency Act.
The legislative results belie the need for advocates that can coalesce around broad privacy objectives and mobilize support at scale. Despite the number of organizations taking on privacy as a cause and the amount of attention on privacy issues, at the Federal level, privacy legislation has been incremental at best. Congress is replete with examples of where no action was taken despite tough talk following a well-publicized privacy breach.
Advocates also face the challenge of raising awareness for privacy issues outside the traditional privacy realms of consumer protection and government surveillance. In July 2017, Congresswoman Katharine Clark introduced the Online Safety Modernization Act of 2017. The bill would criminalize nonconsensual pornography, swatting and the publication of personally identifiable information of another for the purpose to “threaten, intimidate, harass or cause other harm.” Furthermore, the bill would direct the Department of Justice to: develop a strategy to “reduce, investigate, and prosecute cybercrimes;” to publish statistics on cybercrimes against individuals; add resources to address cybercrimes; make grants to state and local governments to prevent and enforce and prosecute cybercrimes.
Congressman Clark’s bill would protect important privacy rights, including what Justice Brandeis called “the right to be let alone.” However, the legislation has not received much attention from existing advocacy/privacy organizations. Without advocates to mobilize support for the bill, the legislation has languished in committee with only seven co-sponsors.
For privacy professionals addressing privacy within the confines of compliance, become an advocate for privacy causes that may be outside your particular area of expertise. If you have been involved in implementing GDPR protocols, learn about another aspect of privacy, such as issues surrounding cyber harassment or cyber bullying and become an ally for organizations working in those privacy areas by offering your support, knowledge and resources. For example, consider contributing to the Without My Consent, two organizations that help victims of online abuse. If you live or work in New Jersey, help me grow the advocacy organization that I started, the IMG_4306 via photopin