A panel at the CES conference in Las Vegas. Image: Martyn Landi/PA
During a CES panel, those in charge of maintaining user privacy at Facebook and Apple were challenged for not doing enough.
Apple and Facebook have been told current privacy practices are “untenable” by the US federal trade commissioner during a debate on the issue. Speaking during a panel at CES in Las Vegas, which featured executives from the two firms, they and the wider technology industry were urged to take more responsibility on the issue.
Federal trade commissioner Rebecca Slaughter said the number of data breaches reported in recent years proved more needed to be done.
“Just the fact that when we read the newspaper every day we see different concerning stories about privacy or security breaches means that it would be impossible to conclude that enough is being done. It wouldn’t make a lot of sense to draw that conclusion,” she said.
The panel discussion was the first time an Apple executive had appeared at CES in years, and global privacy senior director Jane Horvath’s appearance alongside her counterpart from Facebook came after previous public disagreements between the firms on the best approach to data privacy.
Unfair situation
In response to Slaughter, Facebook’s privacy boss Erin Egan cited the social network’s introduction of a privacy check-up tool as an example of how the company is working to protect its users. However, Slaughter said it was unfair that consumers were being asked to police how their data was being collected.
“Because I think that today, even if consumers can walk through a privacy check-up, the amount of information that you have to process, to figure out what is happening with your data, is untenable for most people,” she said.
She said even as a privacy expert, she personally “cannot figure out” all the different uses of data going on across the different services she uses.
“I think it’s important that we think about ways that the burden is not just placed on the consumer, but that the collectors and stewards of data have the responsibility too.
“For example, minimise what’s collected, minimise what’s retained and minimise how it’s shared consistent, while still providing the product or service that they’re offering and that the consumer wants – but without creating this endless trove of data that can disappear into the ether.”
Defending Apple’s approach to the issue, Horvath said: “At Apple, the way we look at privacy is to put the consumers in the driving seat. They should have control over their data. They should have choices with their data and one of the things we really focus on at Apple is privacy by design.
“The other thing that is critically important is that we have support from our executives. [Apple chief executive Tim Cook] is incredibly committed to privacy and it flows through the company.”
Throwing down the gauntlet
Following up, Egan said Apple’s approach “completely resonates with how we approach privacy at Facebook”. She said it was important to the company that users understood how and when the company used personal data. “But we’re constantly iterating because expectations are evolving.”
However, the commissioner rebuked Egan over her belief that user privacy on Facebook was successfully being protected today.
The Facebook executive had said the social media firm believed privacy was a “fundamental right” and that it protected the privacy of its users.
But Slaughter did not agree. “I don’t want to talk about specific services or products but as a general matter no, I don’t think privacy is generally protected,” she said.
“I think the amount of data that is collected about any individual in this room … I don’t think anyone here could tell us accurately who has what data about them and how it is being used.”
She acknowledged that a world where no data was shared could not exist, but said a minimum level of what data is collected and used needed to be found.
Slaughter added that she hoped privacy legislation would be introduced in the US by 2021. Last year, the Federal Trade Commission fined Facebook $5bn for privacy violations and enforced strict new oversight rules on the company.
A white paper published by the UK government in April 2019 also proposed new legislation that would impose a statutory duty of care to users on social media and internet companies, with large fines and personal liability for executives as potential punishments for breaches of the code.
– PA Media
