It’s easy to tear down bold declarations of principles. It’s also worth stepping back to admire the chutzpah of what Ro Khanna, the Democratic representative from the heart of Silicon Valley, proposed for the US on Oct. 4.
Khanna’s Internet Bill of Rights, drafted at the behest of Congressional minority leader Nancy Pelosi and endorsed by the creator of the web Sir Tim Berners-Lee, would enshrine sweeping new rights and reshape America’s relationship with technology. More than a dozen groups, including Amazon, Apple, Facebook and non-profits such as Free Press, weighed in, as well as Obama Administration officials who crafted an early proposal in 2015.
The proposal is below. If enacted, it would entrust people with ownership of their own data, force companies to relinquish it when warranted, and ensure personal data is neither abused nor mishandled. Companies would need to secure permission to collect and share data about you.
The implications are enormous. Data portability, for example, would allow anyone to transfer their social graph to new competitors, one of the central proposals by activists studying how to break Facebook’s hold over social media. The prohibition on exploiting personal data, and requiring consent for its collection, meant the Equifax fiasco might have played out quite differently, and could transform how Google operates.
Don’t expect this to happen anytime soon, of course. “This is a 15-year fight, but I do not think tech is immediately primed against it and Congress is more willing to be strong on regulation,” Khanna told The New York Times (paywall). “Tech is amoral—it is great in many ways but not as great in others, and they need to now spend the next 10 years thinking about how they shape that tech for public good.”
Under the proposed principles, you should have the right:
(1) to have access to and knowledge of all collection and uses of personal data by companies;
(2) to opt-in consent to the collection of personal data by any party and to the sharing of personal data with a third party;
(3) where context appropriate and with a fair process, to obtain, correct, or delete personal data controlled by any company and to have those requests honored by third parties;
(4) to have personal data secured and to be notified in a timely manner when a security breach or unauthorized access of personal data is discovered;
(5) to move all personal data from one network to the next;
(6) to access and use the internet without internet service providers blocking, throttling, engaging in paid prioritization, or otherwise unfairly favoring content, applications, services, or devices;
(7) to internet service without the collection of data that is unnecessary for providing the requested service absent opt-in consent;
(8) to have access to multiple viable, affordable internet platforms, services, and providers with clear and transparent pricing;
(9) not to be unfairly discriminated against or exploited based on your personal data; and
(10) to have an entity that collects your personal data have reasonable business practices and accountability to protect your privacy.