Big tech firms call for data transparency, inclusive privacy laws at CES 2021

Even as the world debates WhatsApp’s recent privacy update in a pandemic-induced digital-first setting, Google, Amazon and Twitter on Wednesday discussed the need for technology firms to raise the bar for privacy, security and transparency of data use.

According to Amazon's director of trust for Alexa Anne Toth, and Google and Twitter’s chief privacy officers Keith Enright and Damien Kieran, respectively, technology companies should provide users greater access and control over their data to build trust and ensure safety.

The speakers were part of a virtual panel at the four-day Consumer Electronics Show (CES) 2021, which is set to end on January 14.

“As we think about 2021 in the privacy perspective, it's really about transparency around AI and ML, where we are going to be doing a lot of work,” Kieran said. “We try to make sure that folks understand the quintessential -- what data do we collect, how we use it, when we share it, all of those things.”

This becomes more important in the AI and ML sphere, he said, as these emerging technologies will be ubiquitous to almost everything companies do online in the future.

According to Enright and Toth, while the use of technology has helped people stay connected, it has also made them nervous. To address the issue, technology companies must take measures such as allowing users to delete data and offer data portability, they said.

“This includes continuing the work done in the past on privacy and data protection, to do an even better job of explaining to users -- in a way they understand the technology and its implications -- the innovations in controls. But it also means working across industries and with regulators to identify opportunities to meaningfully improve the privacy and security that governs user behaviour online,” Enright said.

Additionally, the panellists indicated the Joe Biden administration in the US may put forth an omnibus federal privacy law. The law is expected to be different from the GDPR and other national laws, they said, which means there would always be differences around data storage and access regulations across geographies, and that could result in different experiences for users of globally-active services.

It is imperative for the government to consider international implications of a data privacy law, as broad and stringent regulations on cross-border data transfers and storage may result in balkanisation and localisation of data and services, Twitter’s Kieran said.

“I don't want to open the app on a very different experience, both from the settings, the controls, and the privacy experience, or just the online totality of it,” Kieran said.

The microblogging giant and its peers have raised similar concerns in India in response to the Personal Data Protection Bill, 2019, which outlines the need for localisation of sensitive user data on servers located in the country the data was gathered in. They argued that the bill would lead to a “splintering” of the internet, and classifying just the information of Indian users as sensitive and non-sensitive would be tough. 

Read: Stakeholders voice concerns over exemptions given to the govt in data protection bill

“Globally, there are over a hundred different, national-level privacy laws,” Amazon’s Toth said. “So there's going to be differences always, and all of us here represent companies that operate at a global scale and so we're dealing with a forever patchwork quilt. But we're trying to minimize the differences and hopefully give all of our customers everywhere a fair shake and an equal amount of privacy protection.”