While there remains no singular piece of legislation governing how the personal data of individuals residing in the United States is processed and managed across all sectors, legitimate change in this regard finally appears to be on the horizon. On June 18th, United States Senator Sherrod Brown (D-OH), a ranking member of the U.S. Senate Committee on Banking, Housing, and Urban Affairs, released a draft privacy bill coined the Data Accountability and Transparency Act of 2020 (DATA 2020) which may create lasting change in the realm of data protections for U.S. citizens moving forward. Undeniably an area of much needed reform, reports have indicated that the bill will aim to enhance civil rights protections for consumers against powerful tech corporations and the government, while also potentially establishing a novel, independent agency specifically dedicated to ensuring the protection of individual privacy rights for all Americans. Among the most notable changes proposed in the bill, DATA 2020 would effectively:
- Ban the collection, use or sharing of personal data unless specifically allowed by law;1
- Ban the use of facial recognition technology;1
- Prohibit the use of personal data to discriminate in housing, employment, credit, insurance, and public accommodations;1
- Require anyone using decision-making algorithms to provide new accountability reports;1
- Requires CEO certification of compliance with this legislation, with both criminal and civil penalties potentially being levied against company executives and board members for non-compliance.1
The reality is that today’s web-surfing or app-downloading experience is filled with complicated privacy policies and technical jargon that is often overlooked by the general public. In fact, Brian Vecci, chief technology officer of prominent cybersecurity company Varonis stated that in the vast majority of instances, these policies are not designed for consumers to truly understand, but rather they are written “by lawyers for lawyers to protect the company.”3 Unbeknownst to many, these public policies contain important information on how said website/associated organization processes the data of its respective users, with individuals often signing away a fair amount of personal information on a daily basis.
A CNBC article discussing the give-and-take nature of privacy policies in the U.S. also notes that upon downloading most free smartphone applications across the globe today, there is in fact a transaction taking place – granted, not financial. When consumers obtain these free services, they agree to exchange their personal data with the companies/application developers. This data can range from information as basic as names, email addresses, and phone numbers to as detailed as driver’s license numbers/SSN’s, household income information and other intricate personal demographic information varying from site to site. The foundation of the U.S. internet marketplace has essentially been built upon the monitoring of its users and the collection and sharing of their information. That data may be sold, used for marketing, or relatively freely in other ways amongst other companies found under the same corporate umbrella, making some of the world’s top tech companies billions upon billions of dollars in the process. While these happenings as a whole seem unethical, they remain perfectly legal in America — but only because we as consumers continue agreeing to these terms of service often without even being aware of what they are signing up for.
DATA 2020 attempts to solve these issues by shifting the burden off of the consumer and onto the corporation, while putting America on par with their international counterparts who have had similar measures in place for years now. If the bill were to pass, data could only be used in ways that provide a service directly to you, in a way you specifically asked it to be used. It sounds like a no-brainer on the surface, but it is not without its downsides. If this bill were to pass, there would be plenty of unhappy corporations in Silicon Valley and beyond. Dealing in data is the primary way companies like Facebook and Google make up significant portions of their revenue. Without these revenue streams, many tech companies would be forced to make significant changes to their greater business models. Additionally, one might also expect to see a steep decline in free applications and services offered to consumers should such a measure pass (albeit a small price for U.S. citizens to pay for improved data security).
We may not have to deal with these consequences for a while however as Senator Brown is facing a Republican majority and has yet to even obtain backing for his proposed legislation from key members of his own party. Given the close ties the democrats have with Silicon Valley and the exorbitant funding those corporations pump into their party, it is hard to picture the democrat establishment pushing the bill very hard. There is always a chance Republicans may see this as an opportunity to spite the big tech companies and back the bill. We will see in the weeks ahead. Nevertheless, the proposal from Senator Brown is definitely a step in the right direction that at the very least will get the gears turning on Capitol Hill. Brown, remaining hopeful, released a powerful statement accompanying the announcement of his prospective bill, stating that should his measure ultimately become law, he believes that consumers across the country will finally be able breathe a sigh of relief as “rather than being expected to wade through a sea of unreadable terms of service and misleading corporate ‘privacy policies,’ we can rely on a Data Accountability and Transparency Agency to protect us from scams, discrimination, and surveillance.”1
Weekly Roundup
Supreme Court Rules on SEC’s Ability to Recoup Illicit Funds
Last Monday, the United States Supreme Court upheld the ability of the Securities and Exchange Commission (SEC) to seize illicit funds from fraudulent companies, but placed limitations on the agency’s ability to do so moving forward. With court-ordered disgorgement becoming one of the largest sources of monetary remediation for SEC enforcement actions in recent years (totaling billions of dollars in penalty fees from violators of securities regulations), an 8-1 vote ultimately allowed the practice to continue. However, the high court did alter some principles involved in this activity, including limiting the authority of the regulatory body to seize profits to a certain degree. The Supreme Court ultimately ruled that “the scope of what can be sought via disgorgement by saying that it cannot exceed the net profits of the conduct at issue”,5 while also declaring that in general, the vast majority of the disgorgement funds should be used to provide financial relief to the wronged investors, rather than being exclusively deposited into the U.S. Treasury as seen in years past.
The lone vote of opposition to the ruling came from Justice Clarence Thomas. Thomas argued that the current penalty system was unethical due to the fact that the SEC had no legitimate legal authority to seize profits from the targets of its civil enforcement suits.
Nordic Bank SEB Fined By Swiss Regulator
On June 25th, the Financial Supervisory Authority (FSA), Sweden’s financial watchdog, levied a major fine against one of the country’s top lenders for compliance failures related to deficient anti-money laundering controls and weak oversight across its Baltic operations. Skandinaviska Enskilda Banken AB (SEB) was fined 1 billion crowns ($107.11 million USD) by the FSA, with Estonian regulators tacking on an additional €1 million penalty for the bank’s failure to identify and respond to money laundering activity occurring in Estonia, Latvia and Lithuania between 2015-2019. The fine stems from a major shakeup in the realm of AML across the Nordics in recent months that saw Danske Bank (Denmark’s largest firm) and Swedbank identified as the main players in a multi-billion dollar, cross-border money laundering scandal that respectively took place between 2008-2015. Both regional and international investigations into these illicit activities are still ongoing.
The FSA ultimately ruled that the SEB neglected the high-risk nature of its operations in the Baltics while also failing to adequately identify and appropriately manage new and existing relationships with account holders who fit this criterion. The Financial Times adds, “the Swedish regulator complained that SEB’s internal control functions did not have sufficient resources and that, despite attempts by the bank to correct this, it had still failed to comply with the law.”2
U.S. Sanctions Iranian Oil Ship Captains Over Deliveries to Venezuela
Last Wednesday, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) moved to blacklist the captains of five vessels used by the previously-sanctioned Islamic Republic of Iran Shipping Lines (IRISL) and National Iranian Tanker Company (NITC) to deliver precious resources to Venezuela. The individuals named to OFAC’s Specially Designated National and Blocked Person List (SDN List) include Ali Danaei Kenarsari, Mohsen Gohardehi, Alireza Rahnavard, Reza Vaziri and Hamidreza Yahya Zadeh, whom captained the flagged Iranian tankers CLAVEL, PETUNIA, FORTUNE, FOREST and FAXON, respectively. These vessels were found to have delivered an estimated 1.5 million barrels of gasoline to the regime of corrupt leader Nicolás Maduro in recent weeks.
Following the measures’ announcement, Treasury Secretary Steven Mnuchin noted noting that the continued support provided by Iran to the authoritarian leadership in Venezuela is both unacceptable and unethical. Mnuchin continued, stating that the “Treasury Department will target anyone who supports Iranian attempts to evade United States sanctions and who further enables their destabilizing behavior around the world.”4 The new sanctions effectively block any and all assets these individuals may have within U.S. jurisdictions, while also prohibiting all dealings by U.S. citizens & companies that involve any property or interests of blocked/designated persons or risk facing potential financial and/or criminal penalties.
Citations
- “Brown Releases New Proposal That Would Protect Consumers’ Privacy from Bad Actors: U.S. Senator for Ohio.”Sherrod Brown Senator for Ohio, United States Senate, 18 June 2020.
- Milne, Richard. “SEB Fined for Baltic Money Laundering Deficiencies.” Subscribe to Read | Financial Times, Financial Times, 25 June 2020.
- Schlesinger, Jennifer, and Andrea Day. “Most People Just Click and Accept Privacy Policies without Reading Them – You Might Be Surprised at What They Allow Companies to Do.” CNBC, CNBC, 15 Mar. 2019.
- “Treasury Sanctions Five Iranian Captains Who Delivered Gasoline to the Maduro Regime in Venezuela.” Press Releases | U.S. Department of the Treasury, 16 June 2020.
- “U.S. Supreme Court Sets Limits on SEC’s Power to Recover Ill-Gotten Gains.”CNBC, CNBC, 22 June 2020.