A steady stream of new startups pitch their ideas, concepts, products and services on a daily basis to TechCrunch reporters: Startups that claim to predict when employees might want to leave for a new job; that think they can detect depression using someone’s voice; that experiment by using chatbots on patients with depression; that scrape the internet for faces to allow police to carry out facial recognition surveillance.
And more than most of these startups terrify me.
Much of the focus today is on TikTok, the viral video-sharing app owned by Chinese firm ByteDance, which faces bans over fears that the data it collects will end up in the hands of the Chinese government.
It’s not an unreasonable fear, especially with over a billion users worldwide using the app. But TikTok isn’t the only company capable of sharing data with China. Thousands of American apps and companies share our information with advertisers and data brokers, which also expose that data to China, in large part because nothing exists to curb the sharing or selling of data to anyone who wants it, from startups to authoritarian regimes.
But while lawmakers and the government endlessly fixate about TikTok and China, they continue to neglect the larger problem, and that’s at home. The scary calls are coming from inside America’s house.
All startups vie to be the next generation of Amazons, Ubers, Facebooks and Googles, and look up to these American tech giants with dollar signs in their eyes. But if money is the metric to go by, it’s worth looking at how the Amazons, Ubers, Facebooks and Googles got here. It’s through our data that so many tech giants (though not all) made their billions. Some call it innovation and disruption; others see it as exploitation.
Just look at the mess that the first-generation of tech titans have made. We’ve seen how our data is used by companies to consolidate power, like market or user share, to make money. When Amazon isn’t oppressing its workers by meticulously tracking their toilet habits, it’s using data to push out competitors and small businesses to favor its own sales. Uber played fast and loose with its security and privacy practices for years, then tried to cover up a massive data breach. Facebook was used to incite a literal genocide that in part led to a whole corporate rebrand. And Google’s data practices pretty much keeps the U.S. Justice Department’s antitrust division in business.
These data-hungry tech companies have compromised our security, eroded our privacy, tracked us, sold our data, lost our data, monopolized the competition, driven out small businesses and put entire populations at risk.
A paucity of legislation and regulation have allowed American tech companies to thrive and grow, enriched by our personal information and data we created, including anything from where we go to what we buy, to the people we communicate with to the content we consume. If the adage that data is the new currency is true, it’s no wonder why tech companies keep getting richer. There are few rules for what companies can do with our information, but plenty of profit-making playbooks to work from. Every day a new tranche of startups have our data in their sights, but as consumers facing today’s technology, what hope do we have when the conditions for our security and privacy are worse?
As unlikely as it is, a national TikTok ban would not stop Americans’ data from ending up in China. The data has to be stemmed at the source — by not allowing American tech companies to collect gobs of data from people’s devices to begin with.
America stands alone as one of the few superpowers without a data protection or privacy law. It is this uncontrolled and unregulated environment that allows Americans’ data to end up in the hands of China or anyone who will pay for it. Creating a federal privacy law that spans the entire country and getting it to actually work isn’t easy. It’s why each state legislates differently.
California was the first state to offer strong consumer and data protections to its residents, granting Californians the rights to access, modify and delete the data that companies collect on them. California’s consumer privacy law is regarded as one of the strongest in the country — because it worked. Companies in the state, home to Silicon Valley and its tech titans, had to comply and carve out deep exceptions to millions of Californians of their data collection practices. But that still leaves the millions of remaining Americans with no privacy protections.
Only a handful of states have followed in California’s steps, but few new laws have reached the same bar, thanks to the corrupt (or lazy) lawmakers that watered down the draft bills in their states to serve the interests of the lobbying companies. Meanwhile, the tech lobby is fervently backing a federal law with the aim of creating a weaker set of rules across the U.S. to replace the patchwork of state laws, including California’s.
Startups today should scare you because of their near-unfettered and unbridled ability to do almost anything with our information and face little to no repercussions. Even where tech giants have historically flouted their own security and privacy promises, regulators are under-resourced and massively outnumbered, and don’t have the enforcement powers to meaningfully hold repeat offenders accountable.
Without guardrails in place to protect our data, the startups of today and tomorrow are doomed to make the same mistakes of yesteryear.