Big Tech firms employ nationalist arguments to suggest that American incorporation amounts to a guarantee that their business models do not undermine U.S. national security or U.S. foreign policy. Without a federal privacy law to limit the collection and sharing of data, however, it remains a wild exaggeration. This data intermediation ecosystem allows data on U.S. citizens to end up in the hands of the foreign government, threatening national security and potentially sabotaging U.S. diplomacy and foreign policy activities. It also weakens American credibility in data issues; if the White House acts against individual Chinese technology companies while Congress does not pass any privacy laws, for example, seeking to eliminate a potential means by which Beijing can spy on U.S. citizens, the United States seems more focused on target firms than general data mitigation- diffusion damage.
These Big Tech arguments, however, refer to a second concern of a weak U.S. privacy law: distrust of U.S. overseas technology companies.
There are a myriad of legitimate reasons why American tech giants have reputation issues abroad, from pure market power and vast lobbying to allowing the spread of hate online it’s massive, exploitative wider data collection. Phrases like “data colonialism” and “digital colonialism” have been used to characterize this phenomenon, especially when large technology companies enter countries with inferior resources (e.g., Venezuela, Uganda, India), monitor citizens, and they extract all the value in their seats while perpetuating other problems as unequal divisions of labor.
It doesn’t have to be that way. At the moment, US officials are renegotiating a transatlantic data transfer agreement with European Union counterparts, following an EU ruling. invalidation of the Privacy Shield framework in July 2020. Some might argue, with good reason, that the EU Court of Justice will find any reason to invalidate any EU-US data transfer agreement. But Washington can sustain its position by placing new, real constraints on the collection, sharing and use of data by American companies. Although Schrems II, the decision to invalidate the Privacy Shield, has focused on national security access to data in the United States, this absence of a robust U.S. confidentiality law still enters in the same conversation about inadequacy.
Passing a strong federal confidentiality law in the United States could also help U.S. companies struggle with an increasingly complex and fractured regulatory landscape around the world. For example, India Personal Data Protection Project, introduced in 2019 and still in deliberation, was inspired by the EU GDPR (although it includes a dangerously broad set of exemptions for the state). From Brazil General Data Protection Law has also similarity at GDPR. The more other governments enact privacy laws, the greater the risk for U.S. businesses in the face of increased regulatory challenges and public distrust around the world.
For all that politicians talk about the importance of having competitive U.S. technology companies, which should not be to the detriment of a democratic regulation that protects citizens from data abuse – nor should data abuse controls be seen as an antithesis to a competitive technology sector. On the contrary, as more data regimes grow in the world, when Silicon Valley faces increased scrutiny in overseas markets, and with confidence in artificial intelligence it depends in part on a country’s confidentiality regime, passing a robust federal confidentiality law could have many benefits for US tech competitiveness.
The little annoyed US-EU Business and Technology Council, Through which US and EU member states will participate in a conversation about everything from internet policy to standard development, has a strong implicit focus on China. Outside the G7, Biden reiterate a focus on providing a “democratic alternative” to the influence of the Chinese government.
Biden’s plan to unite democracies in technology faces several challenges, in part because it is unclear whether a framework of democracy versus authoritarianism is the best way to combat digital repression. Depending on the execution of the plan, it could also wrongly overlook the disagreements between the democracies themselves over how to address technological challenges. EU member states, for example, are barely in lock with Washington on a number of internet policy issues. India is often assigned to the democratic bloc in these talks, but that of the Modi government repressions, attacks on democracy, and internet abuse questions.