Following national scandals, North Dakota lawmaker argues for consumer rights on data privacy bill
BISMARCK — A Microsoft official pitched a data privacy bill unveiled in the North Dakota Legislature as way to head off a “rising tide” of public distrust in technology Wednesday, Feb. 6, as industry groups warned lawmakers not to quickly approve the “sweeping” mandates.
House Bill 1485, pushed by Fargo Republican Rep. Jim Kasper, would allow consumers to request companies like Google and Facebook to delete and stop collecting their personal data. It would also require companies to provide information about data they’ve collected and to correct inaccurate information.
Kasper said his original bill was inspired by legislation that was passed in California last year, but an amendment adopted by the House Industry, Business and Labor Committee Wednesday more closely resembles regulations moving through the Washington statehouse. He expressed little optimism Congress will take up the issue until more states pass laws.
Kasper said his bill is premised on the argument that personal data belongs to consumers who should be able to better control its use.
“Customers have the right to know,” he said. “They have the right to say yes or no.”
Kasper’s legislation was supported by Ryan Harkins, the director of state affairs and public policy at Microsoft, who said the bill would impose the country’s strongest privacy protections. He called on legislators to “modernize” privacy laws to alleviate anxieties over the increased collection of personal data by large technology firms.
“And if those kinds of concerns aren’t addressed, our fear is that we could wind up shutting off all of the benefits that technology is bringing and promises to bring,” Harkins said. “People won’t use technology they don’t trust.”
Google, for instances, collects reams of data about its users — search histories and location are among them — that's used to tailor specific online ads. Google’s parent company said this week that its advertising revenue totaled $32.6 billion in the fourth quarter of 2018, a 20 percent jump from the year before.
But data privacy scandals have fueled a public backlash.
Months after the New York Times reported that Cambridge Analytica gathered information from millions of Facebook profiles without user’s permission, California passed a data privacy law. The European Union approved data regulations in 2016, but they didn’t go into effect until last year.
Groups representing the information technology and wireless communications industries, who said they had little time to review Kasper’s amended bill, warned the California regulations were rushed and riddled with errors and urged North Dakota lawmakers to take more time to study the issue.
Gerald Keegan, a lobbyist for CTIA, the wireless communications industry group, said the “sweeping bill” would result in a “compliance nightmare,” particularly for companies that don’t already have to comply with the European rules.
“I would find this to be a high hurdle to cross,” he said.
Kasper questioned assertions that the bill would create heavy burdens and dismissed suggestions that the bill be turned into a legislative study, but he was open to amendments and a delayed effective date.
“We either want to protect the people of North Dakota or we don’t. We either want to give our citizens knowledge and transparency or we don’t,” he said.
The committee didn’t take immediate action on the bill Wednesday morning.