OLYMPIA, Wash. — The likelihood of the Washington Legislature limiting the ability of Internet service providers to sell customer data is boiling down to this: privacy concerns versus the difficulty of each state having its own separate law on the subject.
A likely factor in that duel will be the political clout of the telecommunications and high-tech lobbies, which oppose the bill.
On April 3, President Donald Trump signed a law that allows internet providers to sell your personal information without your permission. The next day, Washington legislators from both parties fired back, introducing bills in the Senate and House to reinstate those protections in this state. Sen. Kevin Ranker, D-Orcas Island, said 27 other states have introduced similar reinstatement bills.
On Wednesday, the Washington House’s Technology & Economic Development Committee held a hearing on an Internet provider privacy bill introduced by Rep. Drew Hansen, D-Bainbridge Island. Seventy-five out of the House’s 99 representatives — from far right to moderate to far left — have signed on in support of the bill.
“A lot of our constituents are upset about this privacy issue,” said Rep. Terry Nealey, R-Dayton.
Gov. Jay Inslee and Attorney General Bob Ferguson also support the bill. “The absence of a federal law of privacy protection is a real problem. The question is whether the state should jump in right now. … The state of Washington needs these privacy protections,” Inslee said late last week. Inslee voiced skepticism about the ability of a fractured Washington D.C. to reinstate such a privacy law in the foreseeable future.
Meanwhile, Ranker introduced a similar bill in the Senate with 35 out of 49 state senators signing on to it. Fourteen Republicans, including Senate Majority Leader Mark Schoesler, R-Ritzville, do not support the bill. Ranker said Schoesler refused to approve a hearing for his bill. Schoesler and the 13 other Republicans have the political power to keep either bill from a Senate floor vote.
House Speaker Frank Chopp, D-Seattle, wants the legislation passed this session. However on Monday, Schoesler contended the two bills have been introduced too late in the session to be properly vetted and discussed.
“You don’t do a thing like this at the drop of the hat over the headline in one newspaper,” Schoesler said, referring to the Washington Post. Schoesler downplayed the numerous Republicans who signed up in support of the two bills. “Signing a bill and a bill passing are two separate ideas,” he said.
Hansen’s bill calls for Internet service providers to:
- Provide notice and to obtain users’ consent to use, disclose or permit access to certain customer information.
- Provide notice of privacy policies and to take reasonable data security measures.
- Notify customers following a data breach.
Hansen said his bill targets Internet service providers because people have little or no choice in selecting their ISP. His bill does not address corporations such as Google, Facebook and Yahoo because people don’t pay to use them, while ISP costs are normally passed on somehow to the users, he said. Consequently, an ISP has revenue from its users while also having the potential to sell its collected information on the same users, which Hansen described as a form of “double-dipping.” Also, users have the options of not using the likes of Google, Facebook and Yahoo, he said.
While ISPs have assured Hansen that they don’t plan to sell information from their users, he does not trust them not to eventually do so.
On Wednesday, the American Civil Liberties Union, Electronic Rights Rainier, the Washington Low-Income Housing Alliance, labor organizations, Tacoma Public Utilities and the state government’s Office of Privacy supported Hansen’s bill.
Alex Alden of the Office of Privacy noted that different ISPs have different rules regarding protecting users’ privacy. “We don’t have uniform practices across the industry. … Privacy is in the constitution of Washington state. We’re one of the few states that have privacy as a foundation of our constitution,” he said.
Joe Kendo, representing the Washington State Labor Council, argued that working-class people have little choice in picking their ISPs in an age where everyone uses the Internet for day-to-day living, and risk their personal information being sold without their consent or knowledge. “I don’t believe my members have to give up their privacy to access these basic human needs,” he said.
The Pacific Technological Alliance, the Washington Technology Industry Association, TechNet, CompTia, the Association of Washington Business and the Broadband Communications Association of Washington testified against the bill. While they did not testify Wednesday, representatives of Sprint, Verizon, AT&T and CenturyLink wrote on a sign-in sheet that they opposed Hansen’s bill.
Their opposition revolves around a lack of time to vet and discuss the bill, plus fears of each state setting up its own and different rules on Internet privacy — making it hard for businesses to comply.
“It is unclear how the bill will protect my privacy as a citizen of Washington,” said Michael Schutzler of Washington Technology Industry Association. He noted that different Internet service providers and corporations serving Washington have headquarters in other states. “This is really a federal issue. A federal standard would be better than a state patchwork of standards.”
Bob Battles of the AWB said called these complicated issues that require “more than a day and a hearing.”
“The whole debate on privacy is in the context of how we classify Internet services,” said Ron Main of the Broadband Communications Association of Washington.
Rep. Norma Smith, R-Clinton, questioned some of the testifying lobbyists Wednesday about their commitment to having a federal law — instead of many state laws — covering this topic. She asked a few whether their organizations and companies lobbied to to keep the nationwide privacy rules intact when Trump and Congress eliminated them. They did not answer that question.
Hansen and Ranker said many of corporations calling for a federal internet privacy law — instead of many state internet privacy laws — actually lobbied for the elimination of those federal regulations when Congress addressed the matter.
Ranker said he is coordinating efforts among the 27 states coming up with their own ISP privacy bills to try to make sure all of them create similar, if not identical, laws. Ranker also voiced concern about the lobbying power of the telecommunications industry and business interests killing this effort in Washington. The House technology committee expects to put some changes into Hansen’s bill, and expects to hold another yet-to-be-scheduled hearing prior to sending it to a full floor vote in the House.
