Letter for the Record: Innovation, Data, and Commerce Subcommittee Hearing on Data Privacy

View PDF of letter here.

Dear Chair McMorris Rodgers, Ranking Member Pallone, Chair Bilirakis, and Ranking Member Schakowsky,

On behalf of The Leadership Conference on Civil and Human Rights, a coalition charged by its diverse membership of more than 230 national organizations to promote and protect the rights of all persons in the United States, we thank you for the opportunity to submit our views regarding online privacy. We ask for this letter to be entered into the record of the Innovation, Data, and Commerce Subcommittee hearing titled “Promoting U.S. Innovation and Individual Liberty Through a National Standard for Data Privacy” on March 1, 2023.

Technological progress should bring greater safety, economic opportunity, and convenience to everyone. And the collection of demographic data is essential for documenting persistent inequality and discrimination. But just as technology has created immense positive value by creating economic opportunities, facilitating civil rights advocacy, and adding new voices to our culture and public debate, it can also enable discriminatory conduct and give new tools to powerful institutions to entrench and exacerbate existing disparities. In 2014, The Leadership Conference, along with 14 signatories, released the “Civil Rights Principles for the Era of Big Data,” (civil rights principles) calling on the U.S. government and businesses to respect and promote equal opportunity and equal justice in the development and use of data-driven technologies.[1] While the terminology has shifted from “big data” to “AI,” the issues remain the same and the threats technology can pose to civil rights have only grown. Recognizing this increased urgency, as well as the growing disparity between the vast amount of personal data available to companies, and the tiny amount of information available to the public about how companies are using it, in 2020, The Leadership Conference, along with a number of advocacy and civil rights organizations, released updated civil rights principles.[2] Those principles include ending high tech profiling; ensuring justice in automated decisions; preserving constitutional principles; ensuring that technology serves people historically subject to discrimination; defining responsible use of personal information and enhancing individual rights; and making systems transparent and accountable.

Today, tens of millions of people are without any kind of legal protections for their personal data.[3] They are discriminated against in housing, employment, credit, education, finance, and other economic opportunities, and they are left in the dark about how their personal data is used.[4] As we have told this committee on multiple occasions, privacy rights are civil rights.[5] Well-drafted comprehensive federal consumer privacy legislation like the American Data Privacy and Protection Act (ADPPA) introduced in the last Congress will protect civil and human rights; empower communities of color; ensure opportunities are open for marginalized populations; and ensure that companies, including “Big Tech,” are held accountable for the data they collect and use, especially when those actions impact individuals’ lives.

The ADPPA, as it was voted out of the committee last Congress, contained important provisions that served to address these issues. The legislation prohibited the use of personal data in a discriminatory manner in the provision of goods or services on the basis of protected characteristics and ensured that these protections would be incorporated into the sectors that need them most through requirements to test algorithms for bias and measure potential impacts on equal access to and eligibility for housing, employment, credit, education, insurance, health care, and public accommodations. It also preserved state civil rights laws and other types of state laws that are important for the protection of consumers and marginalized communities. Strong data minimization requirements found in ADPPA further protected the rights of individuals by limiting potential data surveillance.

Under the bill, consumers would have been able to hold companies accountable for data misuse through a private right of action. The Federal Trade Commission was given enforcement authority, and attorneys general and privacy agencies in every state in the country were empowered to enforce ADPPA. Through these three layers of enforcement, consumers and our institutions would have been able to effectuate meaningful change and hold bad actors accountable.

These provisions are a key reason why The Leadership Conference endorsed the ADPPA. Any privacy legislation moving forward must include a prohibition on the use of personal data in a discriminatory manner in the provision of goods or services on the basis of protected characteristics, the preservation of state civil rights laws and other types of state laws important for the protection of consumers, data minimization requirements, a private right of action, and enforcement authority across the federal government and state governments.

We stand ready to work with Congress on policies that will protect civil rights, prevent unlawful discrimination, and advance equal opportunity. Should you require further information or have any questions regarding this issue, please feel free to contact Jonathan Walter, media and tech policy counsel, at [email protected], Frank Torres, civil rights technology fellow, at [email protected], or Anita Banerji, senior director of the media and tech program, at [email protected].

Sincerely,

Jesselyn McCurdy
Executive Vice President of Government Affairs