Policy Arm of Preeminent Computing Association Calls on Congress to Enact Comprehensive Consumer Privacy Protections

Legislators Urged to Limit Data Collection, Bar Use of Unlawfully Collected Data, and Assure Public Understands How Data Is Used, Says US Technology Policy Committee of Association for Computing Machinery


Washington, DC, July 2, 2018—The Association for Computing Machinery’s US Technology Policy Committee (USACM) today made detailed recommendations to Congress for protecting personal privacy in the wake of the Facebook/Cambridge Analytica controversy. USACM’s statement was submitted to the Senate Commerce Committee’s Subcommittee on Consumer Protec­tion, Product Safety, Insurance, and Data Security for inclusion in the record of the Subcommit­tee’s June 19 hearing entitled “Cambridge Analytica and Other Facebook Partners: Examining Data Privacy Risks.”

Given the significance and breadth of the privacy and ethical shortcomings at the core of the Cambridge Analytica matter, USACM’s statement urges lawmakers to act now to protect the public good and the integrity of the democratic process by addressing serious technical and ethical issues raised by the Facebook/Cambridge Analytica matter. Specifically, USACM members recommend that Congress draft and adopt comprehensive personal privacy protection legislation extending beyond social media to meet nine critical goals:

  1. Limit collection and minimize retention of personal data
  2. Clarify and simplify user consent processes and maximize user control of data
  3. Simplify data sharing policies and assure transparency in data flows
  4. Clearly define and disclose data ownership terms and attendant rights
  5. Adopt and enforce data security practices commensurate with risk
  6. Require clear, fair, and responsible data access, retention, and disposal policies
  7. Codify appropriate and meaningful oversight of third party developer platforms (API)
  8. Enable and support legitimate and appropriately overseen platform research
  9. Measure the actions and omissions of companies and other personal data collectors against all appropriate ethical standards, including ACM’s Code of Ethics (updated 2018), which makes the public good and avoiding harm overarching priorities, and urges professionals and organizations to respect privacy at every stage of the development of online platforms, applications and other tools

Lead statement author Lorraine Kisselburgh notes that, “Although data privacy is a difficult problem across many industries, the social media context creates unique challenges. Inherent data sharing among websites and apps that provides transparent interoperability for internet users also creates critical challenges for securing data privacy.”

“The profound problems highlighted so starkly by the Cambridge Analytica case were both technical and ethical,” added cybersecurity expert and USACM Chair Stuart Shapiro. “USACM has deep expertise in both spheres and looks forward to serving as an apolitical resource for Congress in pursuit of solutions.”

Jim Ormond

Adam Eisgrau
Director of Global Policy and Public Affairs

Printable PDF File