Back to General Resources

Senate Banking Committee Hearing on Data Ownership

Senate Banking Committee

“Data Ownership: Exploring Implications for Data Privacy Rights and Data Valuation”

Thursday, October 24, 2019

Key Topics & Takeaways

  • Data as Property: Chairman Crapo (R-Idaho) asked about the costs of establishing data ownership. Rinehart, American Action Forum, replied that consumers benefit from the services that are enabled by data collection and warned that if property rights are established in which individuals must opt-in to use innovative services, these services might never be created in the first place.
  • Benefits of Data Collection: Sen. Pat Toomey (R-Pa.) said he is sympathetic to arguments for greater transparency and consumer choice with respect to their data but argued that consumers are compensated for their data through the services and benefits the data enables. Rinehart agreed, pointing to the benefits of services such as internet searches, mapping and social media and saying that losing these benefits would have significant costs for consumers. He said consumers benefit from the use of their data in “implicit ways,” which makes valuation of data difficult.
  • Federal Preemption of State Laws: Sen. Thom Tillis (R-N.C.) stated that if Congress cannot come up with a federal solution that deals with data breach, data privacy and data ownership, then this would lead to patchwork of state laws that challenges innovation.

 Witnesses

  • Jeffrey Ritter, Founding Chair, American Bar Association Committee on Cyberspace Law
  • Chad Marlow, Senior Advocacy and Policy Counsel, American Civil Liberties Union
  • Will Rinehart, Director of Technology and Innovation Policy, American Action Forum
  • Michelle Dennedy, Chief Executive Officer, DrumWave Inc.

Opening Statements

Chairman Mike Crapo (R-Idaho)

In his opening statement, Crapo noted that the increasingly digital economy means that more personal information is available to companies than ever before and data is being collected, processed, analyzed and shared for all kinds of purposes. He said there are many questions about what data is collected, how it is collected, with whom it is shared and how it is used, and that individuals need real control over their personal data. Crapo stated that there is debate on the concept of data ownership and on the value of individuals’ personal data, and noted Sen. John Kennedy’s (R-La.) S.806, the  Own Your Own Data Act and Sen. Mark Warner’s (D-Va.) S.1951, the Designing Accounting Safeguards To Help Broaden Oversight and Regulations on Data (DASHBOARD) Act.

Ranking Member Sherrod Brown (D-Ohio)

In his opening statement, Brown argued that the business models of companies in Silicon Valley depend on accessing and using personal data, which means “more money in their pockets and everyone else gets hurt.” He said Americans should have more control over their personal information. Brown expressed his skepticism of treating data like personal property, suggesting this only shifts the burden of protecting privacy to working people. Instead, he said “we need to find a way” to prevent corporations from mining data and selling it to each other. Brown concluded that privacy is not a partisan issue but rather a basic right.

 Testimony

Jeffrey Ritter, Founding Chair, American Bar Association Committee on Cyberspace Law

In his testimony, Ritter said the time is long overdue for Congress to develop comprehensive privacy reform, stating that the U.S. has been relegated to “playing catch-up” with Europe. He said ownership of digital information is a fundamental question to consider in privacy law, and that the U.S. can reestablish its leadership by confronting this difficult question. Ritter warned that failing to address data ownership in privacy reforms will further isolate the U.S. from global momentum and would allow for rules on data as property to be written by others.

Ritter commented that realistically, the first owner of personal data would be the business entity with which the data subject is engaged, such as a bank, broker or hospital, as their systems create control over the personal data. However, he stressed that recognizing data ownership as such would not remove or diminish individuals’ rights and controls, and that clear ownership would actually make it easier to enforce such controls.

Chad Marlow, Senior Advocacy and Policy Counsel, American Civil Liberties Union

In his testimony, Marlow noted that 11 states have pursued or introduced laws classifying data as property, but that ultimately all these states’ efforts came to the same conclusion that the data as property model was “not pro-privacy at all.” He explained that such an approach could leave individuals with less wealth with less privacy while the wealthy could afford to keep their privacy, which would expand economic divides. He added that this model would also require unique tracking identifiers for all data to enforce ownership controls.

Marlow then pointed to two states, California and Maine, that enacted data privacy laws without treating data as property. He said these efforts should be studied, replicated and improved upon, and he argued that they should not be preempted by Congress.

Will Rinehart, Director of Technology and Innovation Policy, American Action Forum

In his testimony, Rinehart said he was skeptical that data property rights are the best way to ensure that privacy is secured. He explained that a property right is not needed to establish consumer privacy rights and that it would be economically inefficient. Additionally, Rinehart contended that valuing personal data is difficult because the raw data itself it not what is in demand, but rather the insights gleaned from data. Rinehart also noted that regardless of the policy mechanism chosen, privacy laws will create unavoidable compliance costs that would impact investment opportunities in many industries.

Michelle Dennedy, Chief Executive Officer, DrumWave Inc.

In her testimony, Dennedy commented that Europe has been leading the way in data privacy for years. She stated that data privacy is a hard issue, but that there must be a way to functionalize it. She said some aspects of tangible property rights might work but that constructs of intellectual property such as shared rights, copyrights and brands would be better.

Question and Answer

GDPR

Crapo asked how the concept of data ownership is addressed in the European Union’s General Data Privacy Regulation (GDPR). Ritter answered that ownership as a legal concept is not addressed in the GDPR, but that this would help with enforcement. He said the GDPR did help with transparency and awareness of data privacy rights.

Data as Property

Crapo asked about the costs of establishing data ownership. Rinehart replied that consumers benefit from the services that are enabled by data collection and warned that if property rights are established where individuals must opt-in to use innovative services, these services might never be created in the first place. Marlow said data ownership comes up because most Americans understand the concept of property rights, but he pointed to other rights, such as to speech or voting, that are not owned by individuals.

Kennedy insisted that data originates with consumers and suggested that a rule could be put in place that establishes individuals’ rights over data and requires any sharing to be “knowing and willful.”

Sen. Martha McSally (R-Ariz.) expressed her concern over socioeconomic divides that would arise if the data as property model leads to some people being able to afford to keep their privacy while others could not.

Brown asked whether a system of data ownership could create a world where the rich can keep their data private while others sell their information. Ritter commented that underprivileged or disadvantaged people would be more likely to sell their data, and Marlow questioned whether such a model would be wanted.

Transparency

Warner said there are tensions with the traditional ownership model, and instead focused on transparency that lets Americans understand what information is being collected, who it is offered to, and what it is worth. He asked if such transparency would be a good thing. Dennedy answered that there is a great deal to be “gleaned, earned and profited by” through greater transparency, which could also help create markets for data and to understand its value.

McSally asked if transparency is a solution to help people understand what information is being collected and analyzed. Marlow replied that privacy is not about secrecy, but choice, and that consumers should be able to make well-informed choices about their data.

Benefits of Data Collection

Sen. Pat Toomey (R-Pa.) said he is sympathetic to arguments for greater transparency and consumer choice with respect to their data but argued that consumers are compensated for their data through the services and benefits the data enables. Rinehart agreed, pointing to the benefits of services such as internet searches, mapping and social media and saying that losing these benefits would have significant costs for consumers. He said consumers benefit from the use of their data in “implicit ways,” which makes valuation of data difficult.

Federal Preemption

Sen. Thom Tillis (R-N.C.) stated that if Congress cannot come up with a federal solution that deals with data breach, data privacy and data ownership, then this would lead to patchwork of state laws that challenges innovation. He asked whether any of the witnesses think federal preemption is a bad idea. Marlow said any action by Congress should establish a floor for data privacy protection, rather than a ceiling that undoes higher protections implemented by individual states. Ritter countered that uniformity is needed and having 50 different state rules would be adverse to the people’s interests.

For more information on this hearing, please click here.