Sen. Ron Wyden, Oregon Democrat, is proposing new data privacy legislation that would restrict the export of Americans’ data to certain countries where that information poses a national security risk to the United States.
“Shady data brokers shouldn’t get rich selling Americans’ private data to foreign countries that could use it to threaten our national security,” Mr. Wyden said in a statement. “My bill would set up common sense rules for how and where sensitive data can be shared overseas, to make sure that foreign criminals and spies don’t get their hands on it.
Mr. Wyden’s “Protecting Americans’ Data from Foreign Surveillance Act” would direct the secretary of commerce to lead a regular federal review of what type of data could harm national security. Under Mr. Wyden’s proposal, the secretary of commerce would also create a list of countries that could have access to Americans’ personal data and to require licenses for the export of personal data in bulk.
The new data privacy proposal comes as public attention to concerns about Americans’ personal data spreading online have grown amid the distribution of information taken from large tech platforms, such as Facebook and LinkedIn.
Massive datasets — including information on hundreds of millions of users — have become more widely available online in recent weeks with data taken from Facebook, LinkedIn, and other places, including the invite-only social networking app Clubhouse.
The data collection from the social networks in the datasets looks to be the result of scraping and not hacking. Whereas federal law prohibits unauthorized access, or hacking, to a computer, scraping runs afoul of tech companies’ rules. Scraping involves using automated software tools to take data from websites, and it is not necessarily illegal.
Scraped data is valuable to many different consumers, particularly marketers and others engaged in online surveillance. For example, Chinese technology company, Shenzhen Zhenhua Data, has surveilled the social media profiles of tens of thousands of Americans and gathered information on their locations and personal and professional relationships, according to American researcher Christopher Balding and Australian cybersecurity firm Internet 2.0.