House Committee Tougher On Mark Zuckerberg, But Regulation Seems Unlikely

Mark Zuckerberg's second day before Congress was somewhat more contentious than the first, but at the end of the day it's still unclear that more regulation is the answer to the issues raised by recent Facebook "scandals."

After what pretty much everyone agreed was a rather pointless and unproductive round of questioning on Tuesday by a joint Senate committee, Facebook founder and CEO Mark Zuckerberg faced somewhat tougher questioning on the other side of the Capitol Building, but still managed to do an effective job of pushing back against Members of Congress questioning him about the rash of data sharing scandals that have surrounded his company:

WASHINGTON — After two days and more than 10 hours of questioning of Mark Zuckerberg, the Facebook chief executive, there was widespread consensus among lawmakers that social media technology — and its potential for abuse — had far outpaced Washington and that Congress should step in to close the gap.

But the agreement largely ended there. For lawmakers, the calculus is tricky: They do not want to infringe on First Amendment rights or hurt Silicon Valley innovation but are also unsure how to regulate this new breed of company, which wields enormous power by collecting vast amounts of private data from billions of consumers.

“While Facebook has certainly grown, I worry it has not matured,” said Representative Greg Walden, Republican of Oregon and the chairman of the House Energy and Commerce Committee. “I think it is time to ask whether Facebook may have moved too fast and broken too many things.”

Mr. Zuckerberg, composed but noncommittal about making any sweeping privacy changes, conceded that it was “inevitable that there will need to be some regulation.”

The growing calls for regulation — and the two days of congressional hearings — were prompted by revelations that Facebook failed to protect the sensitive data of as many of 87 million users from being harvested, without their explicit permission, by Cambridge Analytica, a political consulting firm linked to the Trump campaign. But lawmakers’ concerns extended beyond that breach to the business of Facebook itself, a free social network that profits by collecting data from its users and selling advertising that is informed by that data.

“The American people are concerned about how Facebook protects and profits from its users’ data,” Mr. Walden said. “Does Congress need to clarify whether or not consumers own or have any real power over their online data?”

Whether Congress can actually mobilize to put new controls into place is an open question. This week, two privacy bills were introduced to coincide with the hearings. One would make it harder to collect data on students who use classroom technology like tablets and laptops. Another would require companies to obtain clear permission from users before collecting and sharing their data.

At least three lawmakers have said privately that they are drafting new privacy laws for internet companies. Representative Marsha Blackburn, Republican of Tennessee, for instance, is pushing a bill she introduced last year that would require broadband providers and internet companies like Facebook to get permission before sharing user data. And late Wednesday, Facebook said it would no longer back the opposition to the California Consumer Privacy Act, a state ballot measure meant to offer consumer protections for personal information.

House members repeatedly pummeled Facebook over its user settings, many of which are currently set to share information — and not to keep that data private — by default. By contrast, European rules that will take effect next month are expected to push companies to make privacy the default option.

On Wednesday, Ms. Blackburn pressed Mr. Zuckerberg about whether he would support her legislation, asking: “Who do you think owns an individual’s presence online? Who owns their virtual you? Is it you or is it them?”

With more contrition and promises to work harder to protect consumers, Mr. Zuckerberg stayed close to the prepared talking points he has used since the breach came to light. “It will take some time to work through all of the changes we need to make, but I’m committed to getting it right,” he said.

Mr. Zuckerberg also revealed that his own personal data had been compromised by third-party actors, though he did not identify which company was responsible. He said Facebook was considering legal action against Cambridge Analytica.

His testimony did little to mollify lawmakers, who called for new regulations that would limit Facebook’s ability to collect data on users without permission and to make privacy policies clear to better empower consumers.

“This incident demonstrates yet again that our laws are not working,” said Representative Frank Pallone Jr. of New Jersey, the top Democrat on the House committee.

Despite the consensus that legislation is needed, there is no clear path forward on any of the proposals. The regulation most likely to pass after the hearings is a Senate bill that would require social media companies to disclose funding of political ads on their sites.

Facebook and Twitter have recently announced their support of the bill, called the Honest Ads Act, which is modeled after disclosure rules for broadcasters. Several internet companies, including Facebook, had lobbied aggressively to defeat any new rules for online political ads, but have since changed their positions.

For many lawmakers, even defining what Facebook is and how to place it within the regulatory ecosystem was a challenge.

“What exactly is Facebook?” Mr. Walden asked, listing industries like advertising, publishing and even telecommunications, asking whether the company was a “common carrier in the information age.”

The definitions matter. If Facebook is viewed as a telecommunications service that is more like a utility, it may be regulated by the Federal Communications Commission. If lawmakers define Facebook as a publisher, it could also fall under regulations at that agency.

(…)

On Wednesday, House lawmakers from both parties took an aggressive stance toward Mr. Zuckerberg, pointing fingers, interrupting and chastising him for repeated failures — and apologies — over privacy.

Representative Jan Schakowsky, Democrat of Illinois, used a sizable chunk of her limited speaking time to list Mr. Zuckerberg’s past apologies.

Representative Bobby L. Rush, Democrat of Illinois, repeatedly pointed a finger at Mr. Zuckerberg when asking, in a raised voice, “Why is the onus on the user to opt in to privacy and security settings?”

Representative John Sarbanes, Democrat of Maryland, cut off Mr. Zuckerberg several times as he tried to answer a question about Facebook employees who sit with political campaigns as “embeds” and seek to get the campaigns to use the site for advertising.

The second day of marathon hearings came after more subdued questioning from the Senate. But some key Republican senators also signaled a desire for regulations on Silicon Valley.

Senator Lindsey Graham, Republican of South Carolina, said after the hearing on Tuesday that Facebook was a “virtual monopoly” and that “continued self-regulation is not the right answer when it comes to dealing with the abuses we have seen on Facebook.”

The hearings also revealed lingering suspicion of Facebook among Republicans. Out in the hall during a break in the hearing, Representative Billy Long, Republican of Missouri, expanded on his remarks about Facebook’s treatment of Diamond and Silk, two pro-Trump video personalities who have complained about being censored by the platform. The online personalities were brought up numerous times on Wednesday.

“It seems like they take down a lot more conservative content than they do liberal,” Mr. Long said.

The tougher questions that Zuckerberg faced in the House are in some sense reflective of the differences between the House and the Senate. Unlike many of the Senators who questioned Zuckerberg on Tuesday, all of the House members who were involved in yesterday’s committee hearing will be up for re-election in the fall unless they are retiring. Therefore, they are conditioned to be more sensitive to issues that could potentially be on the minds of voters during both the primary season and the General Election. Additionally, due in no small part to the fact that they are generally younger than their Senate counterparts, the members of the House Energy And Commerce Committee seemed far more adept at understanding the technological and other issues implicated by the revelations. This includes not just the question of whether regulation is appropriate, but whether that regulation can even be successful when dealing with technology that has shown itself to be difficult to regulate, especially considering the fact that open access to the Internet is, in the end, something that the public clearly wants. While there may be some privacy issues that need to be addressed by Congress or the state legislatures, crafting legislation that would effectively deal with those issues without choking off innovation and growth of social media and other uses of the Internet.

In the short term, though, it seems clear, as Axios notes, that these two days of hearings have not really moved the needle on regulation or any proposed legislation, but these were the major themes that seemed to come out of the hearings:

The big themes:

  • Confusion over the digital ads ecosystem: It was clear from the questions that few lawmakers truly understand how data is used and shared between platforms, advertisers, data brokers and app developers. Several suggested that Facebook provides users’ personal data directly to advertisers, and off-point algorithm questions resulted in blank stares and stammers from a baffled Zuckerberg.
  • Conservative censorship: Republicans zeroed in on Facebook’s power to censor conservative voices, repeatedly bringing up the platform’s takedown of pro-Trump video duo Diamond and Silk and asking if Facebook has controls against internal bias. Zuckerberg said the company has made mistakes in reviewing content, but doesn’t think it censors political speech. (Axios’ Sara Fischer has more here.)
  • Artificial intelligence: Zuckerberg repeatedly said Facebook is developing AI-driven systems to identify fake news and inappropriate content, in addition to increasing its human review team. But no lawmakers pressed him on why it’s not a silver-bullet solution to rooting out nefarious content or preventing other types of bias in the review process.
  • Californians were aggressive: Lawmakers representing Facebook’s home state — like Sen. Kamala Harris and Rep. Anna Eshoo — had more aggressive and pointed lines of questioning than most of their colleagues, as if they were trying to avoid any appearance that they were giving Zuckerberg a free pass.
  • The trust gap: Even though regulation is not imminent, the lawmakers reminded Zuckerberg that the reason he was sitting in front of them is because they don’t trust him or Facebook to adequately protect consumers’ privacy. That’s why Zuckerberg kept apologizing for the “breach of trust” and said the company would be more responsible.

Zuckerberg had a better-than-expected performance. He confidently answered questions, patiently explained the same thing over and over, and was deferential yet decisive with critics. “I felt like he was very forthcoming,” said Walden minutes after Zuckerberg’s House appearance ended.

That last point is somewhat of a confusing one. Apparently, there were many political observers and pundits who somehow expected that Zuckerberg would end up falling all over himself in these hearings and end up doing more harm to his company than good. If that was the expectation going in, then it seems to me as though it was a rather idiotic idea from the start. For one thing, Zuckerberg himself is clearly neither a dumb person nor someone incapable of handling himself under pressure. He may not have graduated from Harvard, but then neither did Bill Gates and both men managed to create businesses worth billions of dollars that have had a real impact on the world. In Zuckerberg’s case, he’s taken an idea created in a Cambridge dorm room to a community of more than two billion people that, to the surprise of many, has become both a technological success and a successful revenue generating business. Additionally, he was obviously prepared for this testimony by a team of lawyers and other advisers, including the team of lobbyists and others that the company has built up in Washington, D.C. Anyone expecting that Zuckerberg would walk into either of the hearings this week and not do as well as he obviously did has no understanding of reality.

In any case, as I said yesterday it seems clear to me after just two days of hearings and weeks of revelations about how data that people have shared on Facebook and elsewhere online has been used by others that this is a far more complicated issue than the media coverage has made it out to be and that it’s naive to pretend that there are easy regulatory answers to the issues that it raises. One of the reasons for that is the simple fact that, in many cases, we’re talking about data and information that people want to share in some cases not just with family and friends but also with a wider circle that includes people they only know via online relationships or connections and even the public as a whole. At the same time, though, it’s not easy for the average user to fully understand just how available the things they share online actually are. In that regard, social media companies such as Facebook and Twitter ought to do a better job of explaining what happens to the data they share and how they can adjust any applicable privacy settings to control who gets to see what. It’s possible, for example, to adjust Facebook settings to control who can see what you post or your personal information, but how you go about doing that is often difficult to figure out even for someone such as me, who has been online in one form or another for more than twenty-five years. That can and should change even without regulation, and there are signs that this is likely to happen even without government regulation.

As far as regulation itself goes, there is arguably some room for that, especially when it comes to the role that social media outlets have come to play in the political process. The Honest Ads Act, which has been co-sponsored by Senators Mark Warner, Amy Klobuchar, and John McCain, would subject digital political ads to the same forms of regulation that ads on television and radio must currently comply with, update certain laws regulating elections to include digital communications within the definition of covered “communications, and would require digital platforms to take steps to ensure that foreign entities are not placing political ads on their sites that are then served to American users. It would also require sites such as Facebook to keep records of political ads, including who has paid for them and to make those records publicly available. Basically, it would mean that online political ads would have to contain the same disclaimers that traditional ads do. Both Facebook and Twitter have said they support this legislation and are already taking steps to comply with at least some of its requirements as we approach the 2018 midterm elections.

Beyond this, though, it’s unclear what types of regulation would be effective, or what adverse impact it might have on the development of online media and technology that ought to be avoided. As I said yesterday, in the end, much of the responsibility for how data is used online is something that the industry itself will need to figure out, largely because there is unlikely to be the kind of “one size fits all” approach that legislation and regulation takes. Additionally, users are going to need to become better educated about the impact of sharing things online and become more careful about what, and where, they post things that they wish to share with others. Washington and the state legislatures, perhaps, can help in this regard by focusing more on the consumer choice side of the issue than a more heavy-handed approach. Of course, that’s usually not how politicians and regulators think and that’s perhaps the best reason why they ought to think twice before rushing into an issue that they clearly still don’t understand.

FILED UNDER: Congress, Economics and Business, US Politics, , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Doug Mataconis
About Doug Mataconis
Doug Mataconis held a B.A. in Political Science from Rutgers University and J.D. from George Mason University School of Law. He joined the staff of OTB in May 2010 and contributed a staggering 16,483 posts before his retirement in January 2020. He passed far too young in July 2021.

Comments

  1. SKI says:

    Beyond this, though, it’s unclear what types of regulation would be effective, or what adverse impact it might have on the development of online media and technology that ought to be avoided. As I said yesterday, in the end, much of the responsibility for how data is used online is something that the industry itself will need to figure out, largely because there is unlikely to be the kind of “one size fits all” approach that legislation and regulation takes.

    Ummm…

    GDPR – or something very similar.

    The big tech companies are already having to deal with it and therefore can’t claim that it would be overly burdensome . It isn’t perfect and there will still be breaches but a US version would be something that (a) requires companies that collect data to put in place reasonable security structures to protect them, (b) requires explicit consent before collecting data on individuals, (c) requires consent before monetizing (aka selling) that data unless fully de-identified and (d) puts in real penalties for not being honest or reasonable in efforts to collect and protect data.

    Basically it requires transparency in terms of what is collected and what is done with it and requires reasonable security structures to be put in place as the cost of collecting individual data. We already have such rules in place for medical (HIPAA) and financial information (PCI). What possible reasonable argument could there be to not protect personal information as well?

    Doug, again you are saying “nothing is going to happen” without actually providing any explanation for why not. It can’t be because we have no reasonable model because they exist.

    Is it just political gridlock? Elections have a way of unlocking things from time to time. This November may be such a time.

    3
  2. SKI says:

    @SKI:

    [A] US version would be something that (a) requires companies that collect data to put in place reasonable security structures to protect them, (b) requires explicit consent before collecting data on individuals, (c) requires consent before monetizing (aka selling) that data unless fully de-identified and (d) puts in real penalties for not being honest or reasonable in efforts to collect and protect data.

    Oh, and gives individuals the right to (a) know what happened to their data and (b) have identifiers, or the data itself, removed.

    2
  3. grumpy realist says:

    OT, but I just had to guffaw at this report. Or are Argentinian mice slacker dudes and no one knew about it up to now?

  4. Kathy says:

    I don’t know exactly what Facebook, Google, Apple, etc. do with user data they collect. I know it’s used, in part, for advertising and “recommendations”, which I could care less about. But I assume it’s also sold and/or traded to third-parties, which includes but is not limited to advertisers.

    If so, then personal data is at least a kind of virtual raw material. That being the case, these companies ought to offer to pay for it. Sure, one can argue the “free” products they provide are “payment.” But I don’t think I buy that.

    Consider, how much would you pay for using Facebook if they charged you for it? Me, I’d be unwilling to shell out a penny.

  5. Gustopher says:

    Doug quoted from Axios:

    It was clear from the questions that few lawmakers truly understand how data is used and shared between platforms, advertisers, data brokers and app developers. Several suggested that Facebook provides users’ personal data directly to advertisers, and off-point algorithm questions resulted in blank stares and stammers from a baffled Zuckerberg.

    I don’t expect congress-critters to be experts in every field that comes up before them — they would be amazing renaissance men and women if they were.

    And, given the data that Cambridge Analytics had access to, its entirely reasonable to question whether the information is given directly by Facebook, or indirectly with poor controls, or what. Different online companies have very different protections for customer data.

    And, finally, where the fine folks at Axios saw a baffled Zuckerberg staring at clueless congress-critters, I saw a calm and crafty Zuckerberg trying to be technically accurate while not answering the questions.

    1
  6. PJ says:

    @Kathy:

    I don’t know exactly what Facebook, Google, Apple, etc. do with user data they collect. I know it’s used, in part, for advertising and “recommendations”, which I could care less about. But I assume it’s also sold and/or traded to third-parties, which includes but is not limited to advertisers.

    If so, then personal data is at least a kind of virtual raw material. That being the case, these companies ought to offer to pay for it. Sure, one can argue the “free” products they provide are “payment.” But I don’t think I buy that.

    Consider, how much would you pay for using Facebook if they charged you for it? Me, I’d be unwilling to shell out a penny.

    Do you sell the hen or the eggs?

    Google is selling the eggs, Facebook is selling the hen.

    You can’t get raw user data from Google, you can buy ads from them targeting very specific demographics, because they are selling the eggs and keeping the hen locked up.

    1
  7. Kathy says:

    @PJ:

    So Google sells ads and Facebook sells user data?

    Either way, they ought to pay for the data they use. I wonder how much an average person’s data is worth? I’m sure there’s added value in what Facebook sells .

  8. Scott says:

    Conservative censorship: Republicans zeroed in on Facebook’s power to censor conservative voices, repeatedly bringing up the platform’s takedown of pro-Trump video duo Diamond and Silk and asking if Facebook has controls against internal bias. Zuckerberg said the company has made mistakes in reviewing content, but doesn’t think it censors political speech.

    I know that conservatives love to be persecuted and constantly whine about their grievances but apparently the Diamond and Silk meme is questionable.

    https://www.thedailybeast.com/diamond-and-silk-claim-facebook-never-contacted-them-facebook-emails-prove-otherwise

  9. Eric Florack says:

    You know, they said that if the Democrats weren’t in control of Congress and the White House that the internet would be censored for political purposes.

    Hmmm

  10. Just 'nutha ig'nint cracker says:

    @Kathy: The fact that you are not willing to pay for the service–but still want to use the technology–is the reason that they get users to agree to allow the service to “use” information, in essence, as payment in trade for the use of the technology.

    but I’m committed to getting it right,

    By which Zuckerberg means that he intends to cover his company’s tracks better in the future.

    Also, kudos to the poster with the selling the hen or the eggs analogy. Very good comparison, I think.

  11. Tyrell says:

    How many members of Congress have received donations from Facebook?
    Which government agencies have been using the Facebook information?