May 24, 2018

If Companies Can Protect User Data in Europe, They Can Protect It Everywhere

Public Citizen and Center for Digital Democracy Release Sign-on Letter Urging Companies to Adopt Europe’s New Data Protection Rules

WASHINGTON, D.C. – U.S. companies should adopt essentially the same data protection rules that are poised to go into effect in the European Union on May 25, Public Citizen, the Center for Digital Democracy and Privacy International said today.

In a sign-on letter, 28 groups are calling on some of the world’s largest companies – including Facebook, Google and Amazon, as well as digital advertisers like Nestle, Walmart and JPMorgan Chase – to use the core elements of Europe’s impending General Data Protection Regulation (GDPR) regime as a baseline standard worldwide for all of their services, including in the U.S.

“Strong privacy standards should apply to everyone who uses online platforms and services no matter where they live,” the letter states. “We envision a digital economy that safeguards individual privacy, advances fairness and provides equal opportunity for all. The unfettered collection and use of personal data threatens this future.”

The GDPR places limits on the gathering and use of personal data and establishes clear responsibilities for companies that collect it, as well as clear rights for people whose data is gathered. It aims to give individuals control over their data.

“Since you will be providing these protections for hundreds of millions of people in Europe, there is no question that you are capable of applying the same protections worldwide,” the letter states. “We insist that you do.” “Proclamations about the ‘death of privacy’ are misguided. As the European Union demonstrates, governments can protect privacy if they have the will to do so – and companies can and will adapt. Now it’s time for Facebook, Google and other businesses to stop exploiting Americans and provide the same privacy guarantees that the E.U. has mandated be provided Europeans,” said Robert Weissman, president of Public Citizen.

“U.S. consumers and citizens do not currently enjoy effective privacy protection. It becomes increasingly clear each day that this is bad for us both individually and collectively, and harms our democracy and economy, too. It is time for U.S. companies to step up and provide us with real privacy protections. The GDPR offers an effective model. We see no reason why U.S. companies, as they strive to comply with the new European policies, cannot extend the GDPR standard to American consumers,” said Katharina Kopp, director of policy for the Center for Digital Democracy.

“Privacy is a universal human right and the new European data privacy regulation provides a baseline standard for strong data privacy. As more and more data is generated and collected by the devices we carry and by the environments in which we live and work, companies should be upping data privacy protections and rights for all users, rather than making the deliberate choice to have weaker standards for users based outside the E.U.,” said Ailidh Callander, Privacy International lawyer.

The letter is signed by 28 groups:

Access Now
Berkeley Media Studies Group
California Center for Rural Policy
Campaign for a Commercial-Free Childhood
Center for Digital Democracy
Color of Change
Constitutional Alliance
Consumer Action
Consumer Assistance Council, Inc.
Consumer Federation of America
Consumer Watchdog
Electronic Privacy Information Center (EPIC)
Essential Information
Future Wise
Government Accountability Project
Institute for Agriculture and Trade Policy
Media Alliance
National Association of Consumer Advocates
National Consumer Law Center (on behalf of its low-income clients)
Oakland Privacy
Privacy International
Privacy Rights Clearinghouse
Public Citizen
Trade Justice Alliance
U.S. PIRG
World Wide Web Foundation
X-Lab
Yale Privacy Lab

Public Citizen is a national, nonprofit advocacy organization that has been standing up to corporate power and holding government accountable for 47 years.

The Center for Digital Democracy (CDD) is recognized as one of the leading consumer protection and privacy organizations in the United States. Since its founding in 2001 (and prior to that through its predecessor organization, the Center for Media Education), CDD has been at the forefront of research, public education, and advocacy protecting consumers in the digital age.

Privacy International is an international rights organization that fights for the right to privacy globally.

###