Facebook has already been used thousands of times to catch crooks, nab cheating spouses, deny college applicants, and fire wayward employees. And that's before it has started allowing outside corporations to mine the nearly 3 billion bits of data it gathers every single day.
Imagine the following scenarios:
Clicked Like on all those "Fast and the Furious" movies? Don't be surprised when your car insurance rates go up.
Joined a Google group for cancer survivors? Oops, your health insurance just got cancelled.
Tweeting about how depressed you've been lately? Get ready for an onslaught of Zoloft ads.
There are precious few laws on the U.S. books protecting data privacy, but two of the most important ones are the Fair Credit Reporting Act (FCRA) and Fair and Accurate Credit Transactions Act (FACTA). These enable us to see what information consumer reporting agencies (CRAs) are collecting and how that data is used, and they provide the ability to correct information that's inaccurate. They also limit who credit bureaus like Experian and Equifax can sell your data to.
The story of how these laws came about is telling. Per the Electronic Privacy Information Center's history of the FCRA:
By the late 1960s, there was abuse in the [CRA] industry, including requirements that investigators fill quotas of negative information on data subjects. To do this, some investigators fabricated negative information, others included incomplete information. Additionally, the investigators were collecting "lifestyle" information on data subjects, including their sexual orientation, marital status, drinking habits, and cleanliness.
Sound familiar? Only in the case of Facebook, the "investigators" are us.
The FCRA and FACTA are hardly perfect, and consumer reporting agencies have done everything in their power over the years to weasel their way around them. But we're still better off with them than without.
So my proposal is simple: Treat Facebook, Google, Twitter, and other data-sucking Web giants the same way we treat credit bureaus and consumer reporting agencies. Force them, as the EU does, to reveal exactly what information they collect about us. Tell us who else was given that information, and give us the opportunity to limit who gets to see the goods.
The Facebooks and Googles of the world aren't going to do this voluntarily. Somebody needs to force their hand -- even if it has to be those digital dinosaurs mired inside the Beltway tar pits.
Rather than waste huge amounts of time and effort writing laws that benefit a fortunate few (like, say, the content cartel), why not create a data privacy law that benefits us all? Is that too much to ask?
Do we need data privacy laws? Cast your vote below or email me: email@example.com.
This article, "It's time to regulate Facebook," was originally published at InfoWorld.com. Follow the crazy twists and turns of the tech industry with Robert X. Cringely's Notes from the Field blog, and subscribe to Cringely's Notes from the Underground newsletter.