Skip to main content

Congress wants to regulate tech

January 8, 2019 | Expert Insights

The newly installed U.S. Congress is expected to see a fresh effort to develop new regulations for big technology firms, with a focus on tougher enforcement of privacy and data protection.


The United States Congress is the bicameral legislature of the Federal government of the United States. The legislature consists of two chambers: The House of Representatives and the Senate. The Congress was created by the Constitution of the United States and first met in 1789, replacing in its legislative function the Congress of the Confederation.        

Article 1 of the US constitution grants the Congress all the legislative powers in the state to the House of Representatives and the Senate. The House and Senate are equal partners in the legislative process—legislation cannot be enacted without the consent of both chambers. However, the Constitution grants each chamber some unique powers. The Senate ratifies treaties and approves presidential appointments while the House initiates revenue-raising bills.

The One Hundred Sixteenth United States Congress is the current meeting of the legislative branch of the Federal government of the United States, composed of the United States Senate and the United States House of Representatives, meeting in Washington, D.C., from January 3, 2019, to January 3, 2021.


The wave of data scandals that have hit Facebook and other online platforms has prompted growing calls for action by lawmakers looking to curb abuses of how private information is used and give consumers more clarity.

Significantly, most tech companies are pledging to willingly accept new regulations to set a uniform standard in the United States following a sweeping set of rules that went into effect in the European Union in 2018, although few have offered details.

Federal regulations could pre-empt the enforcement of legislation enacted in California, which was modelled after the EU’s General Data Protection Regulation.

The analyst said he expects the U.S. to consider “the most important points” of GDPR, including consent, access, portability and erasure of personal information.

Sen. Brian Schatz and 14 other Democrats have endorsed a bill aimed at requiring online firms to safeguard personal information and stop the misuse of data.

“People have a basic expectation that the personal information they provide to websites and apps is well-protected and won’t be used against them,” Schatz said in a statement last month.

“Just as doctors and lawyers are expected to protect and responsibly use the personal data they hold, online companies should be required to do the same.”

Another proposal unveiled in December by the Center for Democracy & Technology, a digital rights group in Washington, in consultation with industry and activist groups, covers consumers’ rights to access and correct data held by online firms, data portability, and limits on third-party access to data.

Significantly, it limits the kinds of data that companies can collect to what is needed for their services.

“Many apps collect your location information even if it has nothing to do with the service they are providing,” said Michelle Richardson, head of data and privacy for the organization. “We want to fundamentally change how companies collect and use data.”

Since the revelations over the hijacking of personal data of tens of millions of Facebook users by the political consultancy Cambridge Analytica, tech firms have come under heightened scrutiny from lawmakers and privacy activists.

Instead of pushing back, big tech firms have offered to cooperate with lawmakers on a national privacy bill — although sceptics say this may be an effort to limit the reach of tougher state laws.

Yet details of any new privacy bill are likely to be complex, with battles looming on how far legislation should go. Analysts say requiring “opt in” consent for any type of data could have unintended consequences — hurting innovation and strengthening the biggest firms that have the resources to comply.


Our assessment is that with the recent scandals at Facebook and Google, the US Congress wants a tighter grip over the big tech companies to prevent personal user data leaks in the future. We believe that this is a step in the right direction provided Congress does not violate the rights of the end users and the companies themselves.