The Week in Tech: Huge Fines Can’t Hide America’s Lack of a Data Privacy Law


ImageJoseph J. Simons, chairman of the Federal Trade Commission, has said the lack of consumer privacy law makes it hard to prove that someone has been harmed by misuses of data.
Joseph J. Simons, chairman of the Federal Trade Commission, has said the lack of consumer privacy law makes it hard to prove that someone has been harmed by misuses of data.CreditCreditJose Luis Magana/Associated Press

Each week, we review the week’s news, offering analysis about the most important developments in the tech industry. Want this newsletter in your inbox? Sign up here.

Hi, I’m Jamie Condliffe. Greetings from London. Here’s a look at this past week’s tech news:

You’d be forgiven for thinking that a government agency tossing out fines of billions of dollars was being pretty aggressive. But you might be wrong.

This week, the Federal Trade Commission announced that Facebook had agreed to pay a $5 billion fine, and accept increased oversight, as a result of an investigation into its mishandling of user data. It also announced that the credit bureau Equifax would pay at least $650 million to cover consumer costs resulting from the 2017 data breach.

That all sounds like punishment. But some people think it’s not enough. Senator Mark Warner, Democrat of Virginia, for instance, had previously said of the Facebook settlement that it did not “put in place reasonable guardrails to ensure that user privacy and data are protected” in the future.

Perhaps most galling to Facebook, the government investigation is being aided by one of Mark Zuckberg’s earliest collaborators. In recent weeks, Chris Hughes, who started working with Mr. Zuckerberg on Facebook in a Harvard dorm room, has joined two leading antitrust academics in meetings with the F.T.C., the Justice Department and state attorneys general.

Sure, the F.T.C. lacks muscle. Even if it wanted to be firmer — which it did, according to a Washington Post report, by holding Mr. Zuckerberg accountable and issuing a large fine — it can’t always follow through. (Which is reportedly what happened here, as it crumbled to Facebook’s lawyers, who threatened to “cease settlement talks and send the matter to court” — something the agency is said to have shied away from.)

But the agency is also limited in what it can do, and while it has asked for its powers to be expanded, that’s yet to happen. Meanwhile, Joseph J. Simons, who leads the commission, has said that a lack of consumer privacy law makes it hard to prove to a court that someone has been harmed by misuses or loss of their data, and that the passing of one would provide incentive to companies to behave better in the first place.

Here could be the guardrails that Mr. Warner would like — which might be why he said that “it’s time for Congress to act” on the F.T.C.’s inability to clamp down more firmly on Facebook.

The idea of a privacy law is not new, and there is strong support on both sides of the aisle in Washington: There are at least a dozen proposals for such a thing. But they have floundered. “We’ve been talking for what, two years about a privacy bill?” said Senator John Kennedy, Republican of Louisiana, earlier this month. “Haven’t seen one, don’t know if we’ll ever see one.”

Beyond the usual issues of gridlock and partisanship, the question of whether or not a federal law should overrule state rules has also been a sticking point. California’s privacy law, which is scheduled take effect on Jan. 1 and protects user data from unauthorized access, theft or disclosure, is viewed as particularly stringent, with potentially large fines for violations.

Some lawmakers think that goes too far, which feeds the stalemate. Lawyers aren’t holding their breath for a decision in Washington.

“Are we going to have a federal solution in a year? I would say no,” said Robert Cattanach, a partner at the law firm Dorsey & Whitney and a former trial lawyer for the Department of Justice.

But other states appear to be ready to follow California, with at least 25 having introduced some form of privacy bill this year. As they bubble up, there may be “enough pain exacted” that there is little choice but for Congress to introduce a single federal standard, Mr. Cattanach said.

The Department of Justice finally announced on Tuesday that it was investigating tech antitrust concerns. It didn’t name specific companies, but will look into search, social media and some retail services — so, no prizes for guessing that Google, Facebook and Amazon are clearly in its sights.

The notion that companies like these, which offer free or cheap services while tapping user data, can’t be put through the antitrust wringer appears to be evaporating.

“Without the discipline of meaningful market-based competition, digital platforms may act in ways that are not responsive to consumer demands,” Makan Delrahim, head of the Justice Department’s antitrust division, said in a statement. “The department’s antitrust review will explore these important issues.”

And on Wednesday, the same day the F.T.C. announced its $5 billion fine of Facebook, the company also disclosed that it was the target of an antitrust investigation by the F.T.C.

But before we get carried away, I thought now would be a good moment to revisit what not to expect from all this:

■ Forget broad change. All the companies have multiple fronts on which antitrust battles could be waged, and the Justice Department will now have to zero in on issues it thinks can be fought against and won.

■ Court cases aren’t guaranteed. The department will typically only take to court cases it’s confident it can win, so investigations could yet fizzle out. And big tech has plenty of legal firepower, so the bar is high.

■ Punishments may disappoint. Remedies to antitrust violations are tailored to the harm. So if you’re craving a breakup, that might only happen for a very specific wrongdoing — and then only if it is a focus, makes the courts, and is ruled to be a problem.

The most valuable tech company in the world isn’t Apple. Or Amazon or Google or Facebook. With a $1.06 trillion market cap, it’s good old Microsoft. But cast your mind back to last week when big tech was hauled in front of Congress. Who wasn’t there? Microsoft.

It must be doing something very right to be that valuable while dodging the bullets its peers attract. So I asked some folks about how they thought it was managing to avoid backlash:

It may have learned from its antitrust battles in the 1990s. “Everything Microsoft went through during the antitrust era shaped the company,” said Ed Anderson, a distinguished research vice president at Gartner. “It’s more collaborative, less aggressive, less predatory.”

“No one is challenging Microsoft’s position on the PC desktop, where it still has a monopoly, so there is no one that Microsoft needs to try to exclude,” wrote Harry First, an antitrust law professor at New York University, in an email. “All Microsoft is doing now is raking in the profits on Windows.” (It also plays second fiddle to Amazon in cloud computing, one of its biggest growth areas.)

It might also be … how to say this … uncool? Mr. Anderson characterizes it more diplomatically as “steady and reliable,” but the gist is the same: People think it’s moving slower and breaking fewer things than its peers.

But all good things don’t necessarily last. “I would be surprised if some controversy didn’t visit it,” Mr. Anderson said. “It could be something as simple as a data breach.”

Facebook scammers are posing as American servicemen and targeting vulnerable women. What are Facebook and the military doing to stop this global online fraud?

In a special one-hour episode of “The Weekly,” Jack Nicas, a tech reporter for The New York Times in San Francisco, tries to track down some of these digital con artists. Watch this Sunday night at 10 p.m. eastern on FX or on Monday on Hulu. Learn more at

■ DoorDash is changing its tipping policy, after a Times investigation highlighted that tips for workers often went toward guaranteed base payments, rather than being added on top.

■ Huawei reportedly helped build North Korea’s wireless networks, potentially in violation of United States export controls. “We’ll have to find out,” President Trump had said.

■ Facebook’s kids messaging app is in trouble. It was supposed to restrict chat only to parent-approved contacts. A flaw allowed some users to sidestep that.

■ Russia’s intelligence service got hacked. It may have been the biggest breach that the service has experienced.

■ Lunch in Silicon Valley is “basically broccoli with some suspect sauce” according to Nick Clegg, the supposed savior of Facebook’s communications and policy strategy, in this lengthy profile.

Interested in All Things Tech? Get the Bits newsletter for the latest from Silicon Valley. And sign up for the personal tech newsletter for advice and tips on the technology changing how you live.