Tech companies must explain data use, say Amazon, Google and Twitter privacy heads

At a virtual CES panel, the tech giant representatives also call for a federal privacy law in the US.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce | Amazon | Earned wage access | Online marketplaces | Direct to consumer | Unions | Labor and employment | Supply chain | Cybersecurity | Privacy | Stalkerware | Hacking Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
2 min read

Tech companies have been required by recent laws to give users more control over their personal data.

Getty Images

Heads of privacy at Amazon , Google and Twitter took the virtual stage at CES on Tuesday to talk about how new privacy laws -- and growing privacy concerns from users -- have changed the way they do business. Google Chief Privacy Officer Keith Enright, Twitter Chief Privacy Officer Damien Kieran and Amazon's director of trust for Alexa, Anne Toth, said on a panel that tech companies must now allow users greater control over their data and explain how emerging technologies like artificial intelligence access personal information.

"It's incumbent on us to find ways to make it more approachable," Toth said.

While distrust of the tech industry is nothing new, giants like Amazon, Google and Twitter are under increasing scrutiny. In the aftermath of scandals like political consultancy Cambridge Analytica gaining vast access to millions of Facebook users' data, regular people have become more concerned about what tech companies do with their personal information. At the same time, new privacy regulations have rolled out in the European Union and three US states.

Amazon's Toth said the EU law, known as the GDPR, has introduced new concepts to users around the world. Regular people can now see the personal information companies have collected on them, and take their data from one company to another, a process that's called data portability. Similar rights have been enshrined into laws in California, Maine and Vermont, and some global tech companies have extended them to users beyond these states.

Google's Enright said data portability fosters innovation in the tech industry by forcing companies to compete with each other for users. However, tech companies are wary of having to deal with several privacy laws throughout the US, and have been pushing for a federal privacy law that creates one standard for the country.

Watch this: CES 2021: What to expect as the show goes all-digital

"We are already dealing with quite a patchwork," he said, calling for a federal law that preempts state laws. The panelists all said a federal law seemed probable, though not guaranteed, from the administration of President-elect Joe Biden.

Other privacy laws around the world aim to stop tech companies from moving data out of a user's geographical location. Combined with laws like the GDPR, which gives users specific rights over their data, these regulations lead to a risk that services will look different for the same user when they travel from place to place, said Twitter's Kieran.

Many tech companies have dealt with this problem by extending rights required under various laws to most or all users, regardless of their locations.

Still, Kieran said, there's the possibility of "balkanization of the internet, balkanization of services."