Let’s face it: your data is everywhere. From what you last browsed to credit card information saved in a virtual wallet to your comments on a social media post to your high school graduation photos.

As consumers, we have struck a bargain of sorts in which we trade our data (such as an email address) in exchange for a benefit (10% off your next purchase). That makes much of the digital world “free” to use, and that’s fine. However, consumers have expectations on how our data is collected and stored and who has access to it. 

The laws and regulations on data privacy are ever-evolving making the world of data privacy messy. When Congress decides to muddy the waters even more with new federal mandates and regulations–which could be well-intended but lead to negative downstream effects for consumers–we ought to ask them to pump the breaks.

Privacy concerns arise when different systems, apps, and websites work together and share our data. The idea is interoperability or the ability for companies to make the data generated by users in their products and platforms accessible to rivals.

Private companies may decide that to enhance the experience of their users or to allow users to take their data elsewhere, they will allow interoperability. For example, imagine if Zoom, Webex, and Microsoft Teams agreed to interoperability, it would save many users the time and hassles of switching from platform to platform for various meetings. 

That is a business decision that platforms should make on their own. Conversely, some companies may opt to restrict or limit access to their users’ data by rivals for security and privacy reasons in addition to business reasons. 

Now, Congress wants to force their hand.

As we’ve been writing for quite some time, Congress is on an antitrust war path and their enemy is Big Tech. A coalition of congressional members wants the American people to equate ‘big’ with ‘bad’ as they do. They operate on the premise that massive tech companies, by virtue of their size alone, must be engaged in nefarious (anti-competitive) behavior even if there is no substantial evidence to prove it. 

Among several antitrust reforms targeted at the big five tech companies–namely Apple, Meta (formerly Facebook), Google, Amazon, and Microsoft–Congress now wants to deny them the ability to prohibit interoperability on their platforms. 

The American Innovation and Choice Online Act (AICOA, S. 2992, and its similarly-named House variant, H.R. 3816) introduced by Senator Amy Klobuchar would make it illegal for tech companies covered under the bill to “restrict or impede” business users’ access to data created through the platform and to limit portability. 

The privacy and security alarms are going off in my head and they should be ringing in yours too. This is not about granting a regular person access to her data, but giving third-party companies access to many regular peoples’ data. 

Tech platforms have a stake in protecting the data that they collect, but AICOA could undercut their efforts. As the National Taxpayers’ Union explained:

Many of the controls that app stores exercise over developer access to their services help keep security vulnerabilities and malicious apps to a minimum, a benefit which is threatened by these overly broad interoperability mandates. For example, AICOA’s interoperability requirement would force any rival app to have full access and interoperability with basically anything that Google or Apple’s own products can access on their software or devices. For them to be able to deny access on the basis of security or users’ data privacy, the platform operators are held to an incredibly high standard, in effect encouraging them to err on the side of access over security

Net Choice policy counsel Jennifer Huddleston explained that domestic rivals aren’t the only ones who could gain access to the data of Americans:

Thanks to the requirements in the American Innovation and Choice Online Act, malicious businesses, including foreign companies, could exploit its data portability loophole and gain access to user information. It opens up businesses to the very actions at the heart of other previous data privacy scandals and dilutes their ability to respond with what consumers want—better security and privacy options. And as a result, Klobuchar’s antitrust proposal would likely harm users’ privacy online and create more harm to consumers than the current tenuous claims about tech giants’ market behavior. 

The Editorial Board at the Wall Street Journal said as much this week noting

Ensuring platforms are inter-operable could make it easier for cyber thieves to pilfer user data. Apple might have to allow rival app stores and apps on iPhones no matter if they provide subpar security protection.

In response to bipartisan concerns, Senator Klobuchar revised her bill, but the recent changes still don’t address these concerns.

When government exerts the kind of heavy-handed approach as AICOA does, it tends to break things. In this case, the security measures that protect your data may end up on the cutting floor and your data in the hands of those with sinister motives. Congress would be wise to take note.