Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
This is it Step backa weekly newsletter covering one essential story from the world of technology. To learn more about the dire state of technology regulation, Follow Adi Robertson. Step back It arrives in our subscribers’ inboxes at 8 a.m. ET. Subscribe to Step back here.
In 1973, long before the advent of the modern digital age, the US Department of Health, Education, and Welfare published a report entitled “Records, Computers, and the Rights of Citizens.” Networked computers seemed “destined to become the primary means of making, storing, and using records about people.” The introduction to the report began. These systems can be a “powerful management tool.” But with few legal safeguards, they may erode the basic human right to privacy – particularly “control over the uses of information about oneself.”
These fears were not just cheap talk in Washington. In 1974, Congress passed the Privacy Act, which established some of the first rules targeting computerized records systems—limiting the time government agencies could share information and specifying what access individuals must have. Over the course of the twentieth century, more privacy rules in areas including… health care, Websites for children, Electronic communicationsAnd even Rent videos. But over the past two decades, amid an explosion in digital surveillance by governments and private companies, Congress has repeatedly failed to keep up.
Lawmakers have considered numerous plans to preserve Americans’ privacy, but they have repeatedly failed. Attempts to curb government spying – e.g Proposed updates to the Electronic Communications Privacy Act of 1986 – It was withheld due to concerns that it could jeopardize police and counter-terrorism operations. Although numerous Coordinated Attempts From members of both parties, Congress has not approved a bill governing how private companies collect data and what rights people have over their private information. Even highly targeted proposals e.g Fourth Amendment to the Not for Sale Law — which restricts police from bypassing existing privacy laws by using data brokers — has not cleared the hurdle of becoming law.
Meanwhile, new technologies, from augmented reality glasses to generative AI, create new risks every day – making it easier than ever to Surveillance of people Or encourage participation Intimate information With technology platforms.
Immigration agents are Harassing citizens Which they identified using data analysis and facial recognition tools. Data breaches at big tech companies are common, as are security regulations He means to prevent them It is returned. Amazon just aired a Super Bowl ad bragging about how your doorbell can become part of Distributed monitoring network To find dogs.
At every point, privacy breaches not only risk revealing something intimate about you to the world, they shift the balance of power in favor of whoever has the most data. Take algorithmic pricing, for example, where companies use personal information about shoppers to determine individual prices they estimate people will pay — leading to companies like Instacart charging users Different prices for the same item. (The company said this was an experiment and has since ended.)
Country-level and international regulations have addressed some privacy risks. Companies in Europe are subject to the General Data Protection Regulation (GDPR) Since 2018despite the suggestion of retreat Late last year. Many states have passed some form of general privacy framework, as well as more specific rules – Illinois biometric privacy law It has facilitated lawsuits against Meta and others, for example, and New York Disclosure of mandatory algorithmic pricing A few months ago. However, privacy advocates warn that many rules are insufficient. Electronic Privacy Information Center (EPIC) and PIRG American Education Fund State tiered consumer privacy bills In 2025, only two states, California and Maryland, received a grade higher than a C.
says EPIC Deputy Director Caitriona Fitzgerald Edge That Congress He has It recently passed at least one important reform: the Americans’ Data Protection from Foreign Adversaries Act of 2024, which Fitzgerald called “the strongest privacy law passed at the federal level in recent years.” PADFAA prevents data brokers from allowing hostile countries to access Americans’ sensitive personal information, and EPIC Use it to file a complaint Against Google’s real-time bidding ad system – which it claims indiscriminately broadcasts sensitive data.
Overall, it’s fair to say the situation isn’t great.
As of early 2026, there is a sense of learned helplessness regarding privacy in many places. Companies like Meta push the line If current technology already poses privacy concerns, it’s unreasonable to complain that new technology makes it worse. According to internal documentsMeta also seems to believe that the Trump administration’s open violation of civil liberties (or what Meta euphemistically considers a “dynamic political environment”) will keep activists distracted, leaving them free to push invasive features like facial recognition into products.
But management’s actions make it more difficult to ignore the risks of these systems. Knowing the government is one thing He could Find personal information about yourself. It’s another thing to have ICE agents scare you By dropping your name.
Not all of today’s privacy nightmares have easy regulatory solutions. But privacy groups have said for years that there are clear ways to start improving the situation. A long-term wish list from the coalition Which includes EPIC, PIRG and others proposes the creation of a new independent federal data protection agency, as well as a private right of action that would allow individuals to sue for violations of privacy laws. One of the latest proposals is Data Fairness Actwhich is part of model legislation outlined last month by a group of researchers at New York University Law. It aims to limit the state’s collection and use of our deep digital footprints, and aims to redefine personal data “not as information freely accessible by the state, but as something inherently ours.”
There is unlikely to be a going back in many digital technologies, and in many cases, people will not want to. But it’s time for more lawmakers to take the risks these technologies create seriously and decide it’s worth resisting.
- In many ways, governments around the world are backing away from privacy, thanks The emergence of an age determination system on the Internet. In the United States, the Supreme Court has already approved age verification for sites containing a large amount of adult content. Now, several states have passed laws requiring it for basically every app on your phone, a policy that seems likely to be taken into consideration by the Supreme Court sometime this year.
- Almost every problem in technology regulation is intertwined, including technology monopolies also They exacerbate privacy problems by reducing competition and concentrating information in a few places where it can be exploited. (This is another issue that Congress has taken up, however Failed to follow up.) Also, laws do not work if the government does not enforce them fairly, hence the era of the Trump administration Regulating gang technology It needs to be terminated.
- One of the simplest privacy trends in recent years is “Block facial recognition“-Usually of use by government and law enforcement, but there Push the limit It’s specifically being rolled out to smart glasses as well.
Follow topics and authors From this story to see more like this in your personalized homepage feed and receive email updates.