Privacy groups ask tech companies to sign user data 'security pledge'

Groups like the ACLU and Fight for the Future are backing the five-point pledge.

A number of organizations including the ACLU, Fight for the Future and Color of Change have called on tech companies to sign a pledge and commit to protecting their users' data. The move comes as repercussions of the Cambridge Analytica scandal continue to unfold. "Technology can empower and grant freedoms to us all, but now our online data is empowering data brokers, ISPs, surveillance companies and runaway government agencies to discriminate, exploit and limit our freedoms," says the Security Pledge website. "Companies and governments can exploit the massive troves of data companies have on people and weak links in internet security. They can twist the internet into something it was never meant to be: a weapon against the public."

The Security Pledge organizations are asking tech companies to abide by five principles including limiting the data they collect to that which they actually need for their business, protecting the data they do collect and resisting improper government access to that data. Additionally, the pledge asks companies to give users much more control over their data than they've typically had in the past. "Guarantee that users have an easy and free way to download all the data you have about them in a usable format," says the website. "Allow users to delete their entire account and permanently eliminate their data from your servers if they choose to."

And lastly, the pledge asks companies to be aware that algorithms aren't unbiased by default and to do everything they can to ensure that communities that are often discriminated against are protected by their policies. "Do not collect information that is vulnerable to misuse, including information about your customers' and employees' immigration status, political views, national origin, nationality or religion, unless required by law or strictly necessary for the service your provide," says the pledge.

"It's time that companies take steps to ensure that using their products doesn't mean that users have to sacrifice their rights," Neema Singh Guliani, ACLU legislative counsel, said in a statement. "The way companies treat data can affect whether you are wrongly excluded from job or housing ads because of your gender, targeted for dubious financial products or have your security compromised. Many companies have for too long ignored their obligation to treat data responsibly, prevent information from being used to discriminate, and provide users' full control over how it is handled."

No companies have signed the pledge as of yet, but the Security Pledge website includes a list of firms these principles would be relevant to as well as their user reach. "This is a watershed moment for the internet," said Evan Greer, deputy director of Fight for the Future, "Millions of people now understand how their data can be weaponized and used against them, and they are demanding change. Cambridge Analytica is just the tip of the iceberg, and this problem doesn't begin and end with Facebook. If the largest tech companies take the steps outlined in the security pledge, it will change the course of human history for the better, and protect billions of people's basic rights."