Last week, Twitter’s former chief security officer Peter Zatko alleged “egregious” privacy and security violations within the company. Since then, members of the media and Congress have understandably expressed their concerns over whether such breaches have credibility.
But has this leak from Zatko and similar past leaks advanced important conversations around U.S. technology operations and usage?
To start, there’s some issue with using the term “whistleblower” in reference to this discussion. Usually the term “whistleblower” applies to people who are putting themselves at serious risk from revealing information that is compromising and harmful. That has not been the story of leakers like Zatko and Frances Haugen, who have both benefited from their new, public profiles and seamlessly moved into political advocacy.
While the “peeking behind the curtain” of large companies and their inner workings is understandable, we shouldn’t pretend that either of these leaks, or the following media spectacles, have done anything to advance important discussions about policy. Immediately labeling these rumors as “whistleblowing” overestimates the importance of their revelations and gives them more weight than they should hold.
Next, there will be a hearing in September on the allegations. While the Haugen hearings in Congress garnered plenty of media attention last fall, almost a year later, it’s not clear what those hearings contributed to tech policy discussions — if they even did at all. Haugen might have raised her own concerns, but lawmakers used what she said to support their pre-existing ideas about whether bias, misinformation or competition should be tech policy priorities.
There’s little reason to believe the Zatko hearings will be any different. Lawmakers with competing views on privacy legislation will likely say that Zatko’s testimony should lead to their preferred legislation getting passed. Republicans will similarly use the hearings to lament about their bias concerns with Twitter.
Without concrete evidence or a thorough research analysis into tech, consumer behavior and the economy, these hearings will be used as a platform for lawmakers to plug legislation they already like — not to seriously learn more about how Americans and tech companies operate online.
So, what should those in tech policy do with the Zatko story and the upcoming hearings? Rather than falling into the American news cycle of heated criticism followed by confusing inaction, policy professionals should focus on the issues we know matter. A federal law that sets a national privacy standard has been needed for years, and we should continue to push for it. When lawmakers raise new solutions to various (and sometimes questionable) tech policy issues, it’s important these proposals are analyzed and their unintended consequences be seriously considered and debated — something that hasn’t been going on in congressional policymaking as of late.
Discussions around tech in Congress have long been dominated by politics and public relations rather than policy. And congressional hearings, especially when tech CEOs are brought in, are focused on finding soundbites for the court of public opinion and election purposes rather than improving knowledge in legislative debates.
Lawmakers have raised many concerns about tech, but if they focus on seriously looking into what issues do exist, and whether lawmakers are best suited to address them (sometimes they’re not!), we’ll see much better policy come out of Washington – even if headlines about their good work aren’t quite as sexy as politicians’ campaign managers would want.