Data Rights

Written in November 2023

In 2015, The Office of Personnel Management (OPM) data breach occurred. The breach involved two separate but related cybersecurity incidents that impacted the data of approximately 22.1 million federal government employees and contractors. The breach resulted in the loss of 4.2 million people’s information that included full name, birth date, home address, and Social Security Numbers. This breach also exposed background investigation information of 21.5 million individuals, (which included current, former, and prospective federal employees and contractors) and involved sensitive information including Social Security Numbers, family members and current addresses.

Source: https://www.opm.gov/about-us/our-people-organization/support-functions/chief-financial-officer/cybersecurity-resource-center/faqs/

After an investigation was conducted, it was found that the Jiangsu State Security Department was the recipient of all this sensitive data of federal employees.

Now, why would China want sensitive data of almost all federal employees including employees of the Department of Defense?

Source: https://www.cnn.com/2017/08/24/politics/fbi-arrests-chinese-national-in-opm-data-breach/index.html

Source: https://www.wired.com/story/china-equifax-anthem-marriott-opm-hacks-data/

With the advent of machine learning/deep learning models and Generative AI, we have a critical need to not only protect people’s sensitive data, but we also have a need to ensure companies in the United States are not taking data from us and then feeding unethical or immoral AI models with it. If there are no checks and balances with large companies like Facebook or TikTok, these kinds of companies will continue to take large voice and image data from us to use it for their discrete unknown purposes. I think we have all experienced the creepy advertisement after having a personal conversation. We need a system in place that will allow congressional oversight that doesn’t stifle innovation but verifies industry is not using our data for malicious purposes. We have to ensure that any company that takes our personal identifiable information is protecting it and has explicit permissions to sell or not to sell our personal data to 3rd parties.

Governor Newsome in California has allowed the California DMV to make approximately 50 million dollars per year by selling personal identifiable information to unknown 3rd parties. This would include a person’s name, address, and current employer. Additionally, there is seemingly no way to opt out of California’s theft of personal information. When an organization exploits the fact you need a driver’s license to drive and then sells your data without permission, there is something seriously wrong. Most concerning is that President Biden recently hinted that Governor Newsome would be a great replacement for him.

Source: https://www.nbcsandiego.com/news/local/ca-dmv-makes-50m-selling-personal-data-report-says/2202432/

Source: https://thehill.com/homenews/administration/4313486-biden-quips-newsom-could-have-the-job-im-looking-for/

In 2024, Facebook plans to come out with their VR Meta Glasses, which will likely obtain large amounts of voice and personal image data from their consumers and anyone who they record in the world around them.

Legislation prohibiting the 3rd party selling of information – especially to malicious companies should be prevented through legislation. Explicit provision would include disclaimer and opt out provisions. These questions and problems need to be addressed by your elected representative – having the experience and knowledge in these areas will prove critical in the coming years when AI is more integrated into our society.