Introducing the Internet Bill of Rights

Before Congress begins listing detailed rights, it should start with a basic law that codifies Americans’ fundamental right to privacy. That way, courts can look to the legal umbrella protecting this fundamental human right when interpreting and applying enforcing specific rights. This is the model Congress followed with, for example, the Religious Freedom Restoration Act in 1993, which clarified protection under the First Amendment‘s Free Exercise clause. The Supreme Court has long recognized privacy as a right under the Consitution, as have some state constitutions and courts. In the digital age it has become crucial to protect it by making it explicit in a federal statute. Then a bill of internet and other privacy rights will be anchored in this basic right. Part of such a basic privacy law should be recognition that a natural person (a human being) *owns* all information about her- or himself, so it cannot be taken or used without consent. Just as the law recognizes intellectual property rights for commercial purposes, there is every reason to recognize and enforce rights to your own privacy, including intangible personal data. No right is absolute, so interests of public health and safety and national security will be recognized as necessary limitations. But those limitations are a far cry from any business and government being able to exploit your private information without any meaningful choice on your part.

How can we keep our country moral, decent and honest? How can we protect our little children? How can we stop promoting indecent and immoral lifestyles to the rest of the world? Simply put God back into the equation. Whether republican or democrat, male or female, Christian or atheists, if what we think, say, or do is decent, moral and right...then it comes from God. If what we think, say, or do is indecent, immoral and wrong then it does not come from God. You can only lie to yourself and others, but not to God. This may be why separation of church and state exists. Blessed be those that believe in His name: who are born, not of blood, nor of the will of the flesh, nor of the will of man, but of God.

Problem is they won't get elected. Who would vote Democrat after all of this circus they have caused. I could be wrong but I bet I am not the only one that will remember that going in to the voting booth. Sad in a way that I now have to choose between freedom of the internet, which I like and screaming Democrats.

If these rights don't protect us from government (and they won't) then they aren't "rights." Government regulations are always designed to help the little people. Says so, on the label. They always end up benefiting the large businesses.

Add these 1- No Internet service provider can require you consent to data mining in the terms of service, as in you have the right, but we refuse to serve you unless you waive it. 2- No data miner can gather, hold or sell your private information without your expressed written consent that can be revoked at any time. In the early days of the internet, nobody explained to people about cookies and data mining and targeted advertising. It was also not explained to consumers that a significant portion of the data you were paying your ISP for was serving the commercial interests of companies gathering data on you to sell at a profit and without your explicit knowledge or informed consent.

ISPs should be regulated as common carriers. That is, in return for permission to be a monopoly provider of a communication service, they follow special rules: Their profits are determined by the government; they are required to offer service to everyone at the same cost; and, most crucially, they may not use the content of the messages sent by their customers for their own benefit, or disclose that content to any third party. ISPs fought hard /not/ to be classed as common carriers, but that's what they are, and that's how they should be treated in law. Facebook and Twitter and Google aren't common carriers, but they /are/ monopolies. Just because they've made gargantuan profits in the past doesn't mean we have to let them keep it up at our expense. I think it should be a crime for a company to /repurpose/ information given to them by any person. For example, if I send a search query to Google for the purpose of finding relevant Web documents, it should be a crime, punishable by seizure of assets and prison sentences for the directors and officers, for Google to store that query after providing the search results, or to use the query to tailor advertising (or future search results!). Opt-in instead of opt-out isn't good enough. Data mining is too complicated to expect each person to be able to protect his or her own privacy. And yes, I would gladly pay Google for its services. I think it's fine that that would just make them rich, rather than obscenely rich.

Sounds like an article to get the tech cos rallied up to open the doors to have our election hacked again. Timing is everything.

They forgot to mention the potential impacts of AI

The Internet is the Library of Alexandria resurrected and writ large. It is arguably one of the most important networked products to emerge from human activity since the invention of the printing press. Any information you seek, any product you desire, can be found within its domain. It is marvelous to an information omnivore like me; and increasingly a central component in all our lives. So yes it is time to stop giving carte blanche to all those companies who conduct their business within it. It's time to reign in, with proper and fair regulation, all those whose business it is (from telecom entities to ISP's) to continue to build and develop it. The Wild West era must come to an end, and we need to look to the government, and not those member companies, to do it. We need a semi-neutral 3rd party to referee it. It's the best way. But so, too, do the citizens of this new Alexandria need to start comporting themselves properly as citizens in this new land. It's one that weaves us all together. We all come from different backgrounds, different races and different nations; but in this land we are all the same. It is why I sigh off with what is an American proclivity to signal your ancestral background within the context of being an American. It signals my background on the 'Net while proclaiming myself an enhanced citizen. I sign off.... John~ American Net'Zen

Thank you, Ms. Swisher, for bringing this important issue to the attention of Times readers. American citizens have few legal rights over what is said about them online. (That is an issue European policy shapers, responsible for the "Right to be Forgotten" on Google there, are preparing to introduce in the U.S.) Many, if not most, Americans do not realize that their home addresses, age, family member’s names and satellite pictures of their homes (with maps showing all nearby streets), are published on 20 or more databases where anyone can purchase them for under $10. This can place their safety at risk. Please continue expanding this discussion so that all citizens can learn how to support such a bill. Shannon Wilkinson, CEO Reputation Communications: Online Reputation Management

Couple of thoughts to add to the many good comments already posted here. The concept of privacy needs to be carefully defined and agreed to and in a way that reinforces, at least in the United States, the Constitution. A common dictionary definition is "the state or condition of being free from being observed or disturbed by other people" but the concept of "other people" seems insufficient to include government, corporate, or other actors, and insufficient to protect users in a workplace where workplace surveillance seems more and more commonplace. The concept of personal data also needs to be defined in a sufficiently broad way to include data that are created, including but not limited to that which: A user chooses to reveal, e.g., name, email address. Inferences about their family. Is created by third-party action, e.g., displaying an advertisement to a user or sending a marketing email and recording that it has been shown, for how long, and whether the user took action and which one. Is created by explicit or implicit user action, e.g., clicking on a link, reading an article, searching for a product or service or health condition, buying same. Is inferred via correlation of various, perhaps even inaccurate, data sets, e.g., enriching Facebook data with that collected by data vendors such as Axciom (an original Cambridge Analytica-style enabler). Exists on any and all devices the user owns or controls and those implied aka servers and data backups. Good luck.

This article falls short. It should have explained how pelosi’s plan is like or unlike the eu and California laws. That would be illuminating. Instead we’re left in the dark

This is a good first attempt but it’s still a 18th century solution to a 21st century problem. Turn the problem around. Rather than making it a vendor’s problem to safeguard user data, give users the tools to do the job. There are waaaay too many adds and offers online already and no consumer can buy everything on offer. So the idea of an ad-driven business model has lost its steam. Replace it with consumer control of individual data. Like a lock on the front door, when you are gone the lock is on and visitors stay out. When you are home you can answer the door and make a determination. In Internet terms this means turning on access to your info when you are in the market for something such as a new refrigerator. Since you are not in that market often you shouldn’t be bombarded with ads and offers. For such products. We have lots of security devices for the front door but none for our personal data and that’s wrong. Many of the other ideas in the list, stemming from the right to be forgotten make sense as well.

A crucial first step is for Congress to do away with the Safe Harbor clause in the Digital Millennium Copyright Act. The platforms would then have to begin police themselves to protect themselves. It would be the end of digital piracy of copyrighted material and of masked propaganda.

Why not have stronger privacy and personal data protection overall, irrespective of whether it pertains to the internet or not? This needs to be addressed by legislation or a Constitutional amendment. Our elected representatives have been unwilling to address this problem for far too long. It's time they did their job.

Except for basic connectivity (provided by ISPs), people get the most of the interest services for free. Nobody has to pay to use Google for searching, hotmail or gmail for email, Facebook for social networking, youtube for videos, twitter, instagram, etc, etc. The companies that provide all free services need to have a way to pay the bills. The current way they do it is by ads and by selling access to their user's information. If you prevent them from doing the latter, you need to define a way for them to make money. Would you prefer a minute of ads for every 4 minutes of facebook time? How about 10 cents per google search? How about 20 cents for each email? Perhaps the old AOL model would work: pay some amount of $$ every month for a bundle of services. No pay, no services. How much would you pay to get all the current free services? One must login each time in order to do a search.a I suspect that most people, given the choice of paying real dollars for their current services or letting the companies have their "data", would willing let the companies have their "data". Perhaps Google, etc could offer a "paid" subscription service as an alternative to their current model. It would be interesting to see how many people would sign up for it.

Yes. This type of invasion of privacy and identity has happened so quickly, I expect most people find it hard to comprehend much less know what to do about it. It's frightening to think that your daily existence can be tracked. But there's no reason to accept that every aspect of your life will be available without our knowledge or consent. An Internet Bill of Rights is a start.

Most of us have with us or near us at all times little computers we call cell phones. But phones are a only part of what they are, and perhaps not the most important part. One thing they do is track our whereabouts, another is give voice to many of our thoughts, and a third is to carry out and make a record of many things we do. In the past a tyrant could only dream of the streams of information about ourselves that we willingly provide to our phone companies and ISPs. Sooner or later one of them will probably try to make use of it to subvert our freedoms. Only laws, well considered and carefully enacted can protect our freedoms and our free society. I don't have the expertise to judge whether the 10 proposed by Khanna are the best ones. But I do know that something like them is sorely needed.

It's not clear that Khanna did much talking to ISPs that actually provide the connectivity that all the wonders of the Internet ride on top of. Think about what this one means and what it would take: (8) to have access to multiple viable, affordable internet platforms, services and providers with clear and transparent pricing; Just how is this "right" to be provided? It's well known that most consumers can only choose between a telco and a cable company as an ISP. And whay is this? Because providing connectivity is neither cheap nor easy. It takes lots of capital and boots on the ground - literally. Google found this out when they took on the challenge, even though they cherry-picked their markets. They didn't get the margins they were used to and so backed off. Both telco and cable got their starts as regulated monopolies where they could be assured a return on investment in return for price regulation at least in the telco case. That environment had its positives but lots of negatives too.

As a parent, I am concerned about the amount of data collected from our children's lives and their online presence, including using Google Chromebooks at schools today. Who collects, owns, stores and archives and sells their information? Anyone under the age of 18 is a minor and there should not be any collection activity of their lives. Most of use did not grow up having everything stored on a computer within vast networks and systems. This should worry all of us and should be illegal to data track our children. It's corrosive and creates nothing good, by denying privacy to anyone but in particular towards our children. They are products and little, future consumers. Big buck$ there. I'd like to see an Internet Bill of Rights that includes and protects them. Vulture Capitalism has no rules or boundaries, none.

Good intentions but Mr. Khanna’s list needs to be modified. I have gone through the article completely including Mr. Khanna’s list. I don’t find anything regarding the punishment to be meted out to the companies, who take millions of people for a ride that too at the cost of their personal security.

We need one and the sooner the better. Google knows more about me than my wife.

Love it! Would really like a number of conservatives to get on board with this IBoR's. I don't see anything the general populace would be against, Left or Right. Add IBoR to the growing list like M4A, and raising the cap on Soc. Sec. C'mon America...pull-VOTE together!

None of this is about "the internet". It concerns a number of massive companies that are based on the internet. So much of the public is involved in the activities of Google, Facebook, Amazon, and their competitors that they are now being identified, particularly by the less informed, as the internet itself. The latter is a communications medium, and its central feature is that it has no central authority or governing body to be influenced. It was designed to withstand nuclear attacks, and it is very resilient against attempts to control it. Ask the Chinese, who devote enormous resources to doing that, with limited success. The mega-companies do have power centers and hence can be controlled (at least in principle). So regulate the giants if that seems appropriate, but if those organizations become less useful or desirable to internet users, they will just be supplanted by others.

The trouble is, the internet is already regulated-- by the telecom giants. They get to supercharge and superchoke user traffic based on the users' corporate fealty. Net neutrality means Losses for them, capital L. Getting the giants to agree to these rights? That's not a barn door and horse issue, that's Pandora's Box...and I'm not sure there's hope in this one.

One right I would add would grant people _ownership_ of their own personal data. Trading in that data, compiling lists for sale or rent, or otherwise accessing the data should generate royalty payments to the individuals. A model could be royalty payments to artists and composers for recording or playing someone's musical creation. The per use payments are small, but the penalties for non-payment are large, and misrepresenting the use is criminal fraud. List compilers and brokers reap profits by marketing our information...small amounts per record but large numbers of records. A few pennies per use for the owners of the data won't hurt industries, and the reporting will disclose to individuals how their records are being used.

If the Democrats take the House, or even the House and Senate, absolutely nothing will happen to advance this proposal. Trump will veto any such legislation on orders from his owners. I am glad this is referred to as a "15 year fight". I think that's wildly optimistic, but at least not a crazy as the headline idea that a Democratic House could make any difference on this issue. Today the '1984 Caucus', consisting of primarily of China, Russia, Google, Facebook and the Republican Party have an absolute veto power over any efforts to protect privacy. Dan Kravitz

To think other than these things being basic rights is sacrificing and hope of privacy in the future I don’t give a darn that fast moving companies have built their incredibly lucrative businesses by capitalizing on areas where no laws were in place to give guidance is just too bad for them. Many of their so called services are beneficial only to them. For the general citizen to be forced to continue to be open to unapproved data harvesting is too high a price to pay for their being allowed to continue what is little more than sneaky behavior. That they might loose revenue and need to downsize or close is not my fault for their business model meant to conceal their true intentions.

An Internet Bill of Rights is both necessary and noble. However, I don't see how we can accomplish such a task without socializing IP addresses. There's nothing you can do to adequately punish bad actors except take away their privilege to host or consume content. Imagine a system where bandwidth was throttled as a fine. The company or individual who got caught recklessly driving is punished. As a punishment, their vehicles go ten percent slower than the posted speed limit for the next ten years. If they are really bad, they lose their internet license entirely. This scenario is more than technologically possible. There's a problem of course. There are many problems actually. There's one particular problem relevant to Swisher's conversation though. Internet regulation is extremely hard to square with the concept of net neutrality. I just described a scenario where government was selectively throttling internet instead of ISP companies. I'm not sure how either scenario is more desirable than China's Great Firewall. If regulatory enforcement over the internet consistently runs afoul of the First Amendment, I don't see how anyone can effectively regulate the internet. Conveniently, that's a feature more than a bug. If Pelosi has an answer, I'm willing to listen. However, even admirable laws are useless if enforcement isn't possible.

This sounds like the same problem as the Digital Millennium Copyright Act. One of the provisions, which took effect ten years after its passage, affected radio stations that stream on the internet and included onerous limits on how much of any one album or artist DJ's could play within a three hour period, as well as new reporting requirements involving submitting online playlists in real time to one of two private reporting ages. These provisions were written back when most of us still had cassette recording decks, with the assumption that there would be people hunched over the record button waiting for their favorite album to play over the internet. In the ten years between passage and effect, there's been Napster, Blogspot, Youtube, binaries newsgroups, bittorrent, online file storage and sharing, free Spotify and stream recording technology. The horse is gone, the barn burned to the ground, but the clueless powers that be are still forcing us DJ's to lock the ashes. It's ridiculous beyond words.

What utter nonsense – right up there with: > "Patients' bill of rights" > "Used car buyers' bill of rights" > "NYC Subway riders' bill of rights" > "Teen US Women Olympians' bill of rights" Gotta go – Rachel’s on the other line, telling me about the... > “Sub-prime Credit Cardholders’ bill of rights”

Besides the obvious problems with consulting with Facebook to write an internet bill of rights that'd protect us from bad actors like, well, *Facebook*, there's exactly zero mention of free software, which would help ensure[a] compliance with (1) through (5). When the website software's not free, when you don't even know its *served* source code let alone the server's ("View Source" alone doesn't count, especially now with massive obfuscated JavaScript files used by the creeps), you CAN'T know where your data goes. Not even the websites would—which I fear is entirely by design. ("We apologize; we did not expect your data to be going to all those Russian creeps all along.") For a "good" time, I ran NoScript and looked at the list of, oh, 13 script-running domains on a popular website, not counting the site's and its own domains'. It wasn't a "warez" or torrent list or shady off-the-beaten outfit, it was CNN. When our own non-crazy MEDIA is fighting our privacy, we have a long, LONG way to go. (These Times and WaPo, of course, are hardly quiet on the third-party creep-script radar either.) Swisher herself can help us fight through that long way by ending the use of the slur "consumer", used six times here. Once we're considered people and not Pac-Man, we'll begin to be so treated—after which maybe we'll even let down our hair, and our blockers. [a] But even *then* not guarantee.

Something like this should be in the works already. Is there some reason to hold it to ten articles or is that just for symmetry with the Constitution. If not, could I suggest an eleventh article? Article 11) All articles must be succinct, precise and available in large print. You could call it: The Aging Eyes Article. Thank-you for your attention to this matter.

''In Europe, this idea has manifested as the controversial “right to be forgotten” laws, which wouldn’t fly here. Because of First Amendment issues...'' - I fail to understand how the 1st Amendment can be used AGAINST you ? If you wish for privacy, then that should be your right. Also in Europe, it is far easier to sue someone (especially the press) if they malign or defame you. That also should not come in conflict with the 1st Amendment. The bottom line is that if any laws (or rights) are established, then it has to be universal and global, otherwise it is another layer of laws that work like the tax laws do now. - with loopholes being created by certain jurisdictions. Or just look at maritime laws and jurisdiction to see what ship flies certain flags to benefit them and again, escape other laws.

Now find out how it would be written by industry lobbyists.

The proposed bill of rights described is good as far as it goes. What is missing is a right to know whether or not technology companies guarantee privacy rights to citizens of other countries. It is against the law for US companies bribe officials, whatever might be acceptable in any country where they do business. Similarly, we should expect US technology companies to not collaborate with repressive regimes in violating the rights of citizens. At least consumers should be able to avoid doing business with companies that do not value human rights.

Not a bad set of rules. Let’s apply them to political parties, PACS, pollsters, politicians and telemarketers. Then we’ll be making some real progress.

"(2) to opt-in consent to the collection of personal data by any party and to the sharing of personal data with a third party" A very reasonable rule - but one that the politicians will never implement. It would significantly curtail Facebook's and other social media's revenue streams, and being multi-billion dollar enterprises, they have the lobbying muscle to kill the rule. A reasonable compromise would be for Facebook users who opt out to pay for the use of FB - I suspect Facebook will veto that idea.

AI & the continued advancement of computers for the advancement of humans requires the data. Computers use the data to determine what information each used should she based on their likes. There is no need for regulation by big government. Individuals who do not want to share their data can use a beta 1 version of Browser that will be very poor at producing useful search responses. In addition these used will not be able to use waze type systems that benefit humans. These users will not be able to get netflix, pandora or any other entertainment sites that use data for their business model. Pretty easy. Their will be humans who are advanced & benefit and their will be humans that live in the 1970's world.

"After consulting with think tanks like the Center for Democracy and Technology and big Silicon Valley companies like Apple, Google and Facebook, as well as some of tech’s biggest brains, like Nicole Wong and Tim Berners-Lee" Wait. WHY would you consult with Facebook about an internet bill of rights that must protect us from Facebook?! That's like writing Article III of our Constitution by chatting with King George, or how best to impeach "covfefe" by calling Stephen Miller! And, sadly, Tim BL is hardly an uninterested expert either. His approval of the Encrypted Media Extensions for the already compromised "HTML5" advertiser-steered trainwreck of a standard solidified his rocket-fueled descent from laudable inventor of the Web to friend of draconian media DRM and the creepy-marketer Web. I apologize for ever, ever admiring him.

Just one more topic that weakens Dems and strengthens Republicans in the midterms and 2020. Despite what they hear in the echo chamber that is their bubble, most people want less government in their lives. We don’t believe that the nanny state is desirable and admit that freedom is often painful, messy and not always beneficial.