Should Tech CEOs Go to Jail Over Data Misuse? Some Senators Say Yes

As Mark Zuckerberg testified about all things Facebook on the House side of the Capitol last week, over on the Senate side some lawmakers were debating whether CEOs like Zuckerberg should face jail time if their companies misuse people’s personal data.

“You know, my sense is that Mark Zuckerberg is not going to take American’s privacy seriously unless he and others in these positions face personal consequences,” senator Ron Wyden (D-Oregon) told WIRED in his Capitol Hill office.

And consequences are at the heart of Wyden’s recent bill, the Mind Your Own Business Act. If passed, the legislation would establish new privacy and security standards for tech companies, and give the Federal Trade Commission more power to enforce them. Lawmakers from both parties have criticized the FTC for failing to rein in big tech companies, especially after it reached a $5 billion settlement with Facebook this summer over charges of widespread privacy violations.

Wyden says the FTC fine was laughable, pointing to the company’s stock price, which didn’t see a real fluctuation. (When Facebook announced that it expected to pay anywhere between $3 and $5 billion this spring, the price actually went up.)

“Major financial players—Wall Street—basically said, ‘Piece of cake for Mr. Zuckerberg. Nothing to worry about here.’ Business as usual,” Wyden, the top Democrat on the powerful Senate Finance Committee, said.

The Mind Your Own Business Act seeks to change that calculus by threatening prison terms of up to 20 years for senior executives who lie to the FTC about how their companies use personal data, among other penalties.

While the legislation goes beyond just Facebook, the company continues to be the talk of Capitol Hill, and not only because of Zuckerberg’s high-profile testimony. Facebook is now on an all-out blitz in Washington. The company spent a record $12.6 million on lobbying in 2018, and it dropped $12.3 million in just the first nine months of this year to employ a cadre of 60 lobbyists across the federal government.

Zuckerberg himself has also gotten more intricately involved in the reputation-management business. Before last week’s testimony, he gave a big speech at Georgetown University, and he’s also been meeting one on one with many senators recently. Not all lawmakers are impressed.

“I’d be much more interested in seeing him put in place stuff that would really change the underlying, you know, problem,” Wyden said. “The underlying problem is that he has repeatedly lied to the public. Repeatedly lied to the public about his privacy policies.”

Many lawmakers are still reviewing Wyden’s new legislation, which is based on a draft the senator began circulating last year. Despite numerous calls for a federal privacy bill, no proposals so far have gained enough traction to move beyond closed-door discussions among top lawmakers. And some lawmakers have already expressed concerns with Wyden’s bill.

“I don’t know why one industry would face higher consequences than another,” senator Marco Rubio (R-Florida) told WIRED. “I don’t even know if that’s constitutional.”

But the bill is turning heads for threatening tech executives with prison terms, an approach that even has bipartisan support.

“I think it’s a good idea,” senator Josh Hawley (R-Missouri) told WIRED. The freshman senator has been an aggressive critic of Silicon Valley since he arrived on the Hill, and has introduced a few bills of his own targeting big tech.

“Deterrence depends on strong and effective penalties and rigorous enforcement. In some spheres of responsibility only prison time can prove an effective deterrent,” senator Richard Blumenthal (D-Connecticut) told WIRED.

But Blumenthal questions whether the Mind Your Own Business Act is even necessary.

“If Facebook were to violate, again, the FTC order on privacy, there would have to be an inquiry as to whether its second violation of law might involve purposeful and knowing violation, which could put them in the sphere of existing criminal law,” Blumenthal said. “A lie to the government, or a lie to a federal agency, is right now a violation of criminal law.”

Other lawmakers worry about the unintended consequences of threatening CEOs with jail time. Senator Roy Blunt (R-Missouri) brought up a similar provision that was included in the Sarbanes-Oxley Act, which passed in 2002 and aimed at regulating the financial services industry. Sarbanes-Oxley was focused on massive financial firms but Blunt says smaller firms got caught up in its requirements.

“I think you’d want to be very thoughtful about going down that path,” Blunt told WIRED. “[Sarbanes-Oxley] created problems for other people. We need to be sure we know what we’re doing here.”

Wyden dismisses such criticisms. As far as he’s concerned, it’s time for Congress to stand up and stop allowing billionaire CEOs to thumb their noses at federal lawmakers, regulators and ultimately their own users.

“This is not going to be the IT person, you know, at some company. We’re going to be talking about the people in the boardrooms at the highest levels of multi-billion-dollar companies with millions and millions of subscribers,” Wyden said. “When executives repeatedly lie about how they use personal information, which hurts Americans, they ought to face real consequences, and one of those consequences should be the option of prescribing jail time.”


More Great WIRED Stories

Read More