Sen. Ron Wyden is ready to send the CEO of Facebook to prison, and he has the bill to do it.
I get the distinct impression that the Oregon Democrat doesn’t like being lied to. Wyden is not alone; several of his colleagues were similarly outraged when a 2018 New York Times report about Facebook’s data-sharing agreements cast doubt on the veracity of the CEO’s earlier testimony that the company doesn’t sell data. But Wyden’s the only one who wrote the law that made it possible for the social media giant to exist.
Wyden recently explained his outrage to me via Zoom from his tastefully appointed kitchen in Portland and me from my (considerably less refined) living room in New York City. The 71-year-old career politician has a folksy manner that almost makes you forget that he’s one of the most powerful Democrats in the Senate.
He’s also the co-creator of Section 230, the internet-defining 1996 law that has recently become the go-to target of Republican attacks on Big Tech companies. In the past couple of months alone, the Trump administration and its allies have pushed an executive order, Department of Justice recommendations, and bills in Congress, all threatening to take Section 230 protections away from companies that they believe treat conservative and liberal speech differently. Wyden’s party has also gotten in on the act, proposing bipartisan bills that would weaken Section 230.
So, in a year that once looked like it would be spent defining the internet’s future, Wyden is forced to look backward. One of the Senate’s biggest privacy hawks, Wyden has always been at the forefront of legislation designed to better protect Americans’ data from companies like Facebook and Google that have profited massively off of it. But since the pandemic began, there’s been little movement on any of those bills. Instead, Republicans have mostly focused on a perceived (and unproven) anti-conservative bias in Big Tech, even hijacking the highly anticipated House Judiciary Committee’s recent antitrust hearings to yell at the CEOs about free speech online.
This leaves Wyden to defend his seminal law from the right’s attacks while pushing forward new legislation to regulate the billion-dollar industry it helped create. Can the architect of the law that created the internet find a way to preserve it that placates its growing list of opponents?
From wood products to the World Wide Web
The first thing I wanted to know was why Wyden was interested enough in the future of the internet to write Section 230 in the first place, as a House representative. Back in the mid-’90s, the federal government wanted to update the Telecommunications Act to include this new thing called the World Wide Web. That attempt included trying to protect children from porn with a law called the Communications Decency Act (CDA).
Wyden and Rep. Chris Cox, a California Republican, wrote an amendment that added Section 230 to the CDA. The provision basically said that, with a few exceptions, internet service providers and platforms couldn’t be held civilly liable for content posted by their users. Without this part of the law, sites like Facebook, Twitter, and YouTube — anything that relies on third-party content — could not exist.
So, what piqued Wyden’s interest in internet providers’ free speech at a time when most of the rest of the federal government was most concerned with making sure kids didn’t see porn online? Was he an early adopter? Passionate about preserving free speech in all mediums? Eager to get on the legislative ground floor of a burgeoning industry?
“Oregon has always been about wood products,” Wyden told me.
No, really. While he was and is dedicated to working hard for Oregon’s forestry industry, he also wanted to bring some new industries into the state. The internet, he reasoned, could be one of them. But there was confusion over how, legally, to view and treat websites and service providers that he feared would stunt its growth.
“I had been talking to Chris Cox,” Wyden said. “And I was seeing these clippings that said if you owned a website or a blog, you can get held personally liable for something that was posted on your site. And I said, I don’t know everything about this internet business, but I don’t know why anybody would ever put a nickel into that if they thought they were going to be held personally liable, because it sounds like there are going to be lots of postings.”
Wyden was referring to a few court decisions that said an internet service provider could be held responsible for content posted by its users if it made any effort to review or control that content. This meant that any website or service provider that had user-generated content — think tweets, Facebook posts, Yelp reviews, even comments under news articles — would either have to strictly monitor every single post for actionable material to avoid being sued, or they would have to let everyone post whatever they wanted.
Neither option seemed like great conditions to grow an industry under, so Cox and Wyden came up with a law that incorporated both: Section 230 allowed websites to moderate user-generated content on their platforms as they wished without being civilly liable for that content.
Wyden became a senator in February 1996, and the updated version of the Telecommunications Act was signed into law three days later. Most of the CDA was struck down by the Supreme Court before it ever went into effect, but Section 230 survived. Now, 25 years later, some of the biggest companies in the world exist because of it.
“I always thought it would be helpful,” he said. Maybe not 1 trillion dollars of helpful, as a Washington Post op-ed once estimated the value of Section 230. (Wyden’s wife, a co-owner of the Strand bookstore in Manhattan, was apparently less impressed: “She said, ‘Even a blind squirrel can find an acorn occasionally.’”)
From here, Wyden’s career has partially been defined by his vision of what the internet could and should be — which, he said, was by design.
“When I showed up in the Senate in 1996, Pat Leahy of Vermont seemed to be the only one who knew what a computer was,” Wyden said. “I said this is a chance for a young newcomer to the Senate to get into some new stuff.”
That stuff has included the Internet Tax Freedom Act and the Electronic Signatures bill. Wyden has also worked to increase broadband internet access in rural communities and fought against proposed laws that could shut down websites, change how the internet works, or threaten free speech, like SOPA and PIPA, which would have forced internet service providers to block access to websites that violated copyright laws. Recently, he teamed up with Sen. Steve Daines (R-MT) to propose an amendment to the renewal of the Patriot Act that would have forbidden warrantless collection of internet browsing and history data.
How Section 230 still helps the little guy
During our chat, Wyden frequently framed his work as fighting for the “little guy.” And, sure, the internet was made up of a lot of little guys in 1996, but in 2020, there are a few very, very big guys who have been allowed to “self-regulate” (poorly, some would say) in lieu of more robust laws governing their industry. Many of Section 230’s opponents say it’s a relic of a bygone internet era, and should be updated to check Big Tech’s considerable power and influence.
Wyden said that the law is not so much about preserving Big Tech’s control over speech, but about making sure companies of any size aren’t afraid to give everyone access to a platform for free speech — something that anti-Section 230 legislation could take away.
“Think about Me Too and Black Lives Matter and all of the groups that, as a result of social media, are able to get messages out,” Wyden said. “Do you really think those groups would have the opportunities to have their views spread as far as they are without the kind of pro-innovation spirit that 230 is all about? First thing that would happen is people wouldn’t want to put them up because they’d be afraid of getting sued.”
The argument usually offered up by Republicans these days is that the biggest tech companies censor conservative voices and apply their rules unequally, and Section 230 says they aren’t supposed to. In April 2018, Sen. Ted Cruz used Mark Zuckerberg’s testimony before the Senate Judiciary and Commerce Committees about data privacy to ask if Facebook was a “neutral public forum,” which, he said, was a “predicate for Section 230 immunity.”
This supposition has been picked up by some of the Senate’s leading Republican voices against Big Tech. Sen. Josh Hawley alone has offered up multiple bills that would require Big Tech companies to be politically “neutral” in their third-party content moderation if they want to keep their Section 230 protections. His latest attack came a few weeks after Trump’s executive order requesting the same, and on the same day as Attorney General Bill Barr’s Department of Justice issued recommendations along the same lines.
Suffice to say, Wyden does not agree with these interpretations. And I suspect he’s a little sick of being told what the law he co-wrote says.
“That’s just a bunch of baloney!” he said. “There is not a single word — not a word, not a comma, not a parenthesis, nothing — that suggests that 230 was about neutrality. In fact, what we designed it to be is if you had a conservative website, good for you! Do what you want with it! If you had a progressive website, same thing.”
So far, the political neutrality requirement hasn’t come to much, and Wyden doesn’t expect it ever will.
“What Barr and Trump are doing is what, in basketball, is called ‘working the refs,’” Wyden (a star player on Palo Alto High School’s basketball team) said. “They just want to bully everybody into putting their stuff up. They know it’s not gonna happen.”
Bipartisan attempts to change Section 230, on the other hand, have been more successful. SESTA-FOSTA, which was signed into law in 2018, removed Section 230’s protections if a website hosted third-party content that was found to facilitate sex trafficking. Wyden was one of just two senators to vote against its passage (Rand Paul, a libertarian-leaning Republican, was the other), and he thinks the law has been a disaster so far.
“SESTA-FOSTA, which was billed as the solution to sex trafficking, has ended up doing nothing to protect victims or bring sex traffickers to justice,” he said. “Instead, it’s driven sex work to the dark web and dark alleys, and statistics show that violence against sex workers has skyrocketed. The most vulnerable members of society are the ones who have paid the price, while members of Congress declare victory.”
(Not all lawmakers are so congratulatory: Democrats in both houses — some of whom even voted for SESTA-FOSTA’s passage — have proposed legislation to reexamine the law and its impact on sex workers.)
And now there are two bipartisan bills in the Senate that target Section 230. The EARN IT Act, which was introduced in March, does for child sexual abuse images what SESTA-FOSTA did for sex trafficking. It also gives individual states more power to sue tech companies according to their own laws. The PACT Act, introduced in June, would require Big Tech companies to be transparent to users about how they moderate content and force them to remove illegal content within 24 hours or else they’ll lose their Section 230 protections. It’s still early days for this bill, which was recently the subject of a Commerce Committee hearing. EARN IT, on the other hand, is now waiting for a floor vote.
Together, these two new bills show that the bipartisan interest in changing Section 230 is certainly there, and it’s not going away any time soon. Even Democratic presidential candidate Joe Biden has said he wants to get rid of Section 230 “immediately” because platforms like Facebook were “propagating falsehoods they know to be false,” citing anti-Biden ads and Russian bots.
How to make Big Tech mind its own business
This is not to say that Wyden is completely against regulating Big Tech, or ignorant of the tremendous power it now wields over society. Existing federal legislation gives the American people very little control over or knowledge of who gets our online data, what they get, where it goes, or how it’s used, and companies like Facebook and Google have profited massively off of it. That’s the problem Wyden wants to solve.
Wyden’s Mind Your Own Business Act would create privacy and cybersecurity standards, give consumers the ability to opt out of having their data sold or shared through a national Do Not Track system, and give the Federal Trade Commission (FTC) more authority and manpower to go after companies that violate the law.
“We’ve got tough privacy and cybersecurity standards for the companies that collect private data, we give the Federal Trade Commission some teeth so that they can go after companies that break the rules,” Wyden said.
It would also introduce sizable civil and criminal penalties for companies and executives who lie to the FTC, including 10 to 20 years in prison for executives who do so. Last year, Facebook recently agreed to a $5 billion settlement over privacy violations. It was a record-breaking fine by a large measure, but it’s not good enough for Wyden, who is frustrated by what he sees as the “lather, rinse, repeat” of big tech companies getting caught in “another privacy disaster,” apologizing and saying they won’t do it again, and then it happening again.
And the bill still tries to protect the little guy by only applying to companies with considerable revenue and customer base, as well as data brokers of any size. In Wyden’s words, “This is not for an itty bitty firm in Coos Bay, Oregon.”
But Wyden’s bill is stuck in committee, along with similar data privacy bills from Sen. Maria Cantwell, Reps. Anna Eshoo and Zoe Lofgren, Sen. Kirsten Gillibrand, and Sens. Mark Warner and Hawley. With the pandemic taking up a lot of Congress’s time, it’s exceedingly unlikely that much progress will be made on the data privacy legislation front in 2020.
Maybe next year, then. Wyden said he’s looking forward to a “productive 2021” consumer privacy laws, assuming Democrats do well in the upcoming election. In the meantime, Wyden still has a few data privacy issues on his plate. He’s preparing a bill that would prevent law enforcement from buying data from private companies they’d otherwise need a warrant for, and recently asked the FTC to investigate the ad tech industry’s “widespread privacy violations” through bidstream data.
Before we finished our conversation, I asked the Senate’s biggest privacy hawk what measures he takes in his own internet life.
“My favorite is just to change your password all the time,” he said. Sound advice, indeed.
Open Sourced is made possible by Omidyar Network. All Open Sourced content is editorially independent and produced by our journalists.
Support Vox’s explanatory journalism
Every day at Vox, we aim to answer your most important questions and provide you, and our audience around the world, with information that has the power to save lives. Our mission has never been more vital than it is in this moment: to empower you through understanding. Vox’s work is reaching more people than ever, but our distinctive brand of explanatory journalism takes resources — particularly during a pandemic and an economic downturn. Your financial contribution will not constitute a donation, but it will enable our staff to continue to offer free articles, videos, and podcasts at the quality and volume that this moment requires. Please consider making a contribution to Vox today.