Big Tech Under Scrutiny as White House Looks to Align Policy Approach with Europe


Lawmakers are also trying to beef up resources for domestic privacy and cybersecurity enforcement at an emboldened Federal Trade Commission.

U.S. and European Union leaders will try to get on the same page about data governance and a range of related issues during the first meeting this month of a Trade and Technology Council they’ve created.  

The meeting, announced in a White House press release Thursday, is scheduled for Sep. 29 in Pittsburgh, Pennsylvania. It will include Secretary of State Antony Blinken, Secretary of Commerce Gina Raimondo, U.S. Trade Representative Katherine Tai, and European Commission Executive Vice Presidents Margrethe Vestager and Valdis Dombrovskis.  

The U.S. representatives are co-chairs of the new council which President Joe Biden, European Commission President Ursula von der Leyen and European Council President Charles Michel established “to expand and deepen trade and transatlantic investment ties and update the rules of the road for the 21st century economy.”

“Building on our shared democratic values and economic relationship — the world’s largest — we look forward to working together to ensure trade and technology policies deliver for our people,” National Security Council Spokesperson Emily Horne said in the release.

The new council will have ten groups working to achieve consistency on “technology standards cooperation, supply chain security, climate and green technology, ICT security and competitiveness, data governance and technology platforms, the misuse of technology threatening security and human rights, export controls, investment screening, global trade challenges, and access to, and use of, digital technologies by small and medium enterprises,” Horne said.

European authorities have aggressively pursued major U.S. firms like Google and Facebook over violations of the General Data Protection Regulation, which includes provisions for breach notifications within 72 hours. U.S. lawmakers are having related debates about when companies should be required to report cybersecurity incidents. 

Sen. Mark Warner, D-Va., has proposed legislation that would impose fines for companies that don't report incidents meeting certain criteria, while House Homeland Security Committee leaders have taken a more industry-friendly approach that employs subpoenas instead of fines.

“For too long, the U.S. position on digital trade has been to promote continued laissez faire, even as we saw the downsides of this approach to technology governance over recent years,” Warner said in a statement praising the White House announcement. “I am hopeful that Secretary Blinken, Secretary Raimondo and Ambassador Tai will work with our European allies to update our digital trade policies to promote innovation, privacy, competition, and consumer protection.”

The incident notification issues represent a small slice of Warner’s interest in U.S.-EU technology collaboration. He’s also successfully pushed for funding to promote standards cooperation and a unified front in the face of supply chain challenges presented by China.

On Thursday, House Energy and Commerce Committee leadership proposed $10 billion of a $3.5 trillion spending package lawmakers are negotiating go to the Commerce Department for related activities. The money should be used “for critical manufacturing supply chain mapping and monitoring; facilitating and supporting the establishment of voluntary standards, guidelines, and best practices; identifying, accelerating, promoting, and demonstrating technological advances for critical manufacturing supply chains; and providing grants or other financial assistance to eligible entities,” according to a committee memo.

The committee also proposed boosting the budget of the Federal Trade Commission, now chaired by big tech rival Lina Khan. The lawmakers are proposing a $1 billion increase “to create and operate a new bureau dedicated to stopping unfair and deceptive acts and practices related to privacy violations, data security incidents, identity theft, and other data abuses.”