The COVID pandemic has resulted in more people turning to the internet to stay engaged with their communities. People are working, learning, and interacting online more than ever. With more Americans active online, the protection of consumer privacy on the internet must become a policy priority for lawmakers.

Recent studies show that 92 percent of Asian-Americans have access to broadband and computers, more than any other racial group in the United States, while the number for Native Hawaiian/Pacific Islanders stands at 82 percent. With such a large internet presence, the ILF recognizes that consumers in the AAPI community has a significant interest in controlling what personal data is collected and understanding how that data is used. This understanding and control is even more valuable given the increased threat of breaches to companies that collect data.

According to a report from the Identity Theft Resource Center, 2021 saw the most amount of data breaches ever, with the number of breaches through September 2021 matching the total amount in 2020. Social media companies were among the targets of hackers that leaked the personal information of users. More worrisome are the threats posed to more sensitive personal healthcare information. According to the U.S. Department of Health and Human Services Office of Civil Rights, more than 550 organizations reported healthcare data breaches to HHS in 2021, impacting over 40 million individuals. The trend in cyber incidents and breaches is not likely to abate any time soon, as the pandemic has only increased our reliance on digital tools and record-keeping across all sectors of the economy.

In 2021, 32 million Facebook users in the United States had information such as phone numbers, locations, and email addresses leaked. LinkedIn was also the target of a breach that compromised the personal information of 700 million users. The names, phone numbers, geolocations records, and email addresses of LinkedIn users were exposed and put up for sale. With 83 percent of the AAPI community active on social media, these attacks put much of the AAPI community at a higher risk of identity theft. The AAPI community, along with all internet consumers, are entitled to action that addresses these threats and restores trust in the security of their personal information.

Despite the growing threat to the privacy of personal data, the United States is still without federal legislation protecting internet privacy. In 2021, Virginia and Colorado became the first states to enact legislation aimed at protecting internet users, with more states expected to follow in 2022. However, to fully secure privacy protections, state by state laws will not be enough.

Comprehensive, federal legislation will need to be enacted to thoroughly protect the privacy rights of internet users. Companies must be required to set up safeguards that prevent against breaches that expose personal information. Consumers must also be given transparency and control related to what personal data is collected, who it is shared with, and how it is used. Such actions are critical to rebuilding the trust lost as a result of these breaches to personal data.

Without a uniform set of rules to govern how data is collected and protected on the internet, the AAPI community will continue to be left vulnerable to the harm caused by privacy breaches. Credit card, medical, and other information will be unprotected from improper and unlawful exposure. The risk of personal and economic harm will continue to loom over the heads of consumers without federal action that puts privacy protections into law. The International Leadership Foundation encourages Congress to take action to address these threats. Federal action on the issue will give the AAPI community, along with all internet consumers, the confidence in their data security that they deserve.