There may not be a lawmaker in Congress who has done more to shape the internet than Sen. Ron Wyden (D-OR). As a congressman, Wyden co-authored Section 230 of the Communications Decency Act, a piece of legislation that, in 1996, limited internet companies’ liability for what was posted on their platforms by third parties. For better or worse, Section 230 built the internet as we know it, allowing companies like Facebook to become the giants they are today. In his more than two decades as a senator since then, Wyden has continued to be a staunch defender of internet freedoms, introducing net neutrality legislation as far back as 2006 and spearheading the congressional fight over SOPA/PIPA, a legislative battle that ignited the internet and helped set the modern playbook for digital activism.

But the internet looks very different than it did in August 1995, when Wyden, who was promoting the amendment that would form Section 230, warned of “an army of censors” employed by the government who would “spoil a lot of the Net’s promise.” Now, another troubling threat has emerged: the tech enterprises Wyden once helped defend.

In August 1995, Wyden warned of “an army of censors” employed by the government

Over the last year, serious questions have emerged about Facebook’s mishandling of user data, children’s videos on YouTube, harassment and abuse on Twitter, and unscrupulous use of Google’s search system. Add to that last year’s FCC vote to repeal net neutrality, and you have an industry in the throes of a crisis. “Back then, I think there was an awareness of the fact that there might be significant privacy issues, but I don’t think anybody was talking about an Exxon-Valdez of privacy the way people talk about it today,” Wyden says.

On July 18th, The Verge sat down with Wyden on Capitol Hill to discuss the tech industry’s troubled state. For a technophile, his office is notably analog: a mountain of paper on his desk obscures an Economist and a copy of James Comey’s A Higher Loyalty, and on display are books by his father, the journalist Peter H. Wyden. Recent news made our conversation topical: just hours before, the European Union had levied a massive, $5.1 billion fine against Google for alleged anti-competitive practices. During our meeting, Wyden suggested that it was time for Congress to take a harder look at Big Tech and even hinted that legislation on the data privacy front was forthcoming.

The slim, six-foot-four lawmaker has a tendency to bang the table with the palm of his hand as he works his way through an issue, giving a hint of the studied intensity with which he famously grilled a former director of National Intelligence on digital spying programs in 2013. For his role in pressuring Tinder to fix a security flaw, a reporter last month called Wyden a “one-man Consumer Internet Protection Bureau” — a compliment he now describes as “very nice,” although, he adds, “aren’t we supposed to have an agency doing this?”

This interview has been edited for length and clarity.

Let’s go all the way back to 1996 and talk about Section 230. I think historians are completely in agreement that this is the law that made the internet what it is today.

We thought it was going to be helpful. We never realized it was going to be the linchpin to generating investment in social media. We envisioned that the law would be both a sword and a shield. A shield so that you could have this opportunity, for particularly small and enterprising operations to secure capital, and then a sword [by allowing them to moderate without facing liability over the practice], which said you’ve got to police your platforms. And what was clear during the 2016 election and the succeeding events surrounding Facebook, is that technology companies used one part of what we envisioned, the shield, but really sat on their hands with respect to the sword, and wouldn’t police their platforms.

There was a Slate headline recently that said Section 230 was the law that let Silicon Valley “stay clueless.” Is it time to look at changing 230?

I think the ball right now is in the industry’s court with a sense of urgency. If they don’t step up and use the sword of the law to police their platforms, whether they like it or not, there’s no question that there will be additional efforts, basically built around the proposition, don’t tell us your pipes are neutral. They’re not. They’re pipes that have to be used for the benefit of society.

Does that mean changing 230 or adding new legislation?

It’s not rocket science. It’s already been done as it related to sex trafficking. My view with respect to the sex trafficking issue is a real net effect. It’s going to drive the bad guys into the dark web, places you can’t get to with a search engine. I think that this issue will present different ways. But you want to know the future of Section 230 from one of the authors? The industry better start using the sword, part of the two-part package, or else it isn’t going to be in their hands.

“Don’t tell us your pipes are neutral. They’re not.”

Let’s talk about Facebook specifically. During the Zuckerberg hearings especially, we saw a lot of heat around tech issues. But since then, it seems like a lot of these big companies might get through this without any legislation or really any action.

I think there is going to be a need for legislation. Let me walk you through it. I’ve already made it clear: I think the public has a right to control their own data. I think what is needed are clear, enforceable rules to make sure that the companies get explicit consent from their consumers to use consumers’ data. Not some kind of, “Well, it’s back there in page 75” of some kind of agreement in small print — that if you happen to have been a lawyer specializing in a degree in small print, you know something about it. Consumers have the right, in my view, to view and remove what companies have about them on their personal data, so that what belongs to them really continues to belong to them. And then, I think companies are obligated to tell users when their privacy is compromised in data breaches, and, clearly, that has not been done in the past and certainly hasn’t been done quickly. And the last part — and I’ll have some more to say about this before too long — there’s going to have to be somebody on the beat, in terms of [a] cop on the beat with respect to data.

Are you concerned about the role Facebook has in American democracy?

Yeah, of course. I think that if they’re given a pass after all the problems that have come to light, I think we’ll see a whole new wave of problems. There will be more and more inventive ways to do this. If Facebook is allowed to get through this with glorified business as usual, and cozy, gauzy ads on TV about how this is not going to be Facebook anymore, I think we will see more of what we’ve seen the last few years: the milking of peoples’ data for private profit.

Let me ask you this: is it time to break up Facebook?

I’m much more interested today in these kinds of immediate consumer protection reforms. We’ve got to fix what is broken. We know, clearly, some of the key elements I just outlined to you, in terms of consent, the ability to verify and correct the record, and the like. I’m much more interested in that than a sure-to-be more time-consuming discussion of just using antitrust and breaking them up. Let’s put it this way: the Europeans are being very aggressive in terms of promoting competition, [and] they’re not even there yet.

But wouldn’t antitrust action also alleviate some of the problems?

I’m not going to take anything off the table. But I think the steps I’m outlining today are the ones that are going to make the biggest difference for the American consumer.

Apart from control of personal data, a lot of people are concerned about Facebook’s moderation calls. Recently, the company came under fire for not banning Infowars. Do you agree with Facebook’s decision?

I’m somebody who has consistently tried to find ways to get the spirit of the First Amendment out there, but we’re having some real thoughts with respect to Infowars.

What are your thoughts?

I think we know that there’s a real potential for downside. And on some of these issues, you have to square your First Amendment concerns with the potential downsides.

Does that concern you? That Facebook won’t act on this?

For me, it’s a battle between my heart, which is with the First Amendment. So my heart’s with speech being out there and peoples’ opportunities to make judgment. But I’m concerned about what I’ve heard.

“We’re having some real thoughts with respect to Infowars.”

During the Zuckerberg hearings, a lot of lawmakers revealed large gaps in knowledge around technology. Do feel like lawmakers aren’t informed enough to legislate these tech companies?

This wasn’t the Senate’s finest moment. But it wasn’t very long ago, as I indicated, when we really only had one senator who knew how to use a computer. It was Pat Leahy.

One thing we hear a lot from Facebook is, “We messed up, but we’re trying to improve.” When you hear that, do you think that’s sincere?

[sighs] I’m not convinced that they’re tackling the fundamentals. Because the fundamentals, I’m sure some of them are saying, will cut into our profits. “If we have explicit consent, if we give consumers these additional rights, maybe we’ll make less money, and maybe some of these folks on Capitol Hill are just going to have the attention span of a tsetse fly and move on to the next thing.” People who know me on technology know that that’s not the way I do it.

Since the net neutrality repeal, we’ve seen states stepping in through executive order or by their own legislation, regulating net neutrality themselves. Is that what should be happening?

I think that what the states are doing is useful. Obviously, the states can have a role over the purchasing power they have in terms of contracts over various kinds of services, employing various kinds of employers. I think it’s a good idea. And from a political standpoint, it helps to create a juggernaut across the country when you see all these states coming together.

A lot of net neutrality supporters are putting their faith in the Congressional Review Act. But I think there’s also a skepticism that that’s actually going to go through — it would essentially require the president’s signature.

We’re fighting on all fronts. The Congressional Review Act gives us an opportunity again to drive home what’s at stake. So we’ll be involved with the House on the Review Act. We’ll continue to work with the states. As you know, we think we’re in a pretty strong position in terms of the legal system.

“Why is the United States AWOL on this?”

You alluded to GDPR. Just recently, the EU levied the largest antitrust fine in history against Google: $5.1 billion. Is the US ceding responsibility for regulating tech companies to Europe right now?

If Congress doesn’t take steps that I’ve outlined with you, yes. Basically, people are going to say, “Why is the United States AWOL on this?” This [GDPR] has just gone into effect at the end of May, and we’re talking this morning about something that is a very dramatic decision, but one of the earlier ones. I think this just drives home the urgency around the agenda that I’ve just outlined for you.

Do you support an American version of GDPR then?

I think I support what I’m talking to you about. I’ve always felt that on most of the big issues, like health care [and] technology, we need American solutions. We can always look at good ideas from elsewhere, but I think the steps that I outlined — three or four, in particular — and then having a federal agency — my gut tells me the Federal Trade Commission — riding point on it, constitute the best steps for us today.

Is there a tech policy issue that you’re concerned is being underfocused on right now?

I do think the issue that we’re talking about today, about whether Facebook is going to get a pass — in other words, they had these hearings, they made these promises, there are a bunch of gauzy TV commercials — is very much on my mind. Which is why I wanted to outline where we’re going. We’ll have some more to say about it. But if Congress and the country were to give Facebook a pass after what’s happened in the last few months, I think it would be like setting up a sign, “Open for business. We’re really not going to fight you if you exploit consumers and use their data in a way they consider hostile to their interests.” It’s like an open invitation for more of the same if you give Facebook a pass.