The White House on Thursday released a report outlining the Obama Administration’s goals for protecting consumer privacy as more and more of our personal lives end up online.
“Never has privacy been more important than today, in the age of the Internet, the World Wide Web and smart phones,” President Obama wrote in a statement at the beginning of the report.
The report calls upon Congress to pass a “Consumer Privacy of Bill of Rights,” going on to outline just what the White House wants to see in such legislation — 7 tenets, to be specific: Individual control, transparency, respect for context, security, access and accuracy, focused collection and accountability.
As for who should enforce the bill, the report is abundantly clear that the Administration wants to “strengthen” the Federal Trade Commission (FTC) and give it the primary responsibility, and power, to watch the companies watching us.
The report also calls upon industry leaders to implement their own practices in line with the “Consumer Privacy Bill of Rights,” saying that the FTC will be watching, and that the agency will not hesitate to take action against companies found to be violating consumer privacy.
The FTC has notably already been doing this, going after high-profile targets Google and Facebook in recent years, finding both companies to have failed to give consumers adequate tools to protect privacy, and making each one agree to a similar settlement to undergo 20 years of privacy audits.
Indeed, although Google and Facebook aren’t named specifically in the report, it’s likely they are high on the White House’s list for companies that should be leading the way on this new policy.
A pivotal part of the Obama administration’s strategy is getting the private sector and industry self-regulating and lobbying groups to voluntarily adhere to some privacy standards, what the report calls a “multistakeholder” process.
Facebook was quick to respond to the report, with Erin Egan, Facebook’s chief privacy officer of policy releasing the following statement to the press:
“We applaud the Commerce Department’s privacy framework for seeking to both honor the expectations consumers have when they use online services and promote the innovation that has fueled the growth of the Internet into an engine of job creation and a provider of invaluable services to consumers. We appreciate the Department’s attention to guiding principles like control, accountability, and transparency, which are core to Facebook’s commitment to its users. Additionally, we look forward to participating in the process convened by NTIA to develop enforceable codes of conduct while balancing the public’s demand for new ways to interact and share.”
Already, the White House’s involvement seems to have spurred some change from within the industry.
On Thursday, timed to coincide the the report’s release, the Digital Advertising Alliance, an industry group representing 400 companies, including Google, announced it would reverse course and support a universal “Do Not Track” button to be included in all major Web browsers, which would stop online advertisers from collecting information about users and creating profiles about them without their expressed knowledge and consent.
The FTC has been calling for such a button since December 2010, and advocacy groups even longer than that. Various browsers have all offered such solutions, but in piecemeal, and not with the support of the rest of the industry. Now that appears to be changing.
As the Wall Street Journal reported:
Speaking for the industry, Stuart Ingis, general counsel for the Digital Advertising Alliance, said the decision to adopt do-not-track is an “evolution” of the industry’s approach. Previously, the industry had been pushing for consumers to “opt out” of Web tracking by clicking on icons in individual advertisements that offered consumers a choice of blocking the customized ads. Mr. Ingis said that the industry will continue that approach while it’s in the process of adopting the do-not-track system.
“We’re pleased to join a broad industry agreement to respect the ‘Do Not Track’ header in a consistent and meaningful way that offers users choice and clearly explained browser controls,” said Susan Wojcicki, Google’s senior VP of advertising, in a statement to TPM.
As another example of how the process should work, the report points to several existing Web industry groups, including the Internet Corporation for Assigned Names and Numbers (ICANN), the nonprofit corporation based out of California that governs the Internet’s domain name system (Web addresses).
Of course, its also worth pointing out that ICANN has been criticized recently for being a “revolving door” to other industry groups and has taken heat for introducing a new generic top-level domain, “.xxx,” designed for adult websites, and then further expanding the domain name system to “dot anything.”
The report’s wish list for what practices companies should abide by isn’t exactly novel, following what advocacy groups such as the Electronic Frontier Foundation have called for for years, but it is quite lengthy.
A few stand-out requests: “If consumers grant consent through a single action on their computers, they should be able to withdraw consent in a similar fashion,” the report states.
It also points out common consumer frustrations with small mobile device screens that make reading full privacy notices difficult, noting that companies should take into account screen size when presenting consumers with that information.
That particular request comes on the heels of an agreement reached on Wednesday evening between the California Attorney General’s office and mobile operating system makers Google, Apple, Research-In-Motion, Amazon and HP to allow consumers to review the full privacy policy of any mobile application prior to download. The agreement also forces all apps to present their privacy policies on app stores. Previously, apps often provided privacy policies to users after download or didn’t make them easily available to read at all, as the Next Web illustrated.
Overall, its still unclear if Congress has the appetite to come together and pass some version of the President’s “Consumer Privacy Bill of Rights.” But if the way lawmakers have recently gone after Google over its attempt to update its privacy policy is any indication, then maybe this is one area both sides will actually agree on.
