The Department of Commerce’s Internet Policy Task Force is now asking for public comments on their privacy report. Last week they released what they are terming a “green paper” entitled “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.”
This document is a preliminary attempt to explore current privacy protections here and around the world, and to discover how to enhance privacy protection for consumers while still preserving innovative on the Internet.
CCIA supports much of what the Department of Commerce has written, and has concerns that we would like to see the new framework address. For example, the report seems to focus on consumer privacy from websites, while not mentioning the potentially greater privacy invasions from Internet service providers, who have access to every online communication a consumer makes, -- regardless of destination. We look forward to the opportunity to work closely with our members and provide comments ahead of the Jan. 28th deadline.
The framework’s approach to modern privacy protection is a forward-looking amalgamation of baseline fair information practices along with what they describe as voluntary but enforceable flexible codes of conduct that would be both approved and enforced by the Federal Trade Commission. These codes of conduct could be tailored to industries or business models that do not fit simply into the fair information practice principles.
Of the common fair information practice principles, the framework focuses on four: transparency, purpose specification, use limitation, and auditing. In emphasizing transparency, the Department of Commerce echoes what the Federal Trade Commission also highlighted in their report of December 1st. CCIA approves of this, and encourages including transparency as a fundamental principle in any new scheme of privacy protection.
We are also happy to see that the Department of Commerce included a section on the problems with electronic surveillance and information privacy. As we have mentioned in our comments on privacy in the past, the Electronic Communications Privacy Act is outdated and no longer reflects the realities of how consumers store their data online. We’re glad to see that the green paper indicated a willingness to explore this problem further by the administration.
Finally, the report leaves as an open question how the proposed framework should be implemented. Commerce acknowledges that legislation may be one avenue, but also suggests that a flexible multi-stakeholder collaborative process may result in privacy rules that are better tailored to the quirks of individual industries -- while still being backed up by strong FTC enforcement.