Last week the Senate Judiciary Committee’s Subcommittee on Privacy, Technology, and the Law held the first of what will probably be many hearings on the privacy implications of facial recognition software. Much of the conversation somewhat predictably focused on how companies are making use of this new technology, and we agree that care should be…
Consumer privacy is an area of policy where companies can and must work alongside their users to protect data while providing their services. Companies should design products with privacy in mind from the start, following Fair Information Practice Principles (FIPPs) such as transparency, choice, and security. The questions posed today revolve around how companies should go about implementing those FIPPs, who should enforce those principles, and how we can maintain the flow of data, particularly across borders, while still protecting users.
The best way to manage this process is through multi-stakeholder convenings with the goal of developing codes of conduct that can be enforced by the FTC. By bringing everyone to the table, companies, civil society, academics, and others can collaborate, understand the issues, and reach results that protect privacy, give users the information and choices they need, and still be flexible enough to allow for innovation and the development of services. The Commerce Department and the World Wide Web Consortium have both instituted projects along these lines, and positive outcomes seem possible.