Yesterday the European Commission released their proposal for a new data protection law for the European Union. While CCIA is glad to see the EU working on updating the old Data Protection Directive from 1995, there are some aspects of the proposal that are serious cause for concern and we believe must be addressed if…
Consumer privacy is an area of policy where companies can and must work alongside their users to protect data while providing their services. Companies should design products with privacy in mind from the start, following Fair Information Practice Principles (FIPPs) such as transparency, choice, and security. The questions posed today revolve around how companies should go about implementing those FIPPs, who should enforce those principles, and how we can maintain the flow of data, particularly across borders, while still protecting users.
The best way to manage this process is through multi-stakeholder convenings with the goal of developing codes of conduct that can be enforced by the FTC. By bringing everyone to the table, companies, civil society, academics, and others can collaborate, understand the issues, and reach results that protect privacy, give users the information and choices they need, and still be flexible enough to allow for innovation and the development of services. The Commerce Department and the World Wide Web Consortium have both instituted projects along these lines, and positive outcomes seem possible.