Consumer privacy is an area of policy where companies can and must work alongside their users to protect data while providing their services. Companies should design products with privacy in mind from the start, following Fair Information Practice Principles (FIPPs) such as transparency, choice, and security. The questions posed today revolve around how companies should go about implementing those FIPPs, who should enforce those principles, and how we can maintain the flow of data, particularly across borders, while still protecting users.

Balance is the prevailing question when examining privacy policy. The desire to bring the power of government to bear on a the problem is a strong one, but it must be set against the need to encourage innovation and the incredible social value of big data. Too much regulation risks creating too-high barriers to entry for new services and may even prohibit the creation of services that users would actually want to take advantage of and that uses personal data respectfully. Walking this line is a cautious process.

The best way to manage this process is through multi-stakeholder convenings with the goal of developing codes of conduct that can be enforced by the FTC. By bringing everyone to the table, companies, civil society, academics, and others can collaborate, understand the issues, and reach results that protect privacy, give users the information and choices they need, and still be flexible enough to allow for innovation and the development of services. The Commerce Department and the World Wide Web Consortium have both instituted projects along these lines, and positive outcomes seem possible.

Most Recent Statements & Filings:

Online Behavioral Advertising in the EU – The Need for User ‘Consent’

The advertising industry has drafted a self-regulatory framework this year to meet legal requirements regarding the placement of cookies on Internet users’ machines for the purpose of online behavioral advertising. This framework, drafted in response to legal requirements, is based on an opt-out approach. The approach would enable Internet users to obtain relevant information about the purpose…

Read more

ECPA Petition Urges Reform

CCIA has been deeply involved for a long time in efforts to convince Congress to give the Electronic Communications Privacy Act (ECPA) the attention it deserves. ECPA, written in 1986, dictates under what circumstances the government may demand a person’s information when it is stored online. The law predates much of what we know as…

Read more