Could Obama’s Privacy Plan Threaten the Internet?

    February 28, 2012

The ongoing debate over online privacy is in the spotlight once again. However, this time, it’s the White House that’s at the center of the controversy.

Last week, the Obama Administration announced a privacy plan that would give consumers more control over their data. In the first-ever introduction of federal privacy policy, the White House proposal calls for Internet companies, privacy groups, law enforcement agencies, and state attorneys general to work together and develop voluntary standards to ensure the highest protections for consumer data.

Would you like to see consumer privacy protected through regulation? Why or why not? Share your thoughts here.

(image) In the White Paper released by the Administration, President Obama wrote:

One thing should be clear, even though we live in a world in which we share personal information more freely than in the past, we must reject the conclusion that privacy is an outmoded value. It has been at the heart of our democracy from its inception, and we need it now more than ever.

Prior to the White House’s announcement, WebProNews spoke with Jules Polonetsky, the Director of the Future of Privacy Forum, who predicted that privacy legislation would ultimately come to the U.S.

“I think it’s clear that we are… eventually going to have a privacy law. The question is, whether it’s gonna be a good one,” he said. “If we are able to craft privacy law that supports innovation [and] gives users more protection, we’ll win.”

The framework from the President consists of 4 parts including a Consumer Privacy Bill of Rights, a multi-stakeholder process to determine how the rights will apply to the context of business, an adequate enforcement model, and a commitment to strengthen interoperability between the privacy standards in the U.S. and its global partners. The “Bill of Rights” specifically offers the following provisions:

  • Individual Control: Consumers have a right to exercise control over what personal data organizations collect from them and how they use it.
  • Transparency: Consumers have a right to easily understandable information about privacy and security practices.
  • Respect for Context: Consumers have a right to expect that organizations will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data.
  • Security: Consumers have a right to secure and responsible handling of personal data.
  • Access and Accuracy: Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data are inaccurate.
  • Focused Collection: Consumers have a right to reasonable limits on the personal data that companies collect and retain.
  • Accountability: Consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.

The “Bill of Rights” would be governed by multi-stakeholders, which the Department of Commerce’s National Telecommunications and Information Administration (NTIA) is heading up. The proposal also asks Congress to grant the FTC and state attorneys general the power to enforce the “Bill of Rights.”

In order to promote global interoperability, the White House hopes to create “mutual recognition and enforcement cooperation” between countries. The idea is to make it easier for companies that transfer data across national borders.

Although the plan comes at time when privacy issues are at an all-time high, it is not completely welcomed by all. Privacy groups are pleased with it for the most part, but some of them have expressed concerns over the enforcement of it.

(image) Adam Thierer, who is a senior research fellow at the Mercatus Center at George Mason University, also raised other concerns in an interview with WebProNews. According to him, the White House’s privacy framework is very similar to Europe’s privacy model, which he does not think is a good path for the U.S.

“If we went down the path that the Obama Administration’s proposing here, we would, in a fairly aggressive and comprehensive way, be establishing a new privacy regulatory framework for America,” he said.

Thierer told us the framework presents some good policies at the core, but he fears the “unintended consequences.” As he explained, the U.S. has traditionally taken a very bottom-up approach to privacy, while Europe has taken a more top-down approach driven by data directives and central data agencies.

“The path that Europe took a dozen years ago, which is again more heavy-handed and regulatory in focus, has led to a situation that’s very different for a lot of online providers in Europe to do business as effectively as they can here,” said Thierer.

If the plan is fully executed, he believes the cost of doing business for many companies would increase since most of them make money through behavioral advertising methods. Data aggregation and other forms of behavioral advertising provide the revenue to back free services such as Web-based email and social networks that consumers depend everyday. If regulation limits these tactics, not only could these services result in paid products, but it could also decrease future innovations.

“Information is the fuel that powers the digital economy,” Thierer pointed out.

Another concern that Thierer has is that regulation could negatively impact U.S. competitiveness. He believes that America’s lack of regulation has resulted in multiple global leaders in the digital marketplace.

“It’s tough for me to name any major European companies in the social media or digital space that are global leaders,” he said. “I don’t think that’s an accident.”

He went on to say that the U.S. fears if it doesn’t conform to some of the guidelines that other nations do, it would not have a voice, which would give Europe more control over U.S. businesses. Thierer admits that this is a “fair concern” but suggests the U.S. should defend and promote its practices instead of adopting the others.

Under the White House’s proposal, agencies, particularly the FTC and the Department of Commerce, would have to be very aggressive in making sure companies were abiding by the policies. Interestingly, we’ve already seen an increased effort in this regard as both Google and Facebook have experienced a lot of scrutiny recently.

Google has especially been under fire for its new privacy policy that is set to go into effect on March 1. But, Thierer told us the companies that collect data without permission should be the greater focus of the framework.

The proposal indicated that privacy controls were needed for “maintaining consumer trust in network technologies,” “sustaining the trust that nurtures Internet commerce and fuels innovation,” and for ensuring greater “participation in a democratic society.” However, as Thierer pointed out, it doesn’t appear that consumers are shying away from sites like Facebook or Google.

While he thinks the FTC and other agencies should actively enforce laws to protect consumers, he is concerned that an increased regulation would only result in harm.

“Whether we like it or not, the Federal Trade Commission is sort of becoming America’s de facto data agency,” said Thierer.

“It’s clear that there’s a lot more oversight on the way from Washington on privacy,” he added.

Incidentally, the Digital Advertising Alliance (DAA) has spoken out in support of the Administration’s proposal. More than likely, the alliance is making sure that it has a seat at the table when policies such as a “Do Not Track” are implemented.

Thierer told us a better approach to privacy concerns would be a more selective or “as needed” type of solution. For example, he believes narrow laws pertaining to specific sectors would be better and would help to develop the marketplace.

Thierer also pointed out that consumers need to take more responsibility for their actions online. He thinks educating consumers about their digital footprint and how they can have “better data hygiene” is a very important part of solving privacy issues.

“I think that the personal responsibility angle deserved more than the one paragraph that it got in the Obama Administration’s report,” he said.

In the proposal, the Administration has asked Congress to adopt the Consumer Privacy Bill of Rights and give the FTC and state attorneys general the power to enforce them. However, both Thierer and Polonetsky told us that it was very unlikely that anything would happen in this regard this year given the election year and other pressing issues. In other words, it looks like this debate is only going to continue.

Where do you stand on these issues? Is President Obama’s framework the answer to privacy concerns? Or, does it threaten the future of the Internet and digital development? We’d love to hear what you think in the comments.