Obama administration calls for an online privacy bill of rights [Updated]
The Obama administration Thursday called for Internet businesses to develop a set of practices to protect consumer data that would be akin to a privacy bill of rights and for a new government office to oversee that effort.
The recommendations come in a long-awaited 88-page report entitled "Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework." Drafted by a special Internet Policy Task Force set up by the Commerce Department, the report comes amid an increased focus by Washington policymakers on protecting consumers' online information.
Earlier this month, the Federal Trade Commission issued its own online privacy report, calling for the industry to develop a do-not-track mechanism in Web browsers to allow people to block sites from collecting information. Consumer groups have pushed for lawmakers to enact legislation mandating such an option, which would be similar to the popular do-not-call list designed to block phone calls from telemarketers.
The FTC report didn't endorse legislation, but left that option open if the industry doesn't act voluntarily. The Commerce Department is taking a less forceful approach, stressing the need for businesses to work cooperatively with government to develop new ways to protect consumer online information, although it noted that "in certain circumstances, we recognize more than self-regulation is needed."
“America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs, and economic growth. Self-regulation without stronger enforcement is not enough," said Commerce Secretary Gary Locke. "Consumers must trust the Internet in order for businesses to succeed online.”
A key recommendation is for companies to develop "a clear set of principles" about how they collect and use personal information for commercial purposes. Such Fair Information Practice Principles would be comparable to a "privacy bill of rights" that would give consumers more detail about data policies and put clearer limits on its use, the Commerce Department said.
[Updated at 9:25 a.m.: The privacy bill of rights would be based on codes of conduct developed from privacy principles that businesses would agree to voluntarily, making them enforceable by the FTC. But the Commerce Department recognizes there are limits to such an approach and is open to legislation that would enshrine certain privacy principles in law that all businesses would be required to follow.
"We hope we can get people to the table for broader adoption of these enforceable codes of conduct, but we recognize we have no authority to compel participation or compliance," said Daniel Weitzner, associate administrator for policy at Commerce's National Telecommunications and Information Administration.
He stressed the report is just a draft and that the Commerce Department is seeking public comments through Jan. 28 on issues such as whether legislation is needed to protect consumer data.
But some consumer groups blasted the report for not calling for privacy legislation and being too friendly to industry.
The report also calls for U.S. officials to work with other countries to harmonize privacy policies and to develop a new comprehensive national approach for notifying consumers about data breaches.
-- Jim Puzzanghera
Illustration: Wes Bausmith/Los Angeles Times