The Privacy Shell Game, Part 2
"The consumer privacy bill of rights must be extremely narrow to fall under the purview of the FTC's authority and existing laws," said attorney Yasha Heidari. "As such, the FTC most likely cannot create or enforce any policies, rules or regulations pertaining to data retention and the issues that matter most to protecting consumer privacy."
03/09/12 5:00 AM PT
The White House has proposed a consumer privacy bill of rights, a step that could result in new laws regarding what companies can do with information about their online customers and users. Privacy advocates are cautiously optimistic, though some fear the result will be laws rendered toothless by lobbyists.
Other critics already see problems in the way the proposal is structured.
The proposed bill of rights suggests the Federal Trade Commission (FTC) can legally enforce codes of conduct if they are affirmatively adopted by companies subject to the FTC's jurisdiction.
The term "affirmatively adopt" means that a company can decide to voluntarily subject itself to the privacy bill of rights, said Yasha Heidari, managing partner at the Heidari Power Law Group.
"This is a very confusing aspect of the proposal," T. Barton Carter, professor of communication and law at Boston University, told TechNewsWorld. "The administration needs to clarify that. If companies can simply refuse to adopt the code and avoid enforcement, then it is relatively useless."
This emphasis on voluntarily adoption will "present an enormous challenge for enforcement" David Jacobs, consumer protection fellow at the Electronic Privacy Information Center (EPIC) said. However, companies "may see voluntary adoption as a technique to stave off legislation," Jacobs told TechNewsWorld.
The bigger problem is that the Obama administration's statements "have no binding effect when it comes to interpreting any laws," Heidari told TechNewsWorld.
"The consumer privacy bill of rights must be extremely narrow to fall under the purview of the FTC's authority and existing laws," Heidari explained. "As such, the FTC most likely cannot create or enforce any policies, rules or regulations pertaining to data retention and the issues that matter most to protecting consumer privacy."
The Almighty Dollar
At stake for online companies is the enormous amount of revenue they can generate from ads.
By 2016, advertisers will spend US$77 billion on interactive marketing, Forrester predicts.
That will turn consumer electronics into audience-targeting tools.
"Digital channels are an increasingly important link in the relationship between brands and customers," Paul Barrett, global program director for Teradata, told TechNewsWorld.
In order to grab a slice of the digital marketing pie, online companies such as Facebook and Google will need to be able to leverage to the max any consumer data they gather.
"To effectively compete, provide the best customer experience and to improve products and services, marketers need to analyze their digital data," said Stephanie McReynolds, director for product marketing for Aster Data.
"More data about brands is being created in the digital space outside the corporate footprint," McReynolds told TechNewsWorld. Access to customer data provided by companies such as Google and Facebook is very important to modern marketers.
The White House, Congress and Politics
The Obama administration has pledged to work with congress to develop legislation based on the online consumer privacy bill of rights. However, it's uncertain as to whether or not it can do so.
Cybersecurity is one of the many issues over which the White House and Congress have been at odds. Congress has repeatedly failed to pass cybersecurity legislation the Obama administration proposed to it in May.
In January, a group of senators presented the Cybersecurity Act of 2012, which is endorsed by the Obama administration, to Congress.
Republican senators countered that by presenting an alternative bill known as the Secure-IT Act, on March 2.
The bipartisan effort by Senators John McCain and John Kerry in April to introduce the Commercial Privacy Bill of Rights Act of 2011 shows there's some support in Congress for protecting privacy, Darren Hayes, CIS program chair at Pace University, told TechNewsWorld. "However, convincing hundreds of legislators in the House and Senate is an entirely different matter."
On the other hand, this is an election year, as Boston University's Carter pointed out. That means we can't rule out a possible meeting of the minds between Congress and the Obama Administration on privacy issues. "If both sides see a political advantage, then something will happen," Carter said.
Feds Bipolar About Privacy
The federal government's divided at various levels on the question of privacy.
On the one hand, security agencies such as the FBI and the U.S. Department of Homeland Security (DHS) seem to give the battle against terrorism precedence over consumer privacy.
The FBI is seeking to have someone build an application to monitor social media, for example.
Meanwhile, the DHS has admitted to illicitly spying on American citizens in testimony before the House Homeland Security Counterterrorism and Intelligence Subcommittee. The Electronic Privacy Information Center (EPIC) has written to the committee complaining about the DHS' activities, alleging that the DHS lied in its testimony and had, in effect, breached its own internal guidelines about surveillance.
"Congress should suspend the DHS' social network and media monitoring program," Ginger McCall, director of EPIC's open government program, told TechNewsWorld.
On the other hand, the White House and various government departments have repeatedly asserted that they'll respect individual privacy rights. The FTC has filed charges against Facebook and Google for breaching privacy and imposed heavy fines on them.
The dichotomy in the federal government's approach to privacy was noted by EPIC's McCall. "The Administration needs to stand by its statements about the importance of online privacy and suspend this troubling DHS program which monitors dissent, violates the agency's statutory limits, and chills First Amendment speech," she said.
Handcuffs Across the Border
The Obama Administration has pledged greater interoperability between the United States' privacy framework and those of its international partners. However, some observers have expressed skepticism on this point.
"The U.S. is very weak on privacy when compared to Europe," Boston University's Carter pointed out. However, because European businesses have to do business with their American counterparts, this "puts pressure on European authorities to compromise."
This stated willingness to cooperate with international partners "will likely be touted to the EU as showing we're serious about privacy when in fact it does not go far enough unless legislation is ultimately enacted," John Simpson, consumer advocate at Consumer Watchdog, told TechNewsWorld. "Some observers think this may, in fact, be an effort to undermine European privacy efforts."
However, Pace University's Hayes pointed out that the European Parliament is still discussing proposed data protection legislation, which has been under review for some time. "If approved, the EU legislation would not come into effect until 2014," Hayes said. "The U.S. could, in theory, introduce online privacy legislation before the EU."