The U.S. Federal Trade Commission released a report Monday calling for greater privacy protections for online users, including increased transparency regarding the data companies collect from consumers. The report also addressed Do Not Track systems, which allow consumers to opt out of online behavior tracking mechanisms.
While encouraging online companies to provide greater privacy protections for their users, the FTC stopped short of encouraging Do Not Track legislation. Similar to the Do Not Call list, the Do Not Track Me Online Act would require businesses to give consumers the option to turn off tracking software. The FTC said it was encouraging Web developers to build those protections into its latest software voluntarily.
The report stated that many companies have already started to follow some of those recommendations.
While the FTC did not call on legal mandates for Do Not Track systems, it did make a call for transparency. It encouraged the passage of legislation that would provide consumers with information that online data brokers have about them.
The report was approved on a 3-1 vote from the commissioners. The lone voice of opposition was FTC Commissioner J. Thomas Rosch, who opined that the watchdog nature of the FTC’s suggestions was outside of the Commission’s duties.
While the report contains many suggestions for best practices, it does not carry legal authority.
The FTC didn’t respond to our requests for further comment on the story.
Privacy advocates have been calling on the FTC and similar bodies to enact more guidelines and regulations that will protect consumers, especially as smartphone and tracking technology become more prominent. Many groups applauded the report, although a few, including the Electronic Privacy Information Center, stated that the report didn’t go far enough.
The Center for Democracy and Technology approved the FTC’s suggestions regarding Do Not Track legislation and said it looked forward to working with the FTC in the future to further develop the guidelines.
“The FTC rightfully refocuses attention on the heightened privacy concerns presented when ISPs, operating systems, and browsers have broad access to consumers’ online activities,” Justin Brookman, director of consumer privacy at the Center for Democracy and Technology, told the E-Commerce Times.
Another group, the Software and Information Industry Association, praised the FTC for clearing up its opinions on privacy and its call for greater transparency.
“Clarity is always good,” Mark MacCarthy, VP for public policy at the Software and Information Industry Association, told the E-Commerce Times.
The SIIA didn’t recognize a need for greater legislation within the privacy process, however. The association believes that a collaborative, public-private approach to privacy controls is more effective than increased regulation.
“We don’t see legislation as necessary at this time,” said MacCarthy. “If a company makes a promise to abide by the code that’s been laid out, the FTC can enforce that and go after a certain section, and that works.”
Law Catching Up
The Obama administration recently proposed a privacy bill of rights that supports the Do Not Track option. On the same day the White House released its report, the state of California mandated that mobile app developers follow more stringent privacy guidelines.
Federal decisions often take a great deal of time to work through the policy-making process and become law. When the law pertains to an industry such as telecommunications where new technologies are rapidly changing, though, the lag between lawmaking and enforcement can seem even greater.
“They’re making an effort at the FTC,” said MacCarthy. “There are a lot of good, smart people at the FTC, and they know technologies and models are changing quickly, so they’re pretty well up to date.”
Even the quickest turnaround, though, can be slower than technology development, said MacCarthy, which is why the SIIA believes some of the most critical changes are taking place without the help of the FTC’s reports.
“The fact of the matter is that in the privacy sector, the best practices and codes of conduct are far more flexible and up to date than any legislation, and that’s where the real influence and authority can take place,” he said.