In the name of online privacy, the White House has announced what they’re calling a “comprehensive blueprint” for future legislation, with the “consumer privacy bill of rights”.
Straight from the White House fact sheet, this bill “seeks to protect all Americans from having their information misused by giving users new legal and technical tools to safeguard their privacy.”
Aiming to protect the privacy of web surfers, the bill lays out guidelines for Internet companies about how they should treat consumers’ data and manage their customer interactions. The central demands are for transparency, security, and user control of their data. Think clear privacy policies, the ability to release information with peace of mind that it won’t be sold on, and a simple opt-out option — for anything.
But, taking notes from the SOPA and PIPA debacle, the administration knows what kind of opposition they could except to be face with a bill that asks for broad cooperation from Internet companies. So, what the White House has done (in the brief at least) is to stress that alongside protecting privacy, they will seek to “assure continued innovation in the Internet economy by providing flexible implementation mechanisms to ensure privacy rules keep up with ever-changing technologies.”
The bill will be enforced by the FTC (for those companies that sign up), but the call for “flexible implementation” and “enforceable codes of conduct” seems to provide a soothing touch.
The “bill of rights” is being positioned as the framework for further action. The administration is looking to Congress to enact further privacy legislation, and they are also championing the “Do Not Track” technology to which Google, Yahoo!, Microsoft and AOL have already made an FTC-enforceable commitment.
For over a year these advertisers have allowed users to opt out of online tracking by installing a special cookie on their computer. But, the administration thinks the current process is too confusing and complicated and they are instead pushing for a simple “Do Not Track” browser button.
Tracking is not confined to browsers either. Path, Twitter and other mobile applications have been caught uploading entire address books to their servers without permission, and in December, handset makers were found installing secret software that could potentially record keystrokes.
As a result, California is taking a stand. Under Attorney General Kamala Harris, mobile apps are being brought into compliance with California’s existing Online Privacy Protect Act of 1994. (The act requires online service providers that collect personal information about users to post their privacy policies in a conspicuous place.)
Under the new agreement, Apple, Amazon, Microsoft, HP and RIM (makers of the blackberry), that account for 95% of all downloads, must ensure that developers post clear privacy policies for their applications wherever they are downloaded.
According to the Attorney General, 22 of the top 30 most-downloaded apps today do not have posted privacy policies !
While no time line has been yet set for this agreement, or the implementation of the White House directive, it is clear that lawmakers at the state and federal level agree that consumers need to understand “the expanse and breadth and depth” of how their data is being used — and claim what is set to be a new “right to control personal information about themselves”.
- White House pushes online privacy bill of rights (money.cnn.com)
- Reps. Barton and Markey vow to push ahead with ‘Do Not Track’ legislation (thehill.com)
- Path Is’t Only App to Upload, Store Address Book Data (pcworld.com)
- State requires privacy posts by mobile app makers (sfgate.com)
- White House Fact Sheet (whitehouse.gov)