Obama Administration Seeks Web Use 'Bill Of Rights'

A report compiled by the U.S. Commerce Department stopped short of calling directly for specific privacy legislation. Instead, it recommends a "framework" to protect people from a burgeoning personal data-gathering industry and fragmented U.S. privacy laws that cover certain types of data but not others.

"America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs, and economic growth. Self-regulation without stronger enforcement is not enough," said Commerce Secretary Gary Locke. "Consumers must trust the Internet in order for businesses to succeed online."

The 88-page report, which observers say marks a turning point for federal Internet policy, states that the use of personal information has increased so much that privacy laws may now needed to restore consumer trust in the medium.

The Federal Trade Commission reached a similar conclusion earlier this month and issued a report of its own, calling for the Internet industry to develop a "do-not-track" mechanism in browsers that would stop Web sites from following their visitors around the Web.

Neither report makes specific recommendations for legislation, although the Obama Administration is expected to do so next year. Both Commerce and the FTC are calling on industry to voluntarily develop guidelines and, perhaps, technology that would enable consumers to opt-out of data collection activities.

Key recommendations include:

• Consider establishing fair information practice principles comparable to a "Privacy Bill of Rights" for Online Consumers;
• Consider developing enforceable privacy codes of conduct in specific sectors with stakeholders;
• Create a Privacy Policy Office in the Department of Commerce;
• Encourage global interoperability to spur innovation and trade;
• Consider how to harmonize disparate security breach notification rules; and
• Review the Electronic Communications Privacy Act for the cloud computing environment.

Consumers object

The report didn't go over well with at least consumer groups, who said it was too vague and too friendly to industry.

"Instead of real laws protecting consumers, we are offered a vague 'multi-stakeholder' process to help develop 'enforceable codes of conduct,'" Jeff Chester, executive director of the Center for Digital Democracy told the Los Angeles Times.

Chris Calbrese, the ACLU's legislative counsel, said the Commerce department had finally recognized what consumer groups have been saying for years.

"It's the wild wild west out there and consumers have no privacy online," Calebrese said. "FIPPS is a good place to start and Congress needs to act and give us an enforceable regime."

But it's hardly likely that the advertising industry is eagerly awaiting new rules. The Internet Advertising Bureau, a trade group, defends the use of anonymous consumer data to support ad-targeting, a process it says produces ads that are more useful for both consumers and advertisers.

"Publishers utilize third-party analytics services, marketers and agencies collect metrics on campaign performance, and small businesses are especially dependent upon ad networks, all of which function based upon the free flow of information among trusted partners," said Mike Zaneis, IAB's general counsel in a recent blog posting.

"The IAB tries to convey the ubiquity of such practices and the value our industry delivers to consumers, all while respecting their privacy and protecting the security of such data," Zaneis said.