White House Privacy Bill of Rights--Good Start, but Concerns Loom

CDD has made a commitment to the White House that it will work on “multi-stake holder” negotiations to help develop new consumer online privacy safeguards.  We recognize that in the absence of federal legislation, the inability of the FTC to issue regulations, and the ever-increasing digital data collection system, some progress must be made to protect consumers.  Increasingly, consumers face a daily whirlwind of data collection, confronting a vast and largely uncontrollable apparatus that tracks their every move.  Whether we are using a PC, a mobile device, playing a video game or even listening to music, our information is being stealthily packaged into personal data profiles.   Our financial, health, political, and family data are sold to the highest online bidder, whether they are marketers, financial companies or even political parties.

The White House’s new framework for protecting privacy, especially its Bill of Rights, is an important development to protect consumers in the digital age.   Consumers require a “Bill of Rights” that ensure they are in control over their personal information—not the digital data companies.  As the public increasingly relies on the Internet to make purchases and other financial decisions, they also should have 21st Century consumer protection safeguards.

However, the new framework largely depends on the development of voluntary codes of conduct, to be negotiated between consumer groups and companies like Google, Facebook, Microsoft, Yahoo and others.   Consumers groups, such as CDD, will engage in these negotiations in good faith.  But we cannot accept any “deal” that doesn’t really protect consumers, and merely allows the data-profiling status quo to remain.  Instead of negotiations, CDD would have preferred the White House to introduce new legislation that clearly protected consumers online.

Two, we are very concerned that the Administration’s new privacy plan is designed to undermine the European Union’s rights-based approach protecting privacy.  The U.S. online data companies are the global leaders in digital advertising, especially Google and Facebook.  These companies increasingly feel threatened by a EU approach that protects its citizens from pervasive and unaccountable data collection.  We will not support an effort by the U.S. to secure a trade agreement with the EU and the Asia Pacific region that permits digital marketers to collect user data unabated.   A voluntary code of conduct should not be the basis of a global trade deal designed to bolster Google and Facebook profits.

Finally, we are also concerned about today’s announcement by the Digital Advertising Alliance (DAA), including Google, that they will develop its own Do-Not-Track system.   The plan by the DAA to add Do-Not-Track to its self-regulatory system could derail a promising privacy effort by the Worldwide Web Consortium standards group (W3C) that is being designed to give consumers greater control over data collection.  The new DAA scheme will enable companies to continue to collect profiling data on users, and merely prevent the delivery of targeted ads. DAA members are terrified about the development of a DNT system with teeth, which would stop so much data collection, profiling and tracking.  The White House and the FTC should ensure that consumers can receive the benefits of a robust, uniform and independent DNT service.  We should not allow Do-Not-Track to be hijacked by the data collection industry