The Obama administration today pulled the covers off of a consumer-privacy strategy aimed at helping protect users online.
At the center of the strategy is a “privacy bill of rights” – a set of principles designed to create a baseline standard of how consumers can expect themselves and their data to be treated online. The plan covers a lot of ground, and is meant to extend the protections outlined in the Federal Information Processing Standard (FIPS).
“Never has privacy been more important than today, in the age of the Internet, the World Wide Web and smart phones,” Pres. Barack Obama wrote in a cover letter for the report. “In just the last decade, the Internet has enabled a renewal of direct political engagement by citizens around the globe and an explosion of commerce and innovation creating jobs of the future. Much of this innovation is enabled by novel uses of personal information. So, it is incumbent on us to do what we have done throughout history: apply our timeless privacy values to the new technologies and circumstances of our times.”
The privacy bill of rights breaks down into seven principles:
• Individual control: Companies should provide consumers appropriate control over the personal data that consumers share with others and over how companies collect, use or disclose personal data.
• Transparency: Companies should provide clear descriptions of what personal data they collect, why they need it, how they will use it, when they will delete the data or de-identify it from consumers and whether and for what purposes they may share the data with third-parties.
• Respect for context: Companies must collect, use and disclose consumer data in ways consistent with the context in which the data was given.
• Security: Consumers have a right for their data to be handled securely.
• Access and accuracy: Companies should use reasonable measures to make sure they are maintaining accurate data, and give customers access to it.
• Focused collection: Companies should collect only as much personal data as they need to accomplish purposes specified under the Respect for Context principle.
• Accountability: Companies should be accountable for living up to the privacy bill of rights.
In addition, several large Internet companies and online advertising networks announced commitment to act on “Do Not Track technology” in most major web browsers to make it easier for users to control online tracking. Companies including Google, Yahoo!, Microsoft, and AOL, which comprise an overwhelmingly large percentage of the online advertising market, have agreed to comply when consumers choose to control online tracking, according to a statement from the White House.
Signed by President Obama, the report was developed under the leadership of the National Economic Council and the Office of Science & Technology Policy, the White House said. It builds on a initial report released in December 2010 by the Internet Policy Task Force.
“Trust and confidence are the foundation of the digital economy and OTA applauds the White House’s commitment to online privacy and the calls for greater transparency, security, control and accountability,” said Craig Spiezle, executive director and president of the Online Trust Alliance, which announced its support of the White House’s privacy intiatives. “The multi stakeholder process is to be commended, highlighting the importance of consumer protection while promoting innovation and the vitality of commerce. We see this as a major step forward in promoting consumer controls online.”