FCC, FTC March to Administration’s Drummer on Policymaking Through Industry Codes, Say Officials
SAN FRANCISCO -- The formally independent FCC and FTC are in step with an administration strategy of pressing electronic communications industries to agree to enforceable codes of conduct to protect consumers, federal officials said Tuesday. The “bill shock” code that the FCC announced Monday with CTIA fits the pattern, Policy Director Danny Weitzner of the White House Office of Science and Technology Policy said at the Web 2.0 Summit. His other example was a code, enforceable at the FTC, that the Department of Health and Human Services secured to close what he called a “critical privacy gap” concerning personal health records.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
The administration incorporated the approach in recommending new federal privacy legislation, Weitzner said. “This flexible policymaking model” works much faster than conventional regulatory action and “provides agility” in dealing with fast-changing technology, he said.
The strategy fits the U.S. style of regulation, said Director David Vladeck of the FTC Bureau of Consumer Protection. Unlike Europe, “we do not have very prescriptive rules” on privacy, he said. “We have general principles.” The “European model” is “not very adaptive, and it doesn’t take into account business models like Facebook’s that depend on people’s desire to share” information about themselves, he said.
"We're heartened to see … advances” in the appreciation by advertisers and browser makers of “enhanced consumer control” over online data used for tracking and marketing, Vladeck said. He connected the attitude changes with the FTC’s support in its behavioral-advertising work for “do not track” mechanisms.
But “we're not making much progress” on data security, Vladeck said. Even the most sensitive data, such as Social Security numbers, are “not being protected with the vigilance required,” even by large companies, he said. “Time and time again, our investigators see very lax security measures that don’t meet any reasonable standard,” Vladeck said. He said the FTC also sees widespread violation of the Children’s Online Privacy Protection Act in mobile apps’ collection of data, including on location, about children without express parental consent and often with no relation to the needs of providing the service used.
Ann Cavoukian, the information and privacy commissioner of the Canadian province of Ontario, plugged the “double-blind privacy architecture” of technology from Bering Media. Targeted ads take advantage of marketing information held by advertisers and geolocation information from others, but the custodians never see each other’s data, she said. The approach is right in line with the Privacy by Design strategy that Cavoukian has successfully promoted with regulators and companies around the world, she said.