Mobile Privacy Stakeholders Disagree Over Role for NTIA
Stakeholders disagreed over how to move forward on mobile privacy at a Friday NTIA meeting, the sixth in the multistakeholder discussion process to develop industry standards for mobile privacy. The meeting included presentations on short form notice prototypes and discussion of two drafts of mobile privacy codes of conduct.
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
"Either the NTIA needs to do much more ... or we need to bring in a neutral expert who can help us move forward,” said Jeff Chester, executive director of the Center for Digital Democracy. Chester expressed frustration that the process did not include more input from experts and academics. “The idea that we are engaged in the process without incorporating all the research that has been undertaken ... means this process cannot proceed in a way that ensures the integrity of the outcome,” he said.
"The NTIA should play a more active role as a neutral facilitator,” said Susan Grant, director of consumer protection at the Consumer Federation of America. Grant presented a code of conduct discussion draft written by consumer groups (http://1.usa.gov/11rAaoh), which “focuses on the responsibilities of app providers” and defines “sensitive personal data” as “a subset of personal data and includes data about the health, finances, religious preference, sexual preference, ethnicity, race, age or current location of a mobile device user."
The multistakeholder process should not be restructured now, said Jim Halpert, technology and privacy lawyer with DLA Piper. Any points from academics and experts should be incorporated into what the stakeholder group has already been working on rather than “fundamentally” changing the process, he said. Halpert, along with lawyer Stu Ingis, who represents the Digital Advertising Alliance and the Interactive Advertising Bureau, presented the group with a code of conduct draft that combined an industry-led draft from the last round of discussions and the draft by consumer groups. “We looked at them against each other” and found that “many of the principles were common,” Ingis said. Ingis said he collected topics where the two drafts diverged in a 10-page document of questions that was circulated to stakeholders. “None of [the document of questions] has advocacy in it at all,” he said, calling the collection of diverging points “a mechanical exercise.” The process is “a long way from” addressing those points of difference, Ingis said.
The NTIA would consider playing a more active role if that’s what the stakeholders want, John Morris, acting associate administrator and director of Internet policy at the NTIA, told us. “If the stakeholders collectively want us to take a more active role, we will absolutely consider doing that,” keeping in mind budget and legal restraints, he said. Although the NTIA is willing to consider it, Morris said he had concerns about how efficient it would be to have the NTIA “hold the pen” in this process because small changes, such as choosing between sentences with similar intentions but different wordings, would have to be brought “back to the stakeholders for discussion."
The meeting’s presentations of short form prototypes focused on how to succinctly provide information on privacy policies to users on mobile devices. Travis Pinnick, user experience designer at TRUSTe, discussed previous models of mobile Web privacy icons, including ones developed by Mozilla (http://bit.ly/TWiP2F). Morgan Reed, executive director of the Association for Competitive Technology, brought a live demo to the group of an icon system his association had developed to work with parents (http://bit.ly/Su2KBl).