Attorneys General Focus on Privacy, Cyberbullying, NAAG Chief Says
State attorneys general “are really the Internet police,” said Maryland Attorney General Doug Gansler, who took over the National Association of Attorneys General in June, during a keynote at a Microsoft event on Monday. With their enforcement powers, attorneys general have had to protect consumers online, even as federal agencies -- such as the FTC -- work on their own rules and enforcement actions, he said. Gansler pointed to his own office and that of California Attorney General Kamala Harris for maintaining privacy departments. The state level is where “we think ... a lot of the action is,” he said. Gansler said when elected NAAG president his 2012-2013 term initiative would be “Privacy in the Digital Age” (http://xrl.us/boc4um).
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
Maryland is working with Facebook to develop a program to combat cyberbullying on the social network, Gansler said: Through the pilot program, Maryland school principals in each county are given a contact at Facebook whom they can reach when they find cyberbullying content and request that it be taken down. “Facebook seems to actually like the idea,” he said. Some other websites “are always going to try to hide behind the First Amendment,” but it’s important to figure out what’s protected speech and what isn’t, he said: “We don’t think they should be able to have the clear cyberbullying content on their website."
Data collection and data dissemination are two issues Gansler is focusing on as a part of his initiative to protect consumer online privacy, he said. Consumers should know when websites are collecting their information, he continued: “Who are they selling it to, how are they making money, and do you, the consumer, know they're doing that?” Additionally, consumers should be able to opt-out of these collection and dissemination practices, but the opt-in standard that privacy advocates are pushing is “probably not realistic,” he said.
Consumers need to be meaningfully informed, not just given supposed control, said FTC Senior Policy Adviser Paul Ohm during a later panel, speaking for himself, not the agency. “All the control in the world may not really be meaningful to privacy if it’s shrouded” in confusing language, he said. Ohm said companies collecting consumer data with the goal of monetizing that data later is “what worries me the most.” He’s “a little nervous about business models that might be premised on the idea that we invite people to give more information to companies” and then, years down the road, sell that data, he continued: “I would say, let your customers know at the outset” if you plan to monetize their data, rather than pull a “bait and switch."
Efforts to protect online privacy should be aimed at how data are used rather than if the data are collected, said Microsoft Chief Privacy Officer Brendon Lynch. “Use is where the benefit comes in the data, and use is where the potential harms come,” he said.