Topic - Privacy

FTC chair Jon Leibowitz wants to see simpler privacy statements on mobile phones i.e. for apps. "They have to be like a nutrition guide on the side of a cereal box," he said at the D10 conference. He also push the FTC's principle of "privacy by design" as well as the voluntary "Do Not Track" approach. The same day, Microsoft announced it would have Do Not Track turned on by default in version 10 of its Internet Explorer browser.

Companies want it, privacy advocates don't, the US government has different approach

Efforts to self-regulate privacy failed 10 years ago. Will the new plans succeed?

The issue of self-regulation has been a key theme of a recent comment period hosted by the US Department of Commerce over the proposed Consumer Privacy Bill of Rights (read our comprehensive summary).

On the one side are the companies that make millions from a largely unregulated market, the case for a self-regulatory regime being made by a host of industry bodies (CompTIA, CTIA, DAA, DMA, IAB, NARC, NetChoice, SIIA, TIA) as well as a few large companies (AT&T, Microsoft, Verizon). And on the other side a wealth of consumer and civil liberties groups who advocate for legislation and highlight the weaknesses in a self-regulatory model (ACLU, APF, CDD, Consumer Action, EPIC, ITIF, WPF).

Twitter added weight to the voluntary Do Not Track agreement by including it as part of its new service for recommending others to follow on its service. The social media company announced that while it would be tailoring its "follow" suggestions according to people's data and choices, it would respect those that opt out. The company also has a tutorial on how to turn on Do Not Track. The move is an important demonstration of self-regulation.

Privacy in the online era means big changes in all our thinking

"People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people," Facebook's CEO Mark Zuckerberg told an audience in January 2010. "That social norm is just something that has evolved over time."

Zuckerberg's comment came hot on the heels of another from Google's then CEO Eric Schmidt: "If you have something that you don’t want anyone to know," he said in response to privacy concerns over the information his company possesses, "maybe you shouldn’t be doing it in the first place."

The lowdown on plans for a pan-European privacy law

What's happening?

In January, the European Commission (which sets regulations for its 27 member states) announced that it was overhauling its data protection legislation. The Commission wants to replace the EU's 1995 Data Protection Directive (on the protection of individuals with regard to the processing of personal data and on the free movement of such data) with a new law that will be enforceable across 27 countries that make up the EU (the proposed legislation in full [pdf]).

What's wrong with the Directive?

The Federal Trade Commission (FTC), chief privacy policy and enforcement agency in the United States, issued a final report in March 2012 entitled: Protecting Consumer Privacy in an Era of Rapid Change [pdf].

The report expands on a preliminary report from December 2010, and calls on businesses to implement best practices to protect US consumers' information. These practices include making privacy the 'default setting' when handling data, and giving consumers greater control over how their personal data are collected are used.

Implementing these practices, the report says, will enhance trust and stimulate commerce. The FTC also recommends that Congress considers passing legislation covering general privacy, data security and breach notification, and data brokers.
The report urges companies to follow a privacy framework that is split into three main areas:

A key notion of privacy is becoming increasingly tenuous

Do you agree with the following terms and conditions?

Every week millions of consumers are faced with this question when updating software on their computer or cell phone, or when they log into an online service that stores personal information.

And of course every single person clicks "Agree" having read barely a word of the pages of text that outline what the company can now do you with your data. You have no real choice of course: if you don't agree, it simply ceases to function. Your iPhone becomes a $300 paperweight; Facebook slams shut.

Everyone from consumers to companies to legislators recognize this as a ridiculous state of affairs but it remains a stubborn, if increasingly mocked situation for one simple reason: the globally accepted notion of "consent".

The Seventh Annual IGF Meeting will be held in Baku, Azerbaijan.

The proposed main theme for the meeting is: ‘Internet Governance for Sustainable Human, Economic and Social Development’.