- Commerce Department Calls for "Baseline" Consumer Privacy Rights
- January 3, 2011 | Author: Ieuan Jolly
- Law Firm: Loeb & Loeb LLP - New York Office
Privacy continues to be a hot topic in Washington. On December 16, the U.S. Department of Commerce Internet Policy Task Force issued a privacy report titled "Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework." The task force describes the report as a green paper which is part of an ongoing effort to revise U.S. privacy law, industry guidelines and business practices to accommodate new and increased uses of consumer information.
The Green Paper is similar to the FTC's recent Privacy Report (summarized here and here) and is designed to provide guidance to Congress as it considers new federal privacy legislation, and guidance for businesses that collect, share, use or store personal consumer information.
The Green Paper does not take positions on do-not-track or opt in/opt out regimes, two big issues in the online privacy debate, but the Green Paper was billed more as a road map and a framework, with the details to be included following industry and public input.
Below are some highlights of the Green Paper:
The Green Paper proposes a framework that is "designed to protect privacy, transparency, and informed choice while also recognizing the importance of improving customer service, recognizing the dynamic nature of both technologies and markets, and encouraging continued innovation over time." The framework includes the following policy recommendations:
- Encouragement of "global interoperability." The Green Paper states differences in form and substance between U.S. and other national privacy laws make it increasingly complicated for companies to provide goods and services in global markets. Therefore, in order to decrease regulatory barriers to trade and commerce, "the U.S. Government should work with our allies and trading partners to promote low-friction, cross-border data flow through increased global interoperability of privacy frameworks."
- Enactment of a federal commercial data security breach notification law that sets national standards, addresses how to reconcile inconsistent state laws, and authorizes enforcement by state authorities.
- The release of this Green Paper is another clear indication that the U.S. privacy landscape is changing and momentum is building for the enactment of new privacy laws and new self-regulatory programs. Companies should consider how their own privacy practices compare to the Commerce Department's Green Paper and the FTC's Privacy Report and whether any changes are needed.