Released: Policy Framework for Protecting Consumer Privacy Online While Supporting Innovation

Submitted on December 16, 2010 - 3:00pm
Categories:
Printer-friendly version

The Department of Commerce today issued a report detailing initial policy recommendations aimed at promoting consumer privacy online while ensuring the Internet remains a platform that spurs innovation, job creation, and economic growth.  The report outlines a dynamic framework to increase protection of consumers’ commercial data and support innovation and evolving technology. The Department is seeking additional public comment on the plan to further the policy discussion and ensure the framework benefits all stakeholders in the Internet economy.

“America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs, and economic growth. Self-regulation without stronger enforcement is not enough. Consumers must trust the Internet in order for businesses to succeed online.” said Commerce Secretary Gary Locke.

Today’s report, based on extensive public input and discussion, recognizes the growing economic and social importance of preserving consumer trust in the Internet.  Global online transactions are currently estimated at $10 trillion annually. Between 1998 and 2008, the number of domestic IT jobs grew by 26 percent – four times faster than U.S. employment as a whole – with IT employment projected to increase another 22 percent by 2018.

The following are key recommendations in today’s preliminary report, Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework:

  • Consider Establishing Fair Information Practice Principles comparable to a “Privacy Bill of Rights” for Online Consumers
  • Consider Developing Enforceable Privacy Codes of Conduct in Specific Sectors with Stakeholders; Create a Privacy Policy Office in the Department of Commerce
  • Encourage Global Interoperability to Spur Innovation and Trade
  • Consider How to Harmonize Disparate Security Breach Notification Rules
  • Review the Electronic Communications Privacy Act for the Cloud Computing Environment

Read the more detailed press release.  |  Learn more about and read the report.

Comments Closed

Due to increased spam, comments have been closed on this content. If you wish to comment about the content, we encourage you to email webmaster@doc.gov.

well

Submitted on December 17, 2010 - 12:28am.

Fair

Policy Framework for Protecting Consumer Privacy Online While Su

Submitted on December 23, 2010 - 8:34am.

From a European perspective, it is not clear whether these provisions apply to personal data in the public domain. The document supports the APEC Framework (recommendation 6), but that Framework does not apply to public domain personal data.

This lack of clarity may create harmonisation difficulties re privacy matters and this position highlights one fundamental difference which helps explain why the USA’s view of “privacy” is not the same as the European understanding of “data protection”.

For instance, it is true that if personal data are in the public domain, there can be no privacy in those data. However, data protection is more than privacy and asks other questions when these data are used.

So, for instance, if an employer were to use personal data about an employee from the internet, European data protection legislation would ask three questions that the USA document does not consider. These questions are:

1) Are the personal data “necessary” for the employer’s purpose (i.e. what is the basis for the processing in terms of Article 7 of the Directive 95/46/EC or Schedule 2 of the UK Data Protection Act)

2) Are the personal data “accurate” and “relevant” to that employer's purpose (i.e. is there compliance with the Principles found in Article 6 of the Directive or Schedule 1 of the UK Data Protection Act)

3) Does the data subject know of the use of his personal data from the Internet for the employment purpose (i.e. is there proper notice of the use of the personal data as required by Article 11 of the Directive of the fair processing notice of the UK Data Protection Act).

Finally, how does the document relate to the "right to forget" that the European Commission is suggesting?

Big questions - no answers in the Green Paper just published.

chris.pounder@amberhawk.com (UK)
Contributor to the Hawktalk blog on data privacy

administration jobs

Submitted on December 25, 2010 - 9:16am.

America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs, and economic growth. Self-regulation without stronger enforcement is not enough. Consumers must trust the Internet in order for businesses to succeed online.T