First came Do-Not-Call. Now, the Federal Trade Commission is focusing on Do-Not-Track.
In a 79-page report issued today, the agency suggested a new framework for consumer privacy in the commercial world, including a way for people to choose whether to allow companies to collect data about their online searching and browsing.
“Many of us on the Commission believe that it’s time for a Do-Not-Track mechanism with respect to third party ads,” said FTC Chairman Jon Leibowitz in a call with reporters. “A Do-Not-Track browser setting would serve as an easy, one-stop shop for consumers to express their choices, rather than on a company-by-company or industry-by-industry basis. Microsoft, Google, Mozilla and Apple have already experimented with this, by the way, as has a coalition of companies.”
He stressed that the report only offers “best practices and guidance for lawmakers….We’re not calling for legislation yet.” And he said he hoped industry would improve efforts to self-regulate so legislation wouldn’t be needed.
“The advantage of industry doing something themselves is that they can move much more quickly than lawmakers,” Leibowitz said. “Industry needs to step up to the plate. To some extent, it has its destiny in its own hands.”
During the call, Edward Felten, who on Jan. 1 starts work as the FTC’s chief technologist, explained how Do-Not-Track might work.
“A consumer expresses the desire to opt out of tracking by using some kind of control on their browser or device,” he said. “When the browser connects to a site, it sends a message to the site that the consumer has opted out of tracking.” The site then refrains from collecting information about the person.
Leibowitz explained tracking via a real-world analogy – imagine you’re walking in a shopping mall and someone is following you who knows more or less who you are and where you live, he said.
“He’s emailing the stores ahead of you, ‘There’s Leibowitz. He’s looking for a jacket and a matching fur coat,’” he said. “And if the person was following your daughter, you’d want to punch him out.”
In the report, the FTC noted that the privacy policies of many companies have become long, legalistic disclosures that consumers usually don’t read and don’t understand if they do. “Current privacy policies force consumers to bear too much burden in protecting their privacy,” according to the FTC.
The report recommends that “companies should adopt a ‘privacy by design’ approach by building privacy protections into their everyday business practices.”
The report also suggests standardized notices that would allow the public to compare information practices of competing companies.
The FTC is soliciting public comment on the report until Jan. 31.
“Trying to get the right balance for consumer privacy is not Euclidean geometry,” said Leibowitz. “Reasonable people can disagree.”
What real options does one have with "policies by adhesion"? When all the policies are essentially the same, one's ability to compare does little, especially when one has no real bargaining power in the process.
I mean, really, can we legitimately choose to not browse the WHOLE internet?
Posted by: Mickey Fox | December 06, 2010 at 05:16 PM
You mean like not forcing you to provide a name and email address just to leave a comment on an article or discussion?
e.g. From this very comment page:
Your Information
(Name is required. Email address will not be displayed with the comment.)
Posted by: anony mouse | December 03, 2010 at 01:36 PM