Online Privacy & Innovation – Are They Compatible?

 There has been no shortage of examples of high profile online personal data leaks over the last few years. From TJX’s stolen credit card information to AOL’s exposure of consumers’ personal surfing habits, the stakes are high for both consumers and businesses when it comes to protecting our online privacy. Yet at the same time, the connections proved through the Internet and the associated speed of technology development make the World Wide Web the wild west of innovation; messy, but loaded with potential.  In such a dynamic (and sometimes downright scary) place, how do we ensure that our online privacy is protected without snuffing out innovation?

This topic was covered in a recent article by David Valdez, Senior Director of Public Advocacy with CompTIA, entitled “Past is Prologue: Online Privacy.” In this article Mr. Valdez effectively argues that the Federal Trade Commission (FTC) has previously done a good job balancing the online rights of individuals while leaving room for innovation. The FTC has been able to protect online rights through hundreds of suits against violators using a combination of legislation (the 1988 Children’s Online Privacy Protection Act [COPPA]) and the creation of self-regulatory rules with the cooperation of the industry’s stakeholders (known as the Fair Information Practice Principles). At the same time, they left room for web application innovation and   new social media platforms such as Twitter, Facebook and LinkedIn.

In the brave new world of wireless Internet applications and cloud computing, there will be  a continuing demand for both  online privacy and the desire to innovate. Valdez proposes the following framework as a means of moving forward with these goals:

1. The framework of Fair Information Practice Principles should be kept intact. It has served both industry and consumers well to this point in time; however, we should ensure that it’s expanded to accommodate new technology and consumer needs.


2. The FTC should develop simpler and easier-to-read privacy notices that provide a meaningful choice for consumers.


3. The FTC should be empowered with new resources to go after companies that intentionally violate the privacy of online users.


4. Lastly, any new standards should delineate between companies committing intentional harm and good ones that inadvertently make mistakes. .

What are your thoughts on this topic? How can Congress effectively balance the need for online privacy with innovation and what can associations like CompTIA do to help represent your interests in this area? Please feel free to share your experiences from wrestling with this issue in your business by simply posting a comment below.