The State of Online Privacy 2.0

Yesterday, the Senate Science Commerce and Transportation Committee held a hearing on the “State of Online Privacy”.  This was the first of two heating hearings focused on whether additional legislation was needed to protect consumers from how companies manage consumer data collected online. There were was testimony from several private, not-for-profit and federal agency stakeholders. 

Senator Kerry plans to introduce a bill sometime soon, which he hopes will solve several issues:

1. Websites selling private information without consent;


2. Information being collected without privacy considerations; and


3. Consumers unable to ensure that companies collecting their information can be told to stop doing so.

 The National Telecommunications and Information Administration (NTIA) testified that the Obama Administration remains supportive of privacy legislation for the Internet.  NTIA stated that they supported:

1. Baseline consumer data privacy protections (a consumer privacy bill of rights);


2. Authority for FTC to enforce any baseline projections; and


3. A framework that provides incentives for the development of codes of conduct, including a safe harbor for companies that implement codes of conduct that are consistent with the baseline protections.

It seems that the position taken by NTIA is consistent with the current rules under the Federal Trade Commission’s Fair Information Practice Principles (FIPP), which require companies who collect online consumer information to provide notice, choice, access and security of personally identifying information.  Thus, the Obama Administration’s position aims to codify the FIIP rules while also providing the FTC with enforcement teeth. One could say that this is online privacy 2.0.