29
Feb

Obama's Internet Bill Of Rights: Positive Step or Empty Promise?

Posted by David Coursey
David Coursey
David Coursey is a writer, broadcaster, event host, industry analyst and busines
User is currently offline
in General

Godspeed, Barack Obama! Your new Internet Bill of Rights may be consumers' best hope for maintaining a shred of privacy against the strong winds of capitalism run amok.

720px-US-WhiteHouse-Logo.svgOK, that may be too strong a statement, and it is difficult to tell consumers how little privacy they have left and they probably won't understand until it is much too late.

I am quite certain if people thought the government was trampling on our right to privacy the way business is currently doing, it would be a huge political issue. But of course, for enough cash the government can buy assess to the private sector's data warehouses and do as it pleases.

As it stands, the president's proposed Internet Bill of Rights is weak, vague and general in the extreme, and flies against emerging industry practice. The result, I'm afraid, will be a package of rules or voluntary standards that sound nice but are easy for companies to get around, leaving consumers with even less privacy than what they have now.

My colleage Ephraim Schwartz has already covered the proposal in some detail and I won't repeat his comments. Instead, I'll focus on the challenges of making it be more than it is.

Fingerlink-General

Let's consider just three of the proposed "rights":

Consumers have a right to expect that companies will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data.

The challenge here, besides the density of the language, is the online industry is headed in precisely the opposite direction. While the Bill of Rights describes a very granular privacy policy that differs with context, that is not where Google is headed. Its planned privacy changes take all the information a user provides and drops it into a single container from which the search giant can extract information to slice, dice and present to advertisers as it chooses. That is the sort of policy I'd imagine any business would like to have.

While Google is aggressively telling its users about the privacy change -- which even offers some benefit to users when information is shared across five dozen Google applications and services -- this isn't "consistent with the context" in which the information is provided. Unless, of course, giving your permission creates a context that allows Google to do whatever it chooses behind your back.

Many people -- including some in our industry -- are surprised by how much data is being assembled and how companies are using it. Companies are not required to describe to consumers how they use information they gather (not in plain language, anyway). So when, in a recent example, Target was able to figure out a woman was pregnant based on demographics and buying habits before her father made the discovery, many were surprised. (This is described in an excellent New York Times story, "How Companies Learn Your Secrets").

An important issue here is the linking of information gathered in the real world -- such as shopping at a brick-and-mortar retailer -- with information gathered from online shopping. The Target story talks about how the company tracks as much as it can about every customer. This can include using credit cards and other data to link people to accounts they could not otherwise be connected to.

The idea of context also works against companies sharing the data they collect or linking it to public records or other data sources. Today, such usage can be "hidden" in the fine print of privacy agreements that vary from one business to another and no one takes the time to read.

Consumers have the right to exercise control over what personal information companies collect from them and how they use it.

The "do not track" web browsing option is only a partial solution and only works in some circumstances online. Customer loyalty programs are common and gather tremendous amounts of data. As does a Facebook profile if you are an active user. Consumers need easier ways to control information if they are to have any control at all.

Consumers have the right to reasonable limits on the personal data that companies collect and maintain.

Are there any companies ready to admit to being unreasonable in the data they collect and maintain? Especially when consumers have agreed to the privacy policies that allow it? Probably not, and that is where the challenge begins.

Let me note that not all this data combining and mining is a bad thing; Most of us would rather have personalized experiences than generic ones, even if intensive personalization makes it hard for some of us to turn off our attention when we really ought to. Media can make itself very difficult to ignore, which is something that probably impacts personal and public health. Though I digress.

We've already figured out that privacy is a hugely complex and slippery topic. Consumers are willing to accept -- even to not notice or care about -- businesses doing things they might scream about if the government were revealed to be doing the same thing. That is frightening because at least we have some control over and a view into what government does. Big business is essentially opaque to consumers.

Implementing this Internet Bill of Rights may require a lot more intrusion into operations than businesses are willing to accept, particularly when consumers aren't yet screaming about being damaged by privacy issues. But would consumers really know? And if they don't know, is it really damage?

The challenge -- as President Obama must know -- is that when the screaming starts, the damage will be done and businesses may be impossible to reel back in.

 

Tags: barack obama, internet bill of rights, New York Times, privacy, target stores

Comments

No comments made yet. Be the first to submit a comment

Leave your comment

Guest
Guest Wednesday, 22 May 2013