28
Feb

White House Privacy Bill of Rights Little More than Framework

Posted by Ephraim Schwartz
Ephraim Schwartz
Ephraim Schwartz served as editor-at-large for InfoWorld for 12 years and is now
User is currently offline
in General

To much ballyhoo and press coverage, the Obama administration has released a Consumer Privacy Bill of Rights. However, it appears the privacy rights consumers are entitled to on the Internet will become a topic for discussion with companies that oftentimes abuse those rights.

At present, the Bill of Rights consists mainly of a set of high ideals companies should maintain when caring for consumer data. However, according to the White House press release, after consultation with industry groups and consumer groups eventually these goals will become more specific and actionable.

The goals at present cover four main categories:

  • Individual Control: Consumers have a right to exercise control over what personal data companies collect from them and how they use it.
  • Transparency: Consumers have a right to easily understandable and accessible information about privacy and security practices.
  • Respect for Context: Consumers have a right to expect that companies will collect, use and disclose personal data in ways that are consistent with the context in which consumers provide the data.
  • Security: Consumers have a right to secure and responsible handling of personal data.
  • Access and Accuracy: Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data is inaccurate.
  • Focused Collection: Consumers have a right to reasonable limits on the personal data that companies collect and retain.
  • Accountability: Consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.

Fingerlink-General

Much less media coverage was given to the fact that the Privacy Bill of Rights is only one component of what the Obama Administration is proposing. Introduced along with the Bill of Rights was a 62-page report titled, “Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy," which includes applying privacy issues to specific business contexts; enforcement; and agreements with international partners to “increase interoperability with privacy frameworks.”

I wonder how we should interpret that second component, applying privacy issues to specific business contexts? Does it mean the level of consumer privacy a consumer is given is dependent on the business context in which it is placed? Shouldn't the privacy be an absolute, not dependent on business context?

Here’s another part I don't quite understand: In its press release and in its proposals the White House constantly reminds us that specifics will be determined after consultation with an array of stakeholders.

In the coming weeks, the Commerce Department’s National Telecommunications and Information Administration will convene stakeholders – including companies, privacy and consumer advocates, technical experts, international partners, and academics – to establish specific practices or codes of conduct that implement the general principles in the Consumer Privacy Bill of Rights.”

 

Tags: consumer groups, Consumer Privacy Bill of Rights, industry groups, online security, privacy, White House

Comments

No comments made yet. Be the first to submit a comment

Leave your comment

Guest
Guest Monday, 20 May 2013