Consumer Privacy Bill of Rights

Taking another “step” toward developing comprehensive privacy legislation, the White House has released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015.   The draft reflects the Fair Information Practice Principles (“FIPPs”) long championed by the Obama Administration, and calls on businesses engaged in the collection of consumer information (“covered entities”) to either abide by a Privacy Bill of Rights or engage in self-regulation. While commentators have suggested the proposal is dead on arrival (read here, here and here) , the Privacy Bill of Rights warrants attention because it will serve as jumping-off point for further legislative and policy discussions on consumer privacy rights.

Continue Reading Privacy Monday – March 16, 2015: Unpacking the Obama Administration’s Consumer Privacy Proposal

The Department of Commerce has already taken the first steps to implementing the White House’s Consumer Privacy Bill of Rights announced last month.  Commerce has invited comment on “what issues should be addressed through the privacy multi-stakeholder process and how to structure these discussions so they are open, transparent, and most productive.”

According to the Federal Register notice, the public’s views are being sought on such issues as:

  • increasing transparency of mobile device privacy notices
  • mobile applications providing location-based services
  • cloud computing services
  • browser cookies
  • services targeted to teenagers and children

Comments are due on March 26, 2012.

Colleagues Howard Symons, Chris Harvie and Stefanie Desai have prepared a paper analyzing the details of the Consumer Privacy Bill of Rights, available here –  Summary of White House Privacy Framework .

At the White House today, President Obama unveiled his administration’s framework for new privacy regulations and the long-awaited white paper entitled “Consumer Data Privacy in a Networked World:  A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy.”   This follows up on the Department of Commerce “green paper” issued well over a year ago.    [We compared the Commerce Department proposal and Federal Trade Commission privacy proposals last year — here for your reference.]

The blueprint includes a “Consumer Privacy Bill of Rights” along with steps to incorporate these principles into federal regulations.    Like the previous Green Paper, today’s final report calls for a comprehensive privacy framework for all data, instead of the current sector-specific approach to data protection that leaves some personal data (outside of the communications, health care, education, financial services and children’s-online sectors) largely unregulated. The Framework calls for federal legislation to create such a “privacy bill of rights” that would supplement and fill in the gaps of existing federal privacy policy and lays the groundwork for a cooperative approach between government and industry for a “4P” arrangement — a “Privacy Public Private Partnership.”

In addition, the White House announced the first by-product of this framework:  an industry agreement on “Do Not Track” technology for online behavioral advertising.   This industry agreement was signed by a group of web advertising networks, including Google, Yahoo, Microsoft and AOL, and is intended to lead to the adoption of “Do Not Track” features integrated into web browsers.  The intent is to allow consumers to opt out of behavior-based marketing, blocking ad “cookies” and preventing cross-site tracking of behavioral information.  Companies signing onto this agreement are now subject to Federal Trade Commission oversight and enforcement of its terms.

Further information:

Statement from FTC Chairman Jon Leibowitz

Statement from Intel

Statement from Center for Democracy & Technology