Healthcare // Analytics
Commentary
3/26/2012
06:03 PM
Thomas Claburn
Thomas Claburn
Commentary
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%
Repost This

Dear FTC: Privacy Power Trumps Privacy Rules

As it tackles consumer data privacy, the FTC needs to think less about limiting what companies can do, and more about empowering consumers themselves.

The Federal Trade Commission on Monday issued its final report on how businesses should try to protect consumer privacy when handling data that can be linked to a specific consumer or device.

The report, "Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers," makes some concessions to the realities of small businesses: It concludes that its proposed framework should not apply to companies collecting (and not transferring) data from fewer than 5,000 consumers a year.

It also exempts companies that take reasonable measures to de-identify data, promise not to re-identify it, and prohibit companies provided with such anonymized data from doing the same.

The report can be expected to shape future legislation and self-regulation efforts. It reiterates support for a law that would require data brokers to allow consumers to access information about them, and support for a data industry hub that would provide information about data collection practices and how to control information gathering.

[ Read FTC Calls For Data Privacy Laws. ]

The report backs compliance with industry-established norms as the yardstick by which regulatory actions will be calibrated. It calls for mobile companies to provide clearer disclosure about how they use consumer information. And it states that the FTC will work with industry groups to implement a Do Not Track system for Web browsers.

The most interesting reading in the report comes from FTC commissioner J. Thomas Rosch's dissent.

"If implemented as written, many of the Report's recommendations would instead apply to almost all firms and to most information collection practices," Rosch warned. "It would install 'Big Brother' as the watchdog over these practices not only in the online world but in the offline world."

Rosch questioned the FTC's support for making online tracking opt-in, noting a recent study that indicated "84% of users polled prefer targeted advertising in exchange for free online content."

This echoed previous testimony offered by Rosch that there's not much evidence consumers want to use Do Not Track or similar technologies.

Rosch argued that large platform providers and ISPs should only be required to get consumer consent for scanning consumer content if the company actually wants to build a profile, and not if it just has the potential to do so.

Rosch allowed that companies with monopoly power or near-monopoly power, like Intel and Google, may have extra obligations that other businesses should not be subject to.

As an antitrust attorney, Rosch is perhaps predisposed to focus on monopoly power. It's a worthy concern, but one I think needs to be approached differently in the information age. Rather than requiring that companies seek permission to gather data, we should be requiring that companies provide consumers with the tools to define privacy for themselves.

What we need is a right to self-help. Rather than attempting to legislate privacy, a term that means different things to different people, the FTC should require that companies disclose their information-collection practices and provide consumers with the ability to deny such collection. We need transparency combined with optional opacity.

We're already most of the way there on the Web. If you want to avoid being tracked online, you can already do so, Google's recent circumvention of Safari settings notwithstanding. You can operate your browser in privacy mode and you can install plug-ins to filter cookies, ads, and pretty much everything else.

Where consumers need help is on mobile devices. Consumers should have the right to run whatever browser and to install any lawful software they choose on their mobile devices. For platforms like iOS, where Apple approves all software, that would mean rejections could only be based on technical criteria, like instability, insecurity, or illegality, and not on competitive or content-based criteria. Companies' unsavory tracking practices would not matter if consumers were presented with adequate disclosures and had the option to install or implement countermeasures.

This could be extended to ISPs, such that they would be required to offer an IP-address concealment option, with provisions to make that data available only for recognized legal or security reasons.

Privacy advocates have long focused on principles of notice and consent. To that list, add control. When you have control over the information you broadcast online, you have all the privacy you want or don't want. And businesses will be able to respond accordingly: If you block ads, for example, you may have more privacy but less access to websites. The market for privacy would thus be less distorted.

In this interactive virtual event from Dr. Dobb's, Developing With HTML5, top business technologists, experts, and solution providers will discuss the present and future of HTML5 as a Web- and mobile-development platform. When you register, you will gain access to live webcast presentations and virtual booths packed with free resources. It happens April 12. (Free registration required.)

Comment  | 
Print  | 
More Insights
Big Love for Big Data? The Remedy for Healthcare Quality Improvements
Big Love for Big Data? The Remedy for Healthcare Quality Improvements
Healthcare data is nothing new, but yet, why do healthcare improvements from quantifiable data seem almost rare today? Healthcare administrators have a wealth of data accessible to them but aren't sure how much of that data is usable or even correct.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.