The Federal Trade Commission has told Congress consumers must be confident their privacy will be protected if they were to take advantage of all the benefits offered by the Internet marketplace.
“Privacy has been an important component of the [FTC’s] consumer protection mission for 40 years,” stated Commissioner Julie Brill‘s June 29 testimony to the Senate Committee on Commerce, Science and Transportation. “During this time, the commission's goal in the privacy arena has remained constant: to protect consumers' personal information and ensure that they have the confidence to take advantage of the many benefits offered by the dynamic and ever-changing marketplace.“
To preserve consumers’ privacy, FTC has taken an approach that encompasses law enforcement actions, consumer and business education efforts and policy initiatives, the testimony said. In the past 15 years, the agency has brought more than 300 privacy-related actions, including cases involving data security, spam and spyware.
Based on a discussions with privacy experts, business representatives and academics who looked at the implications of new technologies and business practices on consumer privacy, FTC issued a preliminary report proposing a privacy framework with three main concepts, the testimony states.
The proposal called for companies to adopt a “privacy by design” approach by building privacy protections into their everyday business practices — for example, collecting or retaining only the necessary data needed to provide a requested service or transaction, and implementing reasonable security for such data, according to the testimony.
The report report also noted that consumers should be able to control the collection and use of their personal information, for example, via a Do Not Track mechanism. Said feature should not undermine the benefits online behavioral advertising has to offer, the testimony says, but it could allow consumers to decide what type of advertising they want to receive and what sort of data they are willing to have collected about them, in addition to providing an option to opt out.
In addition, the staff report recommended that “companies should improve their privacy notices so that consumers, advocacy groups, regulators, and others can compare data practices and choices across companies, thus promoting competition,“ the testimony states.
The testimony notes that while FTC does not advocate for any particular legislative proposals, it favors data security legislation “that would (1) impose data security standards on companies, and (2) require companies, in appropriate circumstances, to provide notification to consumers when there is a security breach.“