Monday, July 27, 2009

Update: Legislation to Protect Consumer Privacy Appears to be Weakening

One undeniable truth regarding protecting consumer privacy on the Internet is that our public policy continues to lag woefully behind technological innovation. The good news is that Congress is attempting, once again, to address our nation's short supply of smart Internet regulation policies and consumer protections for web users.

In the past, all attempts to pass comprehensive privacy legislation have been killed by the sheer wealth, power, and influence of those corporate interests that oppose being regulated or having their profits reduced, like cable co's, the telcos, and the Google's of the world.

Another reason that such legislation has been consistently stymied in Congress is the relatively high number of Committees Internet related legislation must navigate through just to reach a floor vote, from Financial Services to Judiciary, among others.

With that said, the good news is that another major attempt to address this growing disparity between regulatory law and technological innovation is just around the corner. I remember a that a few months ago, the general consensus regarding this legislation's framework was that it was a solid bill that might even take on what has become one of the holy grail's of the privacy movement: establishing "OPT-IN" as the standard and precedent, rather than OPT-OUT...in this case, this includes how it pertains to behavioral marketing and data collection.

Of course, there is a very long way to go between a congressman saying he will introduce a bill and the President signing it into law. And other key House and Senate leaders who would be involved in any privacy legislation have yet to articulate clear points of view on the subject.

Unfortunately for the legislation, as the PC World article I'm going to post notes, a controversial new study undercuts - in some peoples minds - the need for this legislation. From first glance, one way it does this is through the typical industry canard that argues since privacy advocates can't prove direct harm to consumers from data mining and collection, its not really a problem. I'll get to that straw man another time.

This is disappointing, because what I was looking for is a reaffirmation of the opt-in concept, as well as building momentum behind the legislation. It appears, in addition to this new study, legislators are already backing down on some of the most important privacy provisions that were being floated a few months back.

Here's a few clips from an article in PC World by Grant Gross of IDG News Service:

Legislation that would create privacy regulations for online advertising could cause consumers to get fewer free services and isn't necessary because privacy advocates have shown no harm from data collection, the co-author of a study on online advertising said.

...

While targeted advertising serves a useful purpose, consumers deserve to know who's collecting their data online and how it's being used, said Representative Cliff Stearns, a Florida Republican. Stearns predicted that Congress would release a draft of privacy legislation later this year. However, Stearns also called for lawmakers to move cautiously. Although some have called for legislation that would require online businesses to get opt-in approval from consumers before collecting any information, Stearns said such a rule would go too far.

...

Leslie Harris, president and CEO of the Center for Democracy and Technology, and Alan Davidson, director of U.S. public policy for Google, disagreed with the TPI paper's premise that there are trade-offs between privacy protection and data-based Internet services. Transparency about data collection is necessary, Harris said, so that consumers will have confidence in online services. Legislation is needed, she added, because in many cases consumers don't know how much information is being collected about them and how easy it is to identify an individual using a couple of pieces of data.

Online companies can protect user privacy and still deliver useful services, Davidson added. Privacy advocate Jeffrey Chester, executive director of the Center for Digital Democracy, called the TPI paper flawed. TPI's assertion that new privacy rules could cause major harm to online services is "an absurd, reductionistic, and intellectually-dishonest claim," Chester wrote on his blog.

"Consumer privacy laws are required to ensure that our financial, health and other personal transactions online are conducted in a responsible manner," Chester added. Anyone -- or group -- who believes that we can't have both privacy and a robust online marketplace is out of touch."

Click here to read the rest of the article.

On the bright side, just having this kind of rigorous debate on this topic is a good sign, and a step forward. Two, even if a bill doesn’t make it all the way to the president’s desk, unless its really been gutted, could push Internet companies to start taking privacy and the protection of its users data a bit more seriously in hopes of convincing Congress that such legislation isn't needed. And three, unlike the past 8 years, we now have a President that is exponentially more likely to sign such legislation. And four, Democrats have even larger majorities in both houses, and happen to also be far more receptive to privacy concerns and most definitely more knowledgeable and versed in the techie and wonky world of Internet policy than the GOP.

But in the end, what I suspect to come around the pike, if anything, will be a nearly unrecognizable bill that has been so watered down from months of big business lobbying and damaging amendments it will be barely worth supporting. But, that's my more pessimistic side. I'll follow its progress here of course...

No comments: