Is A "Privacy Bill of Rights" and New Federal Office the Answer to Our Online Privacy Woes?

The federal government waded further into the ongoing debate over online privacy this week, calling for the creation of an online "Privacy Bill of Rights" and a new federal office to develop and oversee those guidelines. Facing an Internet that evolves constantly, privacy breaches that strike daily, and Web entrepreneurs anxious to test boundaries, is that enough?

The federal government waded further into the ongoing debate over online privacy this week, calling for the creation of an online “Privacy Bill of Rights” and a new federal office to develop and oversee those guidelines. Facing an Internet that evolves constantly, privacy breaches that strike daily, and Web entrepreneurs anxious to test boundaries, is that enough?

The two recommendations struck as the headline-grabbers of a much-anticipated, 88-page online privacy report just released by the U.S. Commerce Department. The draft, which Commerce labeled a still-workable “green paper,” does more to reinforce, not rework, the current patchwork of laws, regulatory authorities and self-regulation that exist in the United States to monitor data collectors and Web advertisers.

The proposed “privacy bill of rights” would “prompt companies to be more transparent about their use of consumer information; to provide greater detail about why data is collected and how it is used; to put clearer limits on the use of data; and to increase their use of audits and other ways to bolster accountability,” according to the department’s news release.

And just as soon as the report was released, mixed reviews were in.

For some privacy watchers, the report was doomed from the start, beginning with its title, ‘Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.’

“They talk about commercial data privacy,” noted John Simpson, consumer advocate at Consumer Watchdog, in an interview with eWeek. “What we should be talking about is consumers’ data and their right to privacy, not a business commodity.”

Others, including representatives from the World Privacy Forum and the Consumer Federation of America, voiced concerns that a privacy policy office would be part of the Commerce Department and not an independent agency, reported the New York Times.

Additional criticisms of the report centered on its emphasis on self-regulation by the online advertising industry and its proposal of creating a safe harbor against enforcement actions by the Federal Trade Commission (FTC) as an incentive for businesses to adopt better privacy practices.

The Center for Democracy and Technology, a digital rights interests groups, applauded the report, but pointed to the need for Congress to act as well.

“The Department of Commerce report lays out a creative and flexible approach to develop enforceable privacy protections for consumers,” said Justin Brookman, who heads CDT’s Privacy Project, in a statement. “Now it’s time for Congress to step up and pass the legislation needed to enact a baseline consumer-privacy law that is built on the strong recommendations contained in the Commerce and FTC privacy reports.”

The report is the latest momentum in what appears as a “walls closing in” scenario for online privacy.

Coming so quickly after the Federal Trade Commission bucked advertisers in calling for a “Do Not Track” function on Web browsers, the Commerce Department proposal could push Congress to more urgently consider new online privacy legislation. Such legislation is already on the table, but where it will land when the new Congress begins in January remains unseen.

The Commerce Department report notably did not take a direct position on the FTC’s “Do Not Track” proposal.

And for that, both the ad industry and at least one Internet giant, for one, approve.

Mike Zaneis, vice president of public policy for the Interactive Advertising Bureau, called the Commerce Department report “a well thought-out product that was developed with a really inclusive process,” as opposed to the FTC proposal, which he said could “perhaps enforce overly burdensome, draconian regulatory burdens.”

Pablo Chavez, Google’s director of public policy, wrote in a statement that the Mountain View Internet company supports the Commerce Department’s “recommendation for privacy to be approached comprehensively and broadly, with a clear focus both on users and innovation on the Internet.”