White House: 'Consumer Privacy Bill of Rights' a step toward do not track legislation


The White House unveiled Feb. 23 a "Consumer Privacy Bill of Rights" as part of a larger report (.pdf) formulated through the work of the Commerce Department's Internet Policy Task Force. The task force launched its comprehensive review of online privacy in 2010.

This "blueprint for privacy in the information age" will help consumers manage the data collected about them, and monitor how it is stored, used or shared, says the Obama administration. The bill of rights also outlines seven principles--such as "focused collection" and "accountability"-- the administration says it hopes will be incorporated into Internet privacy legislation.

"We will work with Congress to implement [the bill of rights] through legislation," said Commerce Secretary John Bryson during Feb. 22 press call. "But we're moving forward regardless...This cannot wait."

The Center for Democracy and Technology called the bill of rights a "positive step," but said real change will be dependent upon future legislation.

In the interim, the White House is encouraging businesses to voluntarily commit to the bill of rights in order to enable better privacy protections online as soon as possible. A company's public commitment to adhere to the code of conduct will be subject to enforcement by the Federal Trade Commission, according to a White House statement.

During the same press briefing advertisers announced their commitment to implementing "do-not-track" technology. Digital Advertising Alliance Executive Director Stuart Ingis said the organization is working with Internet browser companies to make it easier for users to control online tracking through a browser-based, single button system.

A handful of companies, including Google (NASDAQ: GOOG), Yahoo!, Microsoft (NASDAQ: MSFT) and AOL, have agreed to honor browsers' choice of do not track headers. The companies covered in the DAA commitment represent the delivery of nearly 90 percent of online behavioral advertisements, said a White House statement.

"It will take some months to get it fully implemented, but what's intended is that a consumer will have a simple and clear mechanism at their browser to exercise choice, which would be a uniform choice, that would apply to all companies that would collect data across sites about the consumer," said Ingis.

White House Deputy Chief Technology Officer Daniel Weitzner said this will appear as a button or check box at the top of the browser that says "do not track me" or "tell the website I don't want to be tracked."

"The industry deserves credit for this commitment, though the details of exactly what 'Do Not Track' means still need to be worked out," said CDT's Director of Consumer Privacy Justin Brookman, adding that CDT will continue working through the W3C standards process to set clear 'Do Not Track' rules.

On the same day as the brifing, the Federal Communications Commission chairman also called for better online privacy and cybersecurity.

"We can and must improve online security while protecting individuals' privacy," said Genachowski Feb. 22 during a cybersecurity address at the Bipartisan Policy Center in Washington, D.C.

In addition, he called on all Internet service providers to "develop and adopt an industry-wide code of conduct to combat the botnet threat and protect the public."

"Privacy and security are complementary--both are essential to consumer confidence," said Genachowski.

For more:
- download the White House privacy report
- see Genachowski's prepared remarks
- see a White House press release on the initiative
- see a White House fact sheet on the bill of rights
- see a CDT press release

Related Articles:
Audio: White House, Commerce, FTC officials discuss online privacy initiative
NIST, DHS, solicit information on possible ISP botnet 'code of conduct'
NSTIC pilots will test new, unproven solutions
NIST embraces assertion-based remote e-authentication