A Consumer Privacy Legislation? A Highly Debated Proposal since 2012
By: Ida Faustine Jacotey
In February 2012, the White House, released “A framework for protecting Privacy and promoting innovation in the Global Digital Economy”, thereby presenting a new Consumer Privacy Bill of Rights described by the presidency as a “blueprint for privacy in the information age”.[1]
President Obama’s proposal aimed to establish a consumer privacy framework in order to provide consumers with clear guidance on what they can expect from companies[2] handling their personal information, as well as setting obligations for companies using personal data[3]. As stated in the reference article, President Obama intended to see the Consumer Privacy Bill of Rights’ principles put into law, throughout a conjoint work between the Administration and the Congress.
Four years later, in February 2016, Natasha Singer, journalist for The New York Times, raises the question as to why the President’s proposed framework has not moved forward.
This question seems particularly relevant today, as the US is hosting an overwhelming fight between Apple and the FBI, bringing therefore greater attention into consumers’ privacy issues.
Such Proposal is born in a context where technology has strongly stepped into the commercial world. As a result, in 2012 like today, consumer privacy was and still is a major concern in the US, particularly since the Snowden Revolution, which brought alarming revelations related to privacy and data collection to the public eye.
From a consumer’s perspective, because privacy policies often appear obscure and/or complicated, it seems easier and almost mandatory to rely on trust when one subscribes to a service. Therefore, when the FTC brings actions against companies, consumers’ concern as to the collection and use of their personal information increases. This is particularly true when major companies such as Google or Facebook are involved, since they are an inherent part of most Americans’ lives. Such cases involving big-scale companies are likely to be assimilated as proofs of the industry’s tendency to abuse consumers’ trust.
As highlighted in this article by Cameron F. Kerry, a former Department of Commerce’s general counsel, a loss of trust is neither desirable from the industry’s point of view.
In the US, companies enjoy a large freedom to set up their own privacy policies. We know that many companies look closely to the FTC’s actions, particularly because the FTC has been increasingly active and has had a strong influence within the industry to consequently adapt their privacy policies. Despite this evident freedom that US companies enjoy to collect and use data of consumers, the industry seems aware that privacy practices require continuous adjustments to meet with consumers’ reasonable expectations as to the use and collection of data. Some companies took the relevant steps and efforts in enforcing consumer privacy protection, but some have not.
In the one hand, this context demonstrates a lack of any pragmatic instrument that would provide consumers with some level of guarantee that their privacy remains protected. In the other hand, this great flexibility is also the reason why American companies continue to innovate so much.
Consequently, there is a significant divergence of opinions about whether a legislation is desirable in the consumer privacy context. Because this ideological war is not new – and not over yet-, Natasha Singer mentions “a tale of clashing visions for American society and commerce”.
Two confronting ideas are causing the proposal to freeze: Companies’ free access to consumers’ personal information susceptible to cause them harm in many ways against the will to allow American technology companies to continue innovating with data.
In 2012, for the first time, the White House considered individual rights as a priority in the commercial privacy world[4]. This step fed the debate opposing consumer advocates (“pro-legislation”) and industry advocates (against the legislation).
As revealed by this article, some advocates argue that there is already a sufficient number of federal laws with specific limitations to companies’ use of consumer records. However, the privacy advocates points out the fact that these existing acts are specific to some companies and that the bill would instead target any companies rather than certain categories only.[5]
While the debate concerning this legislation still runs, the industry is nevertheless active, and the article points out some notable improvements that have been made since 2012, such as the data disclosure charts devised as a result from numerous discussions on mobile app transparency[6].
[1] www.whitehouse.gov/sites/default/files/privacy-final.pdf, Introductory Note, page 3
[2] www.whitehouse.gov/sites/default/files/privacy-final.pdf, Executive Summary, listing the key principles of the Bill, or “Fair Information Practice Principles” (FIPPs)
[3] www.whitehouse.gov/sites/default/files/privacy-final.pdf, Introduction page *7*
[4] www.whitehouse.gov/sites/default/files/privacy-final.pdf, Introduction: page *5* “Strengthening consumer data privacy protections in the United States is an important Administration priority. Americans value privacy and expect protection from intrusions by both private and govern- mental actors.”
[5]http://www.nytimes.com/2015/02/28/business/white-house-proposes-broad-consumer-data-privacy-bill.html, Natasha Singer for the New York Times, February 27, 2015, “There are already a number of federal laws, like the Fair Credit Reporting Act and the Video Privacy Protection Act, that limit how companies may use certain specific consumer records. The new proposed bill, the Consumer Privacy Bill of Rights Act, is intended to fill in the gaps between those statutes by issuing some baseline data-processing requirements for all types of companies” and Senator Edward J. Markey stating that “Instead of codes of conduct developed by industries that have historically been opposed to strong privacy measures, we need uniform and legally enforceable rules that companies must abide by and consumers can rely upon”.
[6] “The yearlong discussions on mobile app transparency ultimately resulted in a subset of the participants getting together on their own time to devise data disclosure charts — akin to nutrition labels on food packages — that apps could display for consumers.”