Fandom

The IT Law Wiki

Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Business and Policy Makers

32,198pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Citation Edit

Federal Trade Commission, Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Business and Policy Makers, at 60 (Mar. 2012) (full-text).

Overview Edit

FTCpriv

This report sets forth best practices for businesses to protect the privacy of American consumers and give them greater control over the collection and use of their personal data. It also recommends that Congress consider enacting general privacy legislation, data security and breach notification legislation, and data broker legislation.

Recommendations Edit

The final privacy report expands on a preliminary staff report the FTC issued in December 2010.[1] The final report calls on companies handling consumer data to implement recommendations for protecting privacy, including:

As to choice and transparency, the Report noted that all companies involved in data collection and sharing through mobile devicescarriers, handset manufacturers, operating system providers, app developers, and advertisers — should work together to provide privacy disclosures and ensure that they are understandable and accessible on a small screen.

The Report also called on companies to develop standard formats and terminology for privacy statements applicable to their particular industries. The Commission acknowledged the challenges and complexities of providing notice in the mobile environment, and indicated that these factors increase the urgency for companies providing mobile services to develop standard notices, icons, and other disclosures that businesses can use to communicate with consumers in a clear and consistent way. The Commission also supported the development of a Do-Not-Track (DNT) mechanism for both the web and mobile environments.

Changes from draft report Edit

The final report notes that the FTC received over 450 comments on the staff's preliminary recommendations. Based on technological advances and industry developments since the December 2010 staff report and in response to the comments, the agency is revising recommendations in three areas:

  1. A person sitting at a computer using the Internet, viewing a shopping advertisement. Information shared about the user may include such things as prescription history, news and shoe preferences, shopping habits, and location information.
  2. The final report changes the guidance's scope. The preliminary report recommended that the proposed framework apply to all commercial entities that collect or use consumer data that can be linked to a specific consumer, computer, or other device. Recognizing the potential burden on small businesses, the report concludes that the framework should not apply to companies that collect and do not transfer only non-sensitive data from fewer than 5,000 consumers a year. The report also responds to comments filed by organizations and individuals that, with technological advances, more and more data could be "reasonably linked" to consumers, computers, or devices. The final report concludes that data is not "reasonably linked" if a company takes reasonable measures to de-identify the data, commits not to re-identify it, and prohibits downstream recipients from re-identifying it.
  3. The report refines the guidance for when companies should provide consumers with choice about how their data is used. It states that whether a practice should include choice turns on the extent to which the practice is consistent with the context of the transaction or the consumer's existing relationship with the business or is required or specifically authorized by law. These practices include product fulfillment and fraud prevention.

Data brokers Edit

The report also contains important recommendations regarding data brokers. It notes that data brokers often buy, compile, and sell highly personal information about consumers. Consumers are often unaware of their existence and the purposes to which they use the data. The report makes two recommendations to increase the transparency of such practices.

First, it reiterates the Commission's prior support for legislation that would provide consumers with access to information held by data brokers. Second, it calls on data brokers who compile consumer data for marketing purposes to explore creation of a centralized website where consumers could get information about their practices and their options for controlling data use.

Next steps Edit

While Congress considers privacy legislation, the Commission urges individual companies and self-regulatory bodies to accelerate the adoption of the principles contained in the privacy framework, to the extent they have not already done so. Over the course of the next year, Commission staff will work to encourage consumer privacy protections by focusing on five main action items:

References Edit

  1. FTC, Protecting Consumer Privacy in an Era of Rapid Change, A Proposed Framework for Businesses and Policymakers, Preliminary FTC Staff Report (Dec. 2010) (full-text).
  2. Privacy by Design is an approach that Ann Cavoukian, Ph.D., Information and Privacy Commissioner, Ontario, Canada, has advocated. See Information and Privacy Commissioner, Ontario, Canada, Privacy by Design.[1]

Also on Fandom

Random Wiki