Several lawmakers in both chambers have put forth bills that would establish new protections for consumer privacy online. But that’s nothing new. Efforts to enact comprehensive privacy legislation have been a mainstay in tech policy discussions for several congresses. In the coming election-shortened session, and with industry players pressing their case that robust self-regulation can work, even staunch advocates for strong privacy legislation admit they’re up against long odds.
“With the exception of a bipartisan proposal to protect children and teen privacy, legislation is unlikely,” said Jeff Chester, executive director of the Center for Digital Democracy and an often outspoken critic of Web companies’ privacy practices. “This issue is too controversial and involves too many politically connected players.”
Instead, the Federal Trade Commission, the principal enforcement agency for the existing privacy laws, can be expected to continue with its investigation of the practices of individual companies in response to consumer complaints. In 2011, for instance, the agency reached separate agreements with Google and Facebook under which the companies agreed to submit to regular privacy audits for 20 years, among other provisions.
Additionally, the FTC is expected to release a comprehensive framework early in the coming year that will include recommendations (they won’t be binding) for Web companies to improve their privacy stance.
Another report, expected around the same time, will come out of the Department of Commerce, which has been working with the Justice Department and the White House Office of Science and Technology Policy to develop its own white paper that will lay out something like a privacy bill of rights. Upon release of the white paper, Commerce plans to convene meetings with stakeholders such as Web companies and consumer advocates to develop practical codes of conduct, further advancing the administration’s position on the issue and potentially influencing the course that privacy legislation takes in Congress.
“The action is going to be in several places. It’s going to be at the FTC, at the Department of Commerce and in Brussels,” Chester said. “The big invisible player here is the European Union, which is in the process of significantly revising its privacy [framework],” he added.
The EU has historically taken a more rigorous approach toward regulating privacy than have U.S. authorities. Chester suggested that if the new rules under development in Europe raise the bar higher, that will impose additional privacy restrictions on U.S. companies that operate globally, and could inspire domestic regulators to follow the lead of the EU.
“The Europeans could easily become the global standard,” he said.
Extracted from Article on the CIO labelled: 5 Hot Technology Policy Agenda Items You Need to Watch