Commercial data privacy - how can we protect our data?

10 February 2011

David Vladeck, Director, US Federal Trade Commission (FTC) Bureau of Consumer Protection, outlined details of a preliminary report issued in December that considered issues relating to privacy protection. The report was based on findings at public roundtables, which engaged a wide variety of stakeholders in the debate.

The report was informed by two principles:

  • advances in technology allow vast amounts of data to be collected and shared instantaneously, often in ways that are invisible to consumers, who are deeply concerned;
  • the current system depends on a ‘legal fiction’ of notice and consent, which does not give consumers meaningful choices.

The Commission is recommending several new proposals, including baseline protection, simplified choice, clear and short privacy notices, access rights, and greater transparency.

Lawrence E. Strickling, Assistant Secretary for Communications and Information, US Department of Commerce, described the work of an Internet policy task force set up last year to look at a number of Internet and privacy issues. The work resulted in a report in December, laying out recommendations and ideas for public comment. The recommendations focus on a three-part approach to privacy:

  • the importance of having a baseline to protect the privacy of all consumers;
  • the development of voluntary codes of conduct by industry, taking a multi-stakeholder approach. The Department of Commerce would act as convener and facilitator to bring parties together to work on this code of conduct;
  • the need for strong enforcement – through the FTC.

Giving the European perspective, Peter Hustinx, European Data Protection Supervisor, said that both reports were a ‘cautious start’, and outlined several of the points of substance. These included recognition that the present situation is unsatisfactory, the importance of baseline protection, an emphasis on greater transparency, and acknowledgement that self-regulation alone has failed. He finished by calling for strong international cooperation in the area of enforcement, convergence, compatibility, and interoperability of systems.

Eirini Zafeiratou, Head of EU Affairs Group Public Policy, Vodafone, said that the Internet is global and regulation in the US or the EU should not create artificial barriers or disadvantages. The enormous amount of data generated on all sorts of digital devices and platforms presents some risks to the individual, but also opportunities to benefit. The current system is not conducive to creating effective privacy protection, and so there is need for substantive reform. European regulators should look at creating a level playing field for all operators providing services to European consumers.