FTC reaches for the ‘do not track’ button

The Federal Trade Commission (FTC) wants browsers to have a setting that lets you decide if data on your Web surfing activities can be collected. Think of it as an online version of the “Do Not Call” registry.

It’s just one of the suggestions in a recently-released preliminary staff report calling for a framework to balance the privacy interests of consumers. The report dismisses industry efforts to address privacy through self-regulation as too slow. “Up to now,” the report says, self regulation has “failed to provide adequate and meaningful protection.”

The report is the FTC’s way of getting its 2 cents to policymakers, including Congress, as they develop potential laws governing privacy.

MORE ABOUT PRIVACY

• Six ways we gave up our privacy
• Slapped in the Facebook: social networking dangers exposed
• 2010: What it’s like to steal someone’s identity
• 2008: Leak sheds light on privacy proposals

“Technological and business ingenuity have spawned a whole new online culture and vocabulary e-mail, IMs, apps and blogs — that consumers have come to expect and enjoy. The FTC wants to help ensure that the growing, changing, thriving information marketplace is built on a framework that promotes privacy, transparency, business innovation and consumer choice. We believe that’s what most Americans want as well,” says FTC Chairman Jon Leibowitz.

He added that the FTC will take action against companies that violate consumers’ privacy — especially when children and teens are involved.

The report calls on companies to adopt a “privacy-by-design” mentality where protections are built into their everyday business procedures. “Such protections include reasonable security for consumer data, limited collection and retention of such data, and reasonable procedures to promote data accuracy,” the report said, adding, “Companies also should implement and enforce procedurally sound privacy practices throughout their organizations, including assigning personnel to oversee privacy issues, training employees, and conducting privacy reviews for new products and services.”

Consumer choice is a major theme throughout the report. Consumers should be able to determine who can collect their data, what kind of data can be collected and where it can be used. The “do not track” setting is the best example of how to do that, the report adds.

The reaction among legal and privacy experts is positive so far.

“The current cookie based opt-out system is ineffective in managing consumer choices. Rightly, the commission calls for a better system for users to be able to control online data collection,” Jules Polonetsky and Christopher Wolf of the Future of Privacy Forum said in a joint statement. “The Commission was widely expected to call for legislation of a do-not-track mechanism, but wisely left the door open to either legislative or self regulatory solutions.”