+

Washington’s Privacy Tango Searching For the Elusive Consensus

March 13, 2012 Bennet KelleyInternet Law Center

+

n  Founder of Internet Law Center in Santa Monica

n  Former Co-Chair of Cal. Bar Cyberspace Committee

n  Host of Cyber Law & Business Report on WebmasterRadio.fm (Weds at 10-11AM PT)

n  Publisher of Cyber Report newsletter which won top prize at 2011 LA Press Club Awards and named a top source for internet law

+This Debate Is Not New

n  OK, Not Quite That Old

n  Since Advent of Internet

n  What Has Changed

n  Reach/Breach

n  Acceptance of Some Regulation

n  Number of Players and Technologies Involved

+1999: SPOTLIGHT ON ONLINE PROFILING

n  1999: FTC Conference

n  1999: Network Advertising Initiative launched to stop regulation

n  2000: Report to Congress

 

•  Commends NAI but . . .

•  [Recommends] legislation that would set forth a basic level of privacy protection for all visitors to consumer-oriented commercial Web sites with respect to profiling.

–  Basic standards of practice governing the collection and use of information online for profiling, and provide an implementing agency with the authority to promulgate more detailed standards

–  [Including] authority to grant safe harbors to self-regulatory principles which effectively implement the standards of fair information practices articulated in the legislation and subsequent rulemaking.

+ 2001-2006: Other Priorities •  Spam (2003)

•  Spyware (2004)

+ 2007-2009 Dancing Over Self-Regulation •  2007: FTC Releases Self-Regulatory

Principles for Behavioral Targeting

•  2008: Industry Pushes Back

•  2009: Leibowitz Warns Industry Action is Coming

•  Industry Responds with IAB, DMA, AAAA Guidelines

+ Emergence of the Creepiness Factor “Is it legal? Probably. Do I think it's a good idea and it makes sense? No. I don't think it passes the creepy factor, and this market isn't ready for stuff that doesn't pass the creepy factor,”

“We are not in a place where we an do dumb things and stupid things like that, even if they're effective.” Dave Morgan. Tacoda Founder on NebuAds.

+ 2009-2011: Lawyers of the Roundtable •  Tenth Anniversary of Online Profiling

Conference

•  Industry Still Fighting Regulation

•  Complexity Increases

•  . . . Oh and there’s that Social Networking thing too.

+ Personal Data Eco-System Any questions????

+FTC Privacy Report

Our report and law enforcement action send a clear message to industry: despite some good actors, self-regulation of privacy has not worked adequately and is not working adequately for Americans consumers. We deserve far better from the companies we entrust our data to, and industry, as a whole, must do better.

FTC Chairman Jon Leibowitz

+DOC Privacy Report

n  Endorses baseline commercial data privacy principles that would fill any gaps in existing U.S. law;

n  Safe harbors against FTC enforcement for practices defined by baseline data privacy or self-regulatory codes;

n  Limited rulemaking authority over certain baseline fair information privacy practices principles if it is established that market failures require prescriptive regulatory action; and

n  National Data Breach Standards

+Market Reaction

n  Browser Wars n  Privacy Competition

n  Industry Begins Policing Itself

+Its Back . . .

+Meanwhile . . .

n  No Consensus on Capitol Hill

n  Other Internet Battles

n  Net Neutrality

n  SOPA

+

Obama Bill of Rights •  Individual Control

•  Transparency

•  Respect for Context

•  Security

•  Access and Accuracy

•  Focused Collection and

•  Accountability

+ Half Empty •  Relies on self-regulatory principles and

passage of comprehensive privacy legislation – neither of which is on the horizon.

•  Little different that where we were in 1999

+ Half Full •  Jump starts moribund legislative process

•  Got industry backing of do-not track on browser level

•  Industry is engaging in self-regulation and enforcement already

•  Substantial movement in industry’s approach since 1999

+ Internet Law Center 100 Wilshire Blvd., Suite 950, Santa Monica, CA 90401 (310) 452-0401 bkelley@internetlawcenter.net www.internetlawcenter.net