"The Department of Commerce today issued a report detailing initial policy recommendations aimed at promoting consumer privacy online while ensuring the Internet remains a platform that spurs innovation, job creation, and economic growth. The report outlines a dynamic framework to increase protection of consumers' commercial data and support innovation and evolving technology. The Department is seeking additional public comment on the plan to further the policy discussion and ensure the framework benefits all stakeholders in the Internet economy.
"America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs, and economic growth. Self-regulation without stronger enforcement is not enough. Consumers must trust the Internet in order for businesses to succeed online." said Commerce Secretary Gary Locke. "Today's report is a road map for considering a new framework that is good for consumers and businesses. And while our primary goal is to update the domestic approach to online privacy, we are optimistic that we can take steps to bridge the different privacy approaches among countries, which can help us increase the export of U.S. services and strengthen the American economy."
"Today's report, based on extensive public input and discussion, recognizes the growing economic and social importance of preserving consumer trust in the Internet. Global online transactions are currently estimated at $10 trillion annually. Between 1998 and 2008, the number of domestic IT jobs grew by 26 percent - four times faster than U.S. employment as a whole - with IT employment projected to increase another 22 percent by 2018.
"The report notes that the nation's privacy framework must evolve to keep pace with changes in technology, online services and Internet usage. To keep the digital economy growing, consumers need more transparency and control when it comes to the use and protection of their personal information, and innovators need greater certainty in order to meet consumer privacy expectations and the array of regulatory requirements they face around the world.
"The following are key recommendations in today's preliminary report, Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework:
"Consider Establishing Fair Information Practice Principles comparable to a "Privacy Bill of Rights" for Online Consumers
"The report recommends considering a clear set of principles concerning how online companies collect and use personal information for commercial purposes. These principles would be recognized by the U.S. government and serve as a foundation for online consumer data privacy. They would build on existing Fair Information Practice Principles (FIPPs) that are widely accepted among privacy experts as core obligations.
"The adoption of baseline FIPPs, akin to a "Privacy Bill of Rights. Should prompt companies to be more transparent about their use of consumer information; to provide greater detail about why data is collected and how it is used; to put clearer limits on the use of data; and to increase their use of audits and other ways to bolster accountability.
"Encourage Global Interoperability to Spur Innovation and Trade
Reducing regulatory barriers to trade is a high priority for the Obama administration. Currently, disparate privacy laws have a growing impact on global competition. The report recommends that the U.S. government work together with its trading partners to find practical means of bridging differences in our privacy frameworks. Collaborations with other privacy authorities around the world can reduce the significant business compliance costs. This global engagement could play a key role in a new dynamic privacy framework.
"Consider How to Harmonize Disparate Security Breach Notification Rules
"As an initial step towards consideration of a new privacy framework, the report recommends looking at ways in which to harmonize the rules that set standards for businesses to notify customers about commercial data security breaches. This comprehensive national approach to commercial data breaches would provide clarity to consumers, streamline industry compliance, and allow businesses to develop a strong, nationwide data management strategy.
"This national approach, enacted through Federal law, could help to reconcile inconsistent state laws, authorize enforcement by the FTC, and preserve state authorities' existing enforcement power. This recommendation is not aimed at preempting federal security breach notification laws for specific sectors, such as healthcare.
"Review the Electronic Communications Privacy Act for the Cloud Computing Environment
"The report recommends that the Obama Administration review the Electronic Communications Privacy Act (ECPA) to address privacy protection in cloud computing and location-based services. A goal of this effort should be to ensure that, as technology and market conditions change, ECPA continues to appropriately protect individuals' privacy expectations and punish unlawful access and disclosure of consumer data.
"In order to gather stakeholder input and refine the report's preliminary recommendations, the Commerce Department will seek public comment and publish questions from the report in a Federal Register notice next week. The Commerce Department's Internet Policy Task Force will also continue to work with others in government to engage the domestic and global privacy community, and will consider publishing a refined set of policy recommendations in the future.
"Because of the vital role the Internet plays in driving innovation throughout the economy, the Department has made it a top priority to ensure that the Internet remains open for innovation while promoting an environment respectful of individual privacy expectations," Locke said. "In these difficult economic times, nothing is more important to American prosperity than jumpstarting our engine of innovation."
Through a Notice of Inquiry (NOI) published in the Federal Register, the Commerce Department is seeking public comment from all Internet stakeholders - commercial, academic and civil society sectors and citizens - on the impact of current privacy laws in the United States and around the world on the pace of innovation in the information economy. [Comments Due 45 Days After Fed Reg Publication]The Department seeks to understand whether current privacy laws serve consumer interests and fundamental democratic values.
The Internet Policy Task Force is exploring current privacy frameworks, and ways to address the challenges of the new Internet economy and society in a manner that preserves and enhances personal privacy protection.
The Task Force is comprised of staff members from the National Telecommunications and Information Administration (NTIA), the International Trade Administration (ITA), the National Institute of Standards and Technology (NIST) and the Patent and Trademark Office (PTO), and will be coordinated through the Commerce Department's Office of Policy and Strategic Planning, which reports to the Secretary.
In addition to privacy and innovation, the Internet Policy Task Force will examine cyber security, online copyright protection and international barriers to moving data around the globe, and the ability of entrepreneurs, and small- and medium-sized businesses to expand their operations via the Internet.