The Federal Trade Commission today released its framework (and the cautionary video above) for protecting consumers’ privacy online. Building on its draft privacy proposal from last year which outlined guidelines for companies to handle personal data and recommended the “Do Not Track” button option, the FTC has legal authority to sue companies that violate privacy policies.
Under FTC Chairman Jon Leibowitz, the agency last year brought charges against both Google and Facebook for alleged violations. At issue, in addition to personal privacy, the tougher the regulations the bigger the incursion on profits reaped by web giants who use the data from targeted advertising to offer their services for free.
The FTC's new report addressed five key areas, as TechCrunch notes:
Do Not Track — The FTC committed to working with browser vendors, the Digital Advertising Alliance, and The World Wide Web Consortium “to complete implementation of an easy-to use, persistent, and effective” system.
Mobile — The FTC wants mobile companies to provide “short, meaningful disclosures”, and it will host a workshop on May 30 in the hopes of that it “will spur further industry self-regulation.”
Data Brokers — The FTC supports legislation that would give consumers access to the information that data brokers hold about them. It also calls for those brokers to “explore creating a centralized website” showing who is collecting what data.
Large Platform Providers — The FTC report says that as Internet Service Providers, operating systems, Web browsers, and social media services try to “comprehensively track consumers’ online activities,” they raise “heightened privacy concerns,” and the commission plans to hold a workshop later this year to look at the issue. For now, it seems like the commission is least concerned about the final category. The report says that even though “companies such as Google and Facebook are expanding their reach rapidly, they currently are not so widespread that they could track a consumer’s every movement across the Internet,” so they don’t raise “the same level of privacy concerns.”
Promoting Enforceable Self-Regulatory Codes — The FTC says it will participate in the Department of Commerce’s efforts to build sector-specific codes of conduct, and that if those codes are developed, the commission will “view adherence to such codes favorably in connection with its law enforcement work.”
The White House announced its own “Privacy Bill of Rights” this year, stating consumer’s right to control personal data collected by organizations and urged Congress to endorse those protections into law.
Subcommittee Chairwoman Mary Bono Mack (R-Calif.) called privacy a “critically important issue” but warned that “any rush to judgment could have a chilling effect on our economy and potentially damage, if not cripple, online innovation,” referencing the mistakes of Europe with much tougher privacy regulations.
The growing conundrum around privacy issues underscores the sea changes wrought by social media for one particularly vulnerable group: job-seekers. Democratic Senators Chuck Schumer of New York and Richard Blumenthal of Connecticut are asking the Department of Justice and the U.S. Equal Employment Opportunity Commission to investigate and rule on the alarming issue of employers asking for Facebook passwords during job interviews, as flagged by the AP last week.
This new Big Brother-like practice of seeking ‘social media credentials’ violates federal law according to the Senators, backed by a growing cadre of privacy advocates.
If an employer finds a prospective employee a member of a protected group and subsequently doesn’t make the hire, they could be vulnerable to claims of discrimination, and gender, race, religion and age information, often shown on Facebook profiles, are protected by federal employment law.
In a statement posted Friday on Facebook, the site's Chief Privacy Officer Erin Egan says the social network would take legal action "where appropriate…This practice undermines the privacy expectations and the security of both the user and the user's friends…It also potentially exposes the employer who seeks this access to unanticipated legal liability."
The senators want to clarify if such a practice by employers violates the Stored Communications Act or the Computer Fraud and Abuse Act, acts that prohibit intentional access to electronic information and to computers without authorization, respectively.
Egan maintains no process should include divulging your password. "As a user, you shouldn't be forced to share your private information and communications just to get a job. And as the friend of a user, you shouldn't have to worry that your private information or communications will be revealed to someone you don't know and didn't intend to share with just because that user is looking for a job."
"I think it's going to take some years for courts to decide whether Americans in the digital age have the same privacy rights" as previous generations, ACLU attorney Catherine Crump told the Associated Press.
Or, put another way:
“Hands off FACEBOOK … the very information that employers would be privy to in your profile, is the very information that employers are not allowed to ask during an interview, age, marital status, sexual orientation and for women, if you are pregnant. STOP BEING LAZY AND DO THE BACKGROUND CHECK YOURSELF WITHOUT VIOLATING INDIVIDUAL’S PRIVACY. How long will it be before we see a rash of lawsuits based on the premise that employees were rejected job hiring because of not providing their Facebook passwords.”