According to a new White House report on consumer data privacy
protection, trust is worth a lot of money to U.S. businesses—users
have to know their data will be protected if the economic engine of
digital innovation is to keep roaring. Ergo, the U.S. needs a privacy
framework that's "flexible" enough to accommodate industry innovation,
and comprehensive enough that consumers will feel safe—and keep
clicking.
But trust between consumers and companies in the U.S. is only part of
the equation. There's another important element, too: how compatible
U.S. safeguards are with those of the rest of the world, and
particularly Europe. This new proposal arrives a month ahead of a
conference on data protection between E.U. and U.S. officials in
Washington, D.C., leading to questions about whether Europe and the
U.S. are any closer to getting on the same page when it comes to data
privacy.
The answer not only depends on who you ask, but also what section of
the White House's report you're looking at. The white paper lists
seven principles and stresses that these principles should form the
basis of voluntary codes of conduct adopted by industry. Once adopted,
the Federal Trade Commission would have the power to enforce
compliance to those codes. The paper also includes a call for Congress
to pass legislation based on these principles, and devotes a section
to "international interoperability"—which considers how data can be
sent across international borders without violating laws on either
side of the transaction.
Let's start with the Consumer Privacy Bill of Rights. As Joseph
Turrow, a professor at the Annenberg School for Communication at the
University of Pennsylvania, told NPR's Fresh Air, even the wording of
the report's title is a noteworthy choice:
[Europeans] believe in privacy as [a] human right. And that's the
interesting thing about how [the upcoming] Commerce Department report
is positioned: as a right. There are some advocates who don't like
what they see in the policy because they think it's too loose. But the
very fact that it's called a right is interesting rhetorically. Some
people would say they're moving in the right direction.
Privacy expert Lisa Sotto says that while the seven rights derive from
the Fair Information Practice Principles—which were issued by the U.S
Department of Education, Health, and Welfare in the 1970s—this updated
version also reflects contemporary European ideals: "A number of the
principles would seek to import European data protection standards to
the U.S., such as the right to access and correct data," says Sotto,
head of the global privacy and data security Practice at Hunton &
Williams in New York.
Next up: FTC enforcement and voluntary codes of conduct, which might
be a harder sell to Europeans. In fact, argues Jeffrey Chester, head
of the Center for Digital Democracy, the whole notion of
self-regulation by industry undercuts the basic tenants of the
European regulatory regime. "The Europeans are building a
comprehensive online privacy framework that places the interests of
citizens first," he says, while the U.S. self-regulatory approach
advances the interests of U.S. data mining companies. "This is digital
apples and oranges."
The section on interoperability, says Stuart Levi, a partner at
Skadden, Arps, Slate, Meagher & Flom in New York, can be read as a
signal to Europe: "We want you to recognize what we do here, and
accept what we do here."
"The U.S. is hedging its bets," adds Levi, co-head of the firm's
intellectual property and technology group. In other words, even if
the U.S. doesn't get a comprehensive data privacy and protection
policy passed into law, the Obama administration at least wants the
E.U. to recognize that a self-regulatory regime is valid and worthy of
respect.
The topic of global privacy regulations is now at a new pivot point.
Are the new E.U. framework and White House "Bill of Rights" the
beginning of a more global approach to data privacy, or are both sides
far enough down the digital road that it will be nearly impossible to
reconcile the legal and philosophical differences? For multinational
companies and web brands that rely on global access to data and
customers, the answer will be crucial to their success in a
21st-century marketplace.
For more information on these matters, please call our office at 305
548 5020, option 1.
Twitter: www.twitter.com/yoelmolina_mo
Faceback page: www.facebook.com/lawofficeofyoelmolina
Linkedin profile: http://tinyurl.com/linkedinpagemo
Blog: http://tinyurl.com/molawblog
"Turn to us when you need help"
