Consumer advocates say the Obama administration's blueprint for protecting consumers' privacy online is a good first step, but they will be watching closely to see how it's implemented.
The White House and the Federal Trade Communications todaywhich will serve as a policy outline for future legislation and public policy that will work to protect consumers' privacy while online from a computer or mobile phone.
The administration also worked with online advertising associations, such as the Digital Advertising Alliance and others, to revive "Do Not Track" technology and best practices. This technology will allow consumers to change settings in their browsers to notify advertisers that they do not wish to be tracked as they move from Web site to Web site online.
The Do Not Track technology has been around for some time, but it hasn't been used widely yet because not all advertisers have signed on to implementing the technology. Also, groups such as the World Wide Web Consortium (W3C) have not yet agreed on the technical standards and compliance obligations to make Do Not Track an industry wide standard.
But now major advertising associations representing more than 400 companies say they will back some form of the measure. Google, Yahoo, Microsoft, and AOL are also committing to work with Do Not Track technology in most major Web browsers.
Ellen Bloom, a senior director of policy for Consumers Union, was at the press conference today in Washington, D.C., where the "Consumer Privacy Bill of Rights" was unveiled. She said consumers are very concerned about Internet companies passing along their private information to third parties. And she is happy that the administration is taking steps with the "Consumer Privacy Bill of Rights" to protect consumers. But she said the group will continue to educate and advocate to make sure privacy protections are strong enough to do the job.
"We are glad that the FTC and the advertising industry will breathe new life into the Do Not Track rules," she said. "This is a welcome first step toward providing a single simple tool to opt out of being tracked online. We are encouraged that we're on the right track. But we are not ready to rest."
Bloom said there is more to be done in terms of educating consumers about how to use meaningful privacy tools.
Other advocacy groups said they are concerned that the administration's support of the advertising industry's self-regulation for Do Not Track may undercut efforts already underway by the W3C to create a strict Do Not Track standard.
"The only problem with this, is that the W3C has yet to agree what Do Not Track technical standards and compliance obligations will be," John Simpson, director of the advocacy group Consumer Watchdog said in a statement. "If the W3C standards are stricter than industry wants, I can't believe they will follow them. I hope not, but this may actually be an effort to undermine the W3C process."
Simpson said he is also concerned about how the guidelines and rules will be developed. The way the policy is worded in White House Privacy report, the administration hopes that advertisers and technology companies will work with advocates and the government to come cup with codes of conduct. And the Federal Trade Commission will enforce those codes of conduct.
But Simpson is wary that such self-regulation will work, unless all stakeholders are given equal voice in the process.
"The real question is how much influence companies like Google, Microsoft, Yahoo and Facebook will have in their inevitable attempt to water down the rules that are implemented and render them essentially meaningless," he said. "I am skeptical about the 'multi-stakeholder process,' but am willing to make a good faith effort to try."
In general, the Privacy Bill of Rights would give users broad rights to protect their own information online. In its most basic form, the White House said that users should be given the right to control how their personal data is used. They must also have the right avoid having their information collected and used for multiple unknown purposes. They have the right to make sure their information is held securely. And they they must have the right to hold those who are handling or misusing their personal data accountable when things go wrong.