Want CNET to notify you of price drops and the latest stories?

White House pledges new Net privacy approach

A White House aide says that the new approach, expected to be announced this fall, will feature "privacy law without regulation."

Declan McCullagh Former Senior Writer
Declan McCullagh is the chief political correspondent for CNET. You can e-mail him or follow him on Twitter as declanm. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site.
Declan McCullagh
2 min read
Danny Weitzner pledges new privacy laws without a "traditional regulatory structure."
Danny Weitzner pledges new privacy laws without a "traditional regulatory structure." Declan McCullagh/CNET

ASPEN, Colo.--A White House aide today previewed the administration's forthcoming approach to Internet consumer protection, saying it will provide "privacy law without regulation."

"Businesses that are engaged in responsible privacy practices today ought not to face any additional burdens," said Danny Weitzner, associate administrator at the National Telecommunications and Information Administration (NTIA) who's on assignment to the White House's Office of Science and Technology Policy.

Weitzner suggested during a discussion at a Technology Policy Institute conference here that: "You can have stronger privacy law, clearer rules, clearer principles established in law, without the costs and downsides of a traditional regulatory structure."

In December, the U.S. Commerce Department outlined proposals for how federal laws regulating companies' data collection practices could be updated, but stopped short of specific recommendations for legislation. An administration-wide white paper is expected this fall.

Lawrence Strickling, the NTIA's administrator (the agency is part of the Commerce Department) suggested to Congress in March that it should enact a "consumer privacy bill of rights" that would mandate broad privacy protections. Some possibilities--Strickling, too, avoided specifics--include requiring companies to describe the purpose for which they're collecting data, and keeping it secure once collected.

That's similar to what Weitzner outlined today. "I think the government has a key role in articulating what consumer rights ought to be," he said.

"The strength of our system is that we iterate quite a bit in trying to answer those questions--(instead of having) a fixed set of regulations, and then scratch our heads for 10 years and worry whether they're the right ones," he said.

While the United States does not have a data collection law as specific as Europe's controversial approach, federal agencies including the Federal Communications Commission and Federal Trade Commission have existing authority to police privacy violations. So do state attorneys general--who have used state laws to extract concessions from Facebook and Amazon.com. Class action lawsuits, such as one filed against Apple, tend to have a strong deterrent effect.

Victor Nichols, the chief executive of data broker firm Experian North America, who spoke earlier in the day, warned of overzealous federal regulation of companies' data collection and use practices. That can interfere with economic growth, he said.

"We all understand that laws and regulations cannot move as fast as businesses can in response to consumer need," Nichols said. "Industry self-regulation therefore provides the flexible approach...providing consumers with the transparency and choice that they need."