The U.S. White House will push for online businesses to adopt new privacy codes of conduct, including consumer rights to control what information websites collect about them and a right to see what data is being collected, officials there said.
Members of President Barack Obama's administration will officially announce details about its so-called privacy bill of rights on Thursday, with the effort focused on government working with private businesses, privacy groups and other experts to develop voluntary privacy codes of conduct.
While the Obama administration will propose privacy legislation to the U.S. Congress, the U.S. Department of Commerce will move ahead with voluntary codes of conduct that could be implemented without congressional action, administration officials said in a press briefing late Wednesday. Legislation would put consumer privacy rights into law.
"American consumers can't wait any longer for clear rules of the road that ensure their personal information is safe online," Obama said in a statement. "As the Internet evolves, consumer trust is essential for the continued growth of the digital economy. For businesses to succeed online, consumers must feel secure."
If a company commits to following a privacy code of conduct, that commitment will be enforced by the U.S. Federal Trade Commission, said Daniel Weitzner, the White House's deputy CTO.
While adopting the privacy codes will be voluntary, many online businesses will want to consider them in an effort to retain the trust of their customers, officials said.
"We certainly think a lot of businesses will step up, and have stepped up, but we don't expect that solves the entire problem," Weitzner said. The White House will push for Congress to expand privacy protections, he added.
During the official White House announcement Thursday, the Digital Advertising Alliance (DAA), a coalition of U.S. media and marketing trade associations, will commit to honoring do-not-track requests made by Web users through their browsers. Most major browsers now offer do-not-track options, but compliance with the requests has been uneven.
Nearly 90 percent of U.S. businesses that deliver behavioral advertising, including Google, Yahoo, Microsoft and AOL, are members of the groups that make up the DAA, said Stu Ingis, the DAA's general counsel. Most DAA members should begin honoring the do-not-track requests within nine months, after working with browser makers to develop consistent do-not-track standards, he said.
"The DAA is committed to making choices work for all consumers," Ingis said.
FTC Chairman Jon Liebowitz praised the DAA for committing to honoring do-not-track requests in browsers. "This is a big step," he said.
With the DAA commitment, Web users should expect that if they set their browsers to prohibit websites and online advertising networks from tracking them, that one request will be honored across the Web, Weitzner said. Consumers should be able to make the choice once and not have it expire, he added.
The White House privacy proposal focuses on giving Web users choices about whether websites and advertising networks collect their personal information and what they do with it. Web users have a right to expect that Web businesses collecting their personal information will keep it secure and will limit the type of information they collect.
Consumers have a right to "easily understandable and accessible information about privacy and security practices," the White House privacy paper said. In addition, consumers have a right to access and correct personal data held by online companies, the paper said.
The Department of Commerce has been calling for new privacy protections for more than a year, but Thursday's announcement, and the accompanying 60-page paper, represent the most concrete plan the Obama administration has released.
In recent days, privacy groups have also criticized Google for allegedly circumventing privacy controls in the Internet Explorer and Safari browsers.
Privacy group Consumer Watchdog praised the White House privacy announcement, although the group had not seen the proposals as of Wednesday evening.
"From what I understand to be in it, the report may represent real progress," said John Simpson, privacy project director for the group. "Enforceable codes of conduct could matter. Baseline privacy legislation could make a difference."
Simpson said he's skeptical of an effort that will allow online companies to participate in the writing of privacy codes of conduct, and he questioned whether the Department of Commerce, with the job of promoting U.S. businesses, is the right agency to drive the privacy standards.
"The real question is how much influence companies like Google, Microsoft, Yahoo and Facebook will have in their inevitable attempt to water down the rules that are implemented and render them essentially meaningless," he said.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is email@example.com.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.