Privacy advocates Thursday welcomed a White House privacy plan that would give consumers more control over how personal data is collected, used, stored and shared by websites and online advertisers.
In a 60-page Consumer Privacy Bill of Rights released today, the Obama Administration spelled out a series of proposals aimed at getting various Internet stakeholders to develop baseline codes of conduct for handling consumer data.
The document makes it clear that the Administration will work with Congress to enact legislation that would implement the codes of conduct.
But the larger focus of the plan is to get Internet companies, privacy and consumer advocacy groups, state attorneys general, law enforcement agencies and academicians to jointly develop voluntary standards for ensuring the security of consumer data.
The Obama administration plan also calls for the Federal Trade Commission, the U.S. Department of Commerce and other agencies to help joining the various factions in the effort.
Specifically, the bill of rights would give consumers more individual control over what personal data of theirs companies can collect, use and share.
The plan would also give consumers the right to access and to correct personal data collected by Internet companies, and require that companies minimize the collection of personal data, protect sensitive data and give consumers clear and easily understandable information about their privacy practices.
Under the proposal, participation would be voluntary for Internet companies, though it's expected that most of them would take part simply because of market pressure.
The Digital Advertising Alliance, a coalition of online advertising groups has already said that it will get its members to honor Do Not Track requests made by users via their Internet browsers. The group already has in place a set of self-regulatory principles for online advertising but it's unclear today how many companies adhere to them.
Any company which agrees to abide by the codes of conduct would be held to that commitment by the Federal Trade Commission, according to the proposal.
The proposal comes as user concerns about data collection and data sharing by major Internet companies run high.
Google's disclosure late last month that it planned to consolidate user information across all of its applications in particular drew considerable ire among consumers and privacy groups.
Leslie Harris president of the Center for Democracy and Technology, called the White House move important at a time of growing user angst about Internet privacy.
"It is an extraordinary, and I think, ground breaking commitment, to privacy, from a President," Harris said. "This is the first time there has been a [White House] statement this robust and serious" about online piracy, she added.
The proposals in today's White House documents provide a path for all Internet stakeholders to collaborate on online privacy matters, she said.
"CDT has always thought that the best approach to privacy is to have high level rules enacted by Congress followed by some kind of processes which would create Safe Harbors for people who agree to [voluntary] codes of conduct," she said.
Marc Rotenberg, executive director of the Electronic Privacy Information Center said the government faces a significant challenge in implementing the plan.
"The President has set out an excellent framework," he said. But "implementation and enforcement will be an enormous challenge."
One immediate test of the strength of these proposals will be the FTC's response to Google's plans to integrate consumer data across all of its applications, Rotenberg said.
"If the Federal Trade Commission, with a consent order in hand, cannot take action, then it does not seem that voluntary guidelines will do much to safeguard online privacy," he said.
Jeffrey Chester, executive director of the Center for Digital Democracy, an online privacy group, called the "White House's new framework ... an important development to protect consumers in the digital age. "
However, he noted that its success relies on difficult negotiations between consumer groups and powerful Internet companies like Google, Facebook, Microsoft, Yahoo and others.
However, the new framework largely depends on the development of voluntary codes of conduct created from negotiations between consumer groups and companies like Google, Facebook, Microsoft, Yahoo and others. "We cannot accept any "deal" that doesn't really protect consumers, and merely allows the data-profiling status quo to remain," Chester said.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan , or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com .
Read more about security in Computerworld's Security Topic Center.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.