The FTC's final privacy report, Protecting Consumer Privacy in an Era of Rapid Change--Recommendations for Businesses and Policymakers, was released this morning (link here). The announcement is at http://www.ftc.gov/opa/2012/03/privacyframework.shtm.
This morning, FTC Chairman Leibowitz held a press conference to discuss the report. Some highlights from the press conference include the following:
- The three broad principles of the report's recommendations are: (1) advancement of Privacy By Design principles, which, as a general matter, require entities to account for privacy protection in the design and development of products and services; (2) offering consumers meaningful choices about the collection and use of their data; and (3) greater transparency.
- The FTC will not be engaging in further rulemaking on this framework (other than the issuance of a final COPPA Rule, likely by the end of the year; see client alert)
- Instead of being FTC staff recommendations (like the 2010 draft report, see client alert), the Privacy Framework is now a set of adopted Commission recommendations and guidance.
- Chairman Leibowitz repeated, several times, that "your computer is your property", and no one should be able to put something on it that you don't want (i.e., cookies).
- The FTC's work in advancing a self-regulatory framework will continue in the following five areas: (1) creating a do not track system; (2) addressing mobile privacy issues; (3) bringing transparency to data broker practices; (4) exploring the practices of "large platform providers" (such as ISPs, browsers, social media, etc.); and (5) helping to develop (with the Dept. of Commerce) enforceable self-regulatory codes.
A complete analysis of the FTC report will be necessary to assess how it may impact companies and existing practices with respect information collection and use. Stay tuned!