Don't-track-me browser feature part of FTC privacy plan

Share this article:
The Federal Trade Commission (FTC) is urging companies to develop a “do not track” mechanism so consumers can choose whether to allow the collection of data regarding online searching and browsing activities.

The mechanism, likely to be a setting on consumers' browsers, was a primary recommendation of a preliminary report released by the FTC on Wednesday detailing a proposed framework to protect consumer privacy.

The framework would apply to all online and offline commercial organizations that collect, maintain, share or use customer data.

“A lot of people in Washington have been spending time thinking about the budget deficit,” FTC Chairman Jon Leibowitz said during a conference call with members of the media on Wednesday. “We have been thinking about the privacy deficit that American consumers suffer from.”

The framework includes three basic components.

First, the FTC calls on companies to adopt an approach called “Privacy by Design,” by building privacy protections into their everyday business practices. The approach, first developed by Ann Cavoukian, Ontario's information and privacy commissioner, includes protections such as collecting only the data needed for a specific business purpose and retaining data only as long as necessary to fulfill that purpose.

Click here to view a video during which Ann Cavoukian discusses the Privacy by Design approach.

Secondly, the FTC wants companies to provide choices to consumers about their data practices in a simpler, more streamlined way, the report states.

As it relates to behavioral advertising, the FTC recommended that users be able to opt-out of data collection though a browser setting that would signal to websites a user's choices about whether to be tracked or receive targeted advertisements.

Several companies, such as Apple and Mozilla, have already experimented with this type of feature, Leibowitz said.

Finally, the FTC is proposing that companies increase transparency by educating consumers about their data policies and the choices available to them.

The FTC has been the primary privacy policy and enforcement agency in the United States since the enactment of the Fair and Credit Reporting Act in 1970. The agency also has authority, under the FTC Act, to take action against acts or practices deemed “deceptive or unfair.” The FTC has used this authority to bring many cases against companies that have failed to protect the privacy of consumers' personal information. 

The United States does not currently have an overarching federal law addressing privacy and data security.

The FTC report, intended to provide best practices for businesses and guidance to lawmakers, says that industry-specific efforts to address privacy through self-regulation have so far been inadequate.

The FTC, however, is not calling for legislative action – yet, Leibowitz said.

“Despite some good actions, self-regulation of privacy has not worked adequately for American consumers,” he said. “Industry as a whole needs to do a far better job. From my perspective, a legislative solution will surely be needed if industry doesn't step up to the plate.”

The proposed framework was developed following a series of three FTC-led public roundtables to explore the privacy challenges facing businesses that collect and use consumer data.

The FTC is seeking comment on the report through the end of January and plans to issue a final report next year.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

As EMV deadline looms, industry looks to next ATM attack front

As EMV deadline looms, industry looks to next ...

Next year, EMV migration in the U.S. will inevitability change fraudsters' attack methods.

Kevin Mitnick to sell zero-day exploits

Kevin Mitnick's new venture will develop and procure zero-day exploits, then sell them for $100,000 or more.

FBI warns of potential cyber attacks launched by ISIS hacktivists

Following U.S. military airstrikes in the Middle East, the FBI has issued a warning regarding possible cyber threats aimed at U.S. networks and critical infrastructure by hacktivists in support of ISIS.