FTC revises online privacy guidelines

The Federal Trade Commission (FTC) has issued revised guidelines on how online advertisers should protect consumers' privacy when collecting information about their web activities.

The guidelines were originally proposed in December 2007, as self-regulatory principles for organizations such as Google, AT&T, Facebook, or eBay.
 
Under the revised guidelines issued Thursday, the FTC calls for every website to have a clear statement that data is being collected. It says consumers should be allowed to choose whether to have information collected, and when data collection occurs outside the traditional website context, companies should develop alternative methods of disclosure.

The recommendations add that a company that collects data for behavioral advertising should provide security for it. And companies should also retain data only as long as is necessary to fulfill a legitimate business or law enforcement need.

Online ads are usually delivered based on data that is collected about a consumer, given his or her surfing habits across the internet.

“Put simply, this could be the last clear chance to show that self-regulation can -– and will -– effectively protect consumers' privacy in a dynamic online marketplace,” said FTC Commissioner Jon Leibowitz in a statement.

Once data is shared, it cannot simply be recalled or deleted.

“Consumers repeatedly pay for 'free' content and services by disclosing their personal information, which is used to generate targeted advertising … and which magnifies the cumulative consequences for consumers, whether they realize it or not,” FTC Commissioner Pamela Jones Harbour said in her concurring statement.

The guidelines are merely recommendations and "do not have the force of law," Peder Magee, FTC senior staff attorney, told SCMagazineUS.com Thursday.