Privacy code of conduct initiative off to a messy start

Tatiana Popova/Shutterstock.com

Much of the day-long session was spent focusing on process and how to get to the work of actually drafting industry guidelines.

The Obama administration on Thursday kicked off an effort to develop voluntary industry codes of conduct to improve online privacy for consumers and immediately faced disagreement over the process set up by the Commerce Department.

Thursday’s session focused narrowly on providing consumers with more transparency around the information collected by mobile applications. It’s the first issue being addressed as part of the administration’s effort to encourage industry and other privacy stakeholders to work together to develop voluntary codes of conduct based on the White House’s proposed privacy “bill of rights” unveiled in February.

The administration is pushing the voluntary approach even as it has called on Congress to pass legislation to implement its privacy bill of rights to provide consumers with some baseline privacy protections, such as requiring entities that collect personal data to adequately secure the information and to notify users about what data is being collected.

Although companies can choose whether they want to abide by whatever codes of conduct are developed, those that do sign on could be open to action by the Federal Trade Commission if they don’t abide by their promises.

Much of the day-long session was spent focusing on process and how to get to the work of actually drafting industry guidelines. At the end of the session, an official with Commerce's National Telecommunications and Information Administration announced the agency would host another one in Washington in August to try to move the process forward. But Commerce officials stressed several times throughout the day that the department would only serve as a facilitator and that the heavy lifting would be left to industry, privacy advocates, and others who choose to participate.

From the start, privacy advocates signaled that focusing only on mobile-apps transparency was too narrow and that the issue needs to be examined in the context of the other principles included in the proposed privacy bill of rights.

“Discussion of mobile transparency is simply not sufficient,” Chris Calabrese, legislative counsel for the American Civil Liberties Union, said during the initial public comment period. "Transparency only describes what the system is.… [I]f the system is unfair, a description of the system is valueless.”

Privacy advocates found some agreement for their call to look at the issue more broadly from an unlikely source. Morgan Reed, executive director of the Association for Competitive Technology, which represents some app developers, said in an interview that “there is some common ground in the reality that you can’t keep it narrowly defined just around mobile uses.”

But other industry officials voiced resistance to expanding the process beyond the initial topic, which NTIA picked based on comments filed with the agency prior to Thursday’s meeting.

“We had to start somewhere, and we took the input that we received in our public comment process to select the starting point of this process but it’s a starting point,” NTIA Director Larry Strickling said in his opening remarks. “At this point going forward, this process as quickly as possible needs to become your process. So as to where this takes us, in terms of what topics and what elements of the bill of rights will really be determined by all of you acting as a group to resolve these issues.”

NetChoice executive director Steve DelBianco, whose group represents online companies such as eBay, Facebook, and Yahoo, argued that transparency about what information an app collects from users such as location data has “inherent significant value” and allows consumers to make choices.

The administration has much at stake in ensuring the process can succeed, given the emphasis it has put on pursuing self-regulation first. In fact, even though administration officials have continued to say they want to see Congress pass privacy legislation, the administration has yet to develop a legislative proposal to send to Capitol Hill, NTIA's Strickling told National Journal.

The importance of the success of the process wasn’t lost on some of the participants, who said they were optimistic that the effort would yield results.

“What we do here around this particular issue really sets the stage not just for mobile-app transparency but other issues we want to run through the stakeholder process,” Microsoft's Frank Torres told the group.