Reaction was swift and generally positive Thursday
to the Commerce Department's report on online privacy recommendations from its
Internet Policy Task Force, though one privacy advocate suggested it was too
much talk and too little action.
The recommendations, after they are put out for
public comment and finalized, are meant to become the basis of the administration's
policy position on the issue.
"The Department of Commerce privacy green
paper highlights the need for greater privacy protections for Americans," said
Senate Commerce Committee Chairman Jay Rockefeller (D-W.VA). "As
pointed out in the report, the United States only has privacy laws in limited
areas such as the healthcare and financial sectors," he said in a
statement. "This means that there are no baseline privacy protections for
most consumer online activity. Industry self-regulation has largely
failed, and I hope that the Department of Commerce in its final report will
reach the conclusion that legislation is necessary to protect consumers."
That is a possibility, said Commerce officials
Thursday, but they are hoping for industry self regulation, though they concede
that to date, such self-regulation has been inadequate.
"We commend the Commerce Department for identifying
the need for comprehensive protections of Americans' privacy," said the
American Civil Liberties Union. "For too long, Americans have been
ill-served by a patchwork of privacy laws that contain broad gaps and
loopholes," said Christopher Calabrese, ACLU legislative counsel in a
statement. "Not only do those gaps increase the risk of identity theft, they
also allow for the compilation of profiles on every citizen that can be shared
with employers and the government."
Jeff Chester, executive director of the Center for
Digital Democracy and a strong voice for greater government online privacy
protections, was less sanguine. He said that the report raises good questions,
but that it is past time for the government to be providing some answers.
"Instead of real laws protecting consumers, we
are offered a vague "multi-stakeholder" process to help develop "enforceable
codes of conduct," he said. "If the Commerce Department really placed
the interests of consumers first, it would have been able to better articulate
in the report how the current system threatens privacy."
The report does not take positions on do-not-track
or opt in/opt out regimes, two big issues in the online privacy debate, but the
report was billed more as a road map and a framework, with the specifics to be
filled in later and after industry and public input. That public comment on the
report is due Jan. 28.
"The report should have rejected outright any
role for self-regulation, given its failures in the online data collection
marketplace," said Chester. Instead, the report focuses on voluntary
standards, suggesting that legislation is something of a last resort if
administration pressure or stronger FTC enforcement do not light a fire under
self-regulatory efforts by industry.