RealTime IT News

Consumer Groups Outline Privacy Law Wish List

A coalition of 10 privacy advocacy groups today unveiled a set of proposals it hopes to see included in what could be a far-ranging bill governing online advertising expected to be introduced in the House this fall.

Like many stakeholders in the ad industry, members of the coalition have been meeting with House leaders as they work to craft the legislation. Lawmakers have held a series of hearings on the subject as they struggle to balance the advocates' concerns of protecting consumers against invasive or deceptive data collection practices while ensuring they don't sabotage sectors of the economy that are built on advertising.

The bill could apply to data collection and targeting in the offline world, though the coalition is particularly worried about the new tracking technologies born from the Internet. The groups are calling on lawmakers to establish a set of principles that would govern data collection across the media landscape.

"These are fair information practices which have long been the foundation for protecting privacy in the 20th century," Jeff Chester, executive director of the Center for Digital Democracy, told reporters on a conference call this afternoon. "What we have done is create a set of fair information practices for the digital age."

Sensitive information – which the coalition suggests should include personal data in the areas of finance, health, political affiliation, sexual orientation or race – would be off limits to advertisers of all stripes. The same principles would apply to marketers looking to harvest magazine subscription lists as online ad networks using tracking cookies or ISPs tinkering with deep-packet inspection schemes.

"It's really important not to focus on the specific technologies, because they change," said Pam Dixon, executive director of the World Privacy Forum. "It's the principles of how data is being collected."

The group is calling on the Federal Trade Commission to hold a proceeding to set a binding definition for sensitive information, claiming that industry efforts have fallen short.

"The current definitions are too narrow," Dixon said. "They're weak to the point of being unworkable and completely ineffective."

In addition to barring the use of sensitive information, the groups are looking to cap the retention period for all other data collected online at 24 hours. To hold onto data longer than that, they are recommending that Web sites be required to obtain affirmative consent from users, essentially moving from an opt-out default setting to opt-in.

Even after obtaining users' consent, Web sites would be required to purge their server logs of identifying information within three months.

To the leading trade group representing the online ad industry, the coalition's idea of moving to a mandatory opt-in after one the one-day retention period is a non-starter.

"Requiring a broad consumer opt in for all targeted online advertising would be devastating to the consumer experience online," Mike Zaneis, vice president of public policy for the Interactive Advertising Bureau, told InternetNews.com. "Nearly every ad online requires the collection and use of a certain degree of data in order to facilitate the delivery of the ad to the publisher, to cap the frequency of the ad so consumers don't receive the same add 100 times a day, or to provide an accurate accounting for marketers and publishers."

Next page: A new Do-Not-Call list