A Preliminary FTC Staff Report on "Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers"
* Is it feasible for the framework to apply to data that can be reasonably linked to a specific consumer, computer, or other device o Yes, it is entirely feasible, because data is already being linked to specific consumers, computers, or other devices. * How should the framework apply to data that, while not currently considered linkable, may become so in the future o Three approaches can be used. + 1. With the incorporation of the Do Not Track system, any data that is later found to be linked to a consumer, computer, or other device that has already been opted into the Do Not Track system can be disposed of as soon as this linkage is determined. + 1. An option for reasonable auditing of tracking data on consumer demand, similar to the legislating compelling free disclosure of credit report information from credit bureaus. This after all is data that is already being aggregated and sold to other companies, or used internally, providing this data to the target consumer will not be burdensome. + 3. An option must be developed to allow consumer back tracing of tracked information. At any point that a consumer is presented with individualized advertising, solicitations, or any similar use of data, a company should be obliged to, upon demand, disclose the data used, the company source of that data, and time and date of purchase or aggregation such that a consumer should be able to with reasonable ease track backwards from a use of individual data to the time, place, and means by which that data was collected. * Can companies minimize or otherwise modify the data maintained in legacy data systems to protect consumer privacy interests o Companies should be afforded a safe harbor in such circumstances. Under such a safe harbor, companies can take specific, documentable, and pre-defined steps to protect consumer privacy interests that will allow them to avoid liability for good-faith efforts. This safe harbor should include standards for data and metadata deletion, and restrict or eliminate online, near-line, and offline access. * Even if first-party marketing in general may be a commonly accepted practice, should consumers be given a choice before sensitive data is used for such marketing o Yes. Giving this choice to consumers will promote consumer education as to marketing use of sensitive data. * Should marketing to consumers by commonly-branded affiliates be considered first-party marketing o No. Such an approach would encourage greater scope of common branding simply to maximize marketing data flexibility, at the expense of consumer privacy. * How should a universal mechanism be designed for consumers to control online behavioral advertising How can such a mechanism be offered to consumers and publicized How can such a mechanism be designed to be clear, easy-to-find, usable, and understandable to consumers o A prominent link to an FTC entry point for the Do Not Track database should be visible in the top left corner of every page subject to the DNT requirement. It should be accessible with the most rudimentary browsing applications, and should never be covered by any pop-up advertising. In other words, it should be a prominent, clear, briefly-worded or branded hyperlink. * How can such a mechanism be designed so that it is clear to consumers what they are choosing and what the limitations of the choice are o Likely abuse of the link should be anticipated. Brief, easy-to-read text helping consumers to distinguish between the DNT system and maliciously-intended impostor sites should be easily and clearly accessible. URL choice should be made with this concern in mind, and easily accessible verification tools (such as IP tracing) should be provided so that consumers can trust the authenticity of the DNT mechanism.