The New Consumer Privacy Bill of Rights and What it Means for You.

March 6th, 2012 by Jessica Glynn

On February 23, 2012 President Obama released the “Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy”. The main purpose of this act is so that individuals are able to control their own privacy settings.  It is important for consumers to be aware of this bill so that they are aware of what rights they have in withholding information from web sites.  While all the major web browsers have settings that allow users to opt-out of third-party tracking, there are still concerns from users about what they’re doing online being tracked.  The major points of the bill are:

Individual Control

  • This gives people the right to control what personal data companies can collect from them and how the data can be used.
  • For companies this may mean you may not be able to collect as much data as you previously have.

Transparency

  • The information about privacy and security practices must be both accessible and understandable for consumers.  Companies should state what data they will collect, why they need the data, and how they will use it.
  • For companies this means there can be no secrets with why you’re collecting the information you’re collecting.

Respect for Context

  • The data that is collected by companies should be collected, used and disclosed in ways that are consistent with the context in which the data was provided by the consumer.
  • For consumers this means that if a company is asking you for information, they should be doing so for a specific reason.  If an information request doesn’t seem right to you, you may want to find out more before disclosing the information.

Security

  • Personal data needs to be handled in a secure and responsible way.  Reasonable safeguards are expected to protect against loss, unauthorized access, use destruction, modification and improper disclosure.

Access and Accuracy

  • Consumers are able to access their personal data and correct it, if necessary, especially if there is a risk of consequences from inaccurate data to the consumer.
  • For companies this means it is important to allow consumers the ability to update any stored information you have about them.

Focused Collection

  • The personal information that companies collect should be allowed to be limited by users, within reason.
  • For consumers, this means that if you are uncomfortable giving certain information, unless it is necessary, you should not have to.
  • For companies, this mean you should consider carefully what questions you make the answers to required and what questions you make answering optional.

Accountability

  • Data should be handled by companies in a way that assures they are adhering to the Consumer Privacy bill of Rights.  Employees are expected to be trained to handle personal data appropriately and consistently.
  • For companies this means it is your responsibility to make sure all of your employees with access to personal data are properly trained in these rules.

The principles outlined in this Bill of Rights are not meant to be strict rules, but rather are somewhat open to interpretation so that businesses can apply the Bill appropriately to their context.  The flexibility with the Bill is meant to promote innovation and to allow companies to get input from their customers and stakeholders.  However, despite the flexibility of this bill, it is important that web site owners are aware of its principles so that they are not accidently in violation of its rules.  It is the hope that even if this bill does not pass with congress, that it will be used by companies as a template for privacy protection agreements.
For more information please read the entire Consumer Privacy Bill of Rights.

Tags: , , , , ,

Leave a Reply

You must be logged in to post a comment.