March 2, San Francisco, CA - Jim Dempsey will be speaking on "Updating the Law on Government Access to User Data in the Cloud," at the RSA Conference.
March 8, Washington, DC - Harley Geiger will be speaking on facial recognition and privacy at the Global Privacy Summit.
Last week saw major developments in consumer privacy: The Administration called for legislation to enact a consumer "Privacy Bill of Rights" and at the same time announced its intention to convene stakeholders to establish privacy codes of conduct. Meanwhile, in one example of successful collaboration, industry leaders agreed to implement 'Do Not Track' technology and to respect consumers' use of the browser feature to express their choice not to be tracked online.
Two Steps Forward for Privacy
Last Thursday, in a long-awaited report, the White House unveiled a "Consumer Privacy Bill of Rights." Moreover, the Administration expressly called for comprehensive privacy legislation to implement its principles. As Justin Brookman explained in CDT's analysis, this was a major step: While the Privacy Bill of Rights largely tracked the "Green Paper" issued by the Commerce Department over a year ago, which in turn was based on the globally recognized Fair Information Practice Principles, the Green Paper had stopped short of calling for Congressional action. CDT supports the adoption of best practices and industry codes of conduct, but we were skeptical that companies would sign up for voluntary codes absent legislation to incentivize their adoption and ensure their enforcement. With its report last week, the Administration outlined a vision that promises both meaningful protection of consumer privacy and the flexibility needed for ongoing innovation online.
The Administration announcement was especially timely, coming as the European Union is fundamentally reworking its own data protection framework. If taken seriously by industry, the "co-regulatory" scheme recommended by the White House is more likely to be effective than the pure self-regulatory model followed here to date and would thus give the U.S. greater credibility in arguing that Europe should adopt flexible rules that do not disadvantage cross-border data flows.
Meanwhile, the Digital Advertising Alliance, the supergroup of online advertising industry associations, announced that its members would commit to honor the "Do Not Track" setting in web browsers by the end of the year. While DNT does not cure all problems, this is a major step forward. CDT and other consumer groups have been calling for "Do Not Track" since 2007. Over the last year, most browsers have incorporated a setting that sends visited websites an instruction not to track. However, up to now, only a few ad networks had agreed to respect such a signal. Last week's commitment offers consumers a powerful new option for controlling data about their online activities.
A Deeper Look at Multistakeholder Governance Organizations
Since its infancy, the Internet has prospered within a governance framework based on a balanced mix of targeted government regulation, industry self-regulatory initiatives, and the standards or guidelines developed by multistakeholder (MSH) organizations. Existing MSH organizations are an alphabet soup of entities with a range of important functions: ICANN, W3C, IETF, and GNI are but a few of the MSH organizations involved in Internet governance.
As the globalized Internet faces the challenges of copyright infringement, consumer privacy, cybersecurity and network management, a growing debate has emerged around who should govern the Internet and how. While some advocate for more top-down government control over the medium, CDT and others have argued in favor of the MSH model as providing a more flexible, scalable approach that is thereby supportive of innovation and economic growth.
To guide this debate, CDT has issued a paper on "Multistakeholder Organizations, Legitimacy, and Rights." Building on the work of Joe Waz and Phil Weiser, we identify a series of questions that need to be addressed to promote the legitimacy of MSH organizations, particularly where their actions affect the fundamental rights of individuals.
ITU vs. OECD: Very Different Approaches to Internet Policy
On the subject of Internet governance, last week FCC Commissioner Robert McDowell warned against a potential grab by the International Telecommunications Union for formal regulatory authority over the Internet. To date, the Internet has been exempted from ITU regulations, which historically have focused on telephone and radio. But the ITU's role is up for renegotiation this year, and Commissioner McDowell is right: Shifting Internet governance to the ITU's top-down, prescriptive model would be a massive upheaval of the policy framework that has, for decades, fostered the development of the open Internet.
In contrast to the ITU's centralized, government dominated model stands the Internet Policymaking Principles endorsed last year by the OECD. As CDT's Emma Llanso explained in a recent post, three overarching themes are woven throughout the OECD Principles: commitment to openness, respect for human rights and rule of law, and support for multistakeholder processes. Recognizing that inflexible international regulatory regimes risk undermining the growth of the Internet, the OECD Principles do not prescribe specific policy solutions. Rather, they provide a useful reference point, a common vocabulary and a set of commitments for governments, civil society, industry, and others as they address any specific online challenge, be it privacy, online child safety, intellectual property, or cybersecurity. As discussions of Internet governance develop over the next few years, it is crucial that the values in the OECD Principles guide all those involved.
CDT's Global Policy Weekly highlights the latest Internet policy developments and proposals from around the world, compiled by CDT's Global Internet Freedom Project. Last week's issue reported that the UN's International Telecommunication Union has formed a group to develop standards for the cloud computing industry; that Pakistan is seeking bids to build a system for filtering and blocking approximately 500 million "undesirable" websites; and that the European Commission is suspending its efforts to ratify the international copyright enforcement agreement known as ACTA and is referring the issue to the European Court of Justice for an opinion on whether or not the treaty would violate fundamental EU rights.
Click to view this email in a browser
If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe
Center for Democracy & Technology
1634 I St.
Washington, District of Columbia 20006
Read the VerticalResponse marketing policy.