online prescription solutions
online discount medstore
pills online
buy lorazepam without prescription
xanax for sale
buy xanax without prescription
buy ambien without prescription
ambien for sale
buy modafinil without prescription
buy phentermine without prescription
modafinil for sale
phentermine for sale
lorazepam for sale
buy lexotan without prescription
bromazepam for sale
xenical for sale
buy stilnox without prescription
valium for sale
buy prosom without prescription
buy mefenorex without prescription
buy sildenafil citrate without prescription
buy adipex-p without prescription
librium for sale
buy restoril without prescription
buy halazepam without prescription
cephalexin for sale
buy zoloft without prescription
buy renova without prescription
renova for sale
terbinafine for sale
dalmane for sale
buy lormetazepam without prescription
nobrium for sale
buy klonopin without prescription
priligy dapoxetine for sale
buy prednisone without prescription
buy aleram without prescription
buy flomax without prescription
imovane for sale
adipex-p for sale
buy niravam without prescription
seroquel for sale
carisoprodol for sale
buy deltasone without prescription
buy diazepam without prescription
zopiclone for sale
buy imitrex without prescription
testosterone anadoil for sale
buy provigil without prescription
sonata for sale
nimetazepam for sale
buy temazepam without prescription
buy xenical without prescription
buy famvir without prescription
buy seroquel without prescription
rivotril for sale
acyclovir for sale
loprazolam for sale
buy nimetazepam without prescription
buy prozac without prescription
mogadon for sale
viagra for sale
buy valium without prescription
lamisil for sale
camazepam for sale
zithromax for sale
buy clobazam without prescription
buy diflucan without prescription
modalert for sale
diflucan for sale
buy alertec without prescription
buy zyban without prescription
buy serax without prescription
buy medazepam without prescription
buy imovane without prescription
mefenorex for sale
lormetazepam for sale
prednisone for sale
ativan for sale
buy alprazolam without prescription
buy camazepam without prescription
buy nobrium without prescription
mazindol for sale
buy mazindol without prescription
buy mogadon without prescription
buy terbinafine without prescription
diazepam for sale
buy topamax without prescription
cialis for sale
buy tafil-xanor without prescription
buy librium without prescription
buy zithromax without prescription
retin-a for sale
buy lunesta without prescription
serax for sale
restoril for sale
stilnox for sale
lamotrigine for sale

Expectations Matter: The FTC’s Next Approach to Privacy

Consumer Expectations and Privacy

Recently, the Federal Trade Commission terminated its inquiry into Google’s “accidental” collection of Internet users’ personal data through its Street View vehicles after Google promised to improve its privacy efforts and delete the data. As you may recall, the investigation began after the FTC learned that Google’s Street View vehicles had been taking more than just pictures—the cars had also inadvertently collected and stored “payload” data, including passwords and email messages that were available over unsecured Wi-Fi networks.

Although critics are crying foul on the FTC, others are commending its decision. They argue that Google did nothing wrong, and that users transmitting their information over unsecured networks cannot expect privacy.

While this argument is certainly reasonable, another point (among many) should be made: Google disappointed not only unreasonable expectations of privacy, but also perfectly reasonable expectations. When a Street View car sets out to acquire information, we expect it to take pictures and chart streets. We do not expect it to record login information and emails—whether transmitted over secured networks or not. Likewise, when any company performs a service or sells a product, the public has certain expectations about the kinds of information it will collect and store. When companies ignore these expectations, the public rightly gets nervous.

Despite its decision to let Google off the hook, the FTC recently affirmed the role of consumer expectations in privacy policy. During a recent speech (.pdf) in New York, Commissioner Julie Brill discussed the FTC’s recent efforts to “re-think” privacy in the digital age. Its research started by conducting a series of public roundtable discussions to gauge consumer expectations and attitudes about privacy.

Judging from Brill’s remarks, the FTC’s new approach will be a needed improvement. Unlike its previous approaches, the agency’s new approach will be centered on consumer expectations. Such an approach is necessary in today’s technologically advanced economy, which depends on the routine exchange of information. By focusing on the unexpected uses of information, rather than the expected uses, the new approach will better protect the privacy of consumers while still accommodating the marketplace.

Privacy, Previously

According to Brill, the FTC’s latest privacy approach will be its third. The FTC’s first approach, starting in the mid-1990’s, used a “notice and choice” model. Under this model, the agency called for businesses to provide consumers with notice and choice about how their personally identifiable information would be used.

Despite its good intentions, this model has resulted in long and complex privacy policy statements that seem to be aimed at shielding websites from liability rather than informing consumers, according to Brill. By flooding consumers with every conceivable use of their information, companies are able to discreetly obscure unexpected and potentially harmful uses of information. With its focus on consumer expectations, the FTC’s new approach will hopefully discourage sprawling privacy policy statements in favor of clear, concise notices of unexpected uses of information.

In the early 2000s, the agency shifted to a “harm based” model, which is still in place today. Under this model, according to Brill, the agency focuses on harmful privacy practices and the risks of privacy-related consumer injuries. The harm based approach focuses on areas such as data security and data breaches, identity theft, children’s privacy, spam, and spyware.

According to Brill, the harm based model focuses too heavily on quantifiable harms and neglects other real but intangible harms. Such harms include those resulting from exposure of sensitive information such as information regarding religion, sexual orientation, or medical conditions. By allowing consumers themselves to define what constitutes harm, the FTC’s new approach can alleviate this problem. An approach informed by the public’s attitudes will likely recognize a broader range of potential harms—both tangible and intangible.

Privacy Now

Although we still await specifics about the FTC’s privacy report, Brill describes three issues it will address. First, it will promote proactive “privacy by design.” Privacy by design limits data collection to uses that are truly necessary, and implements reasonable procedures to ensure data security and accuracy. Second, the report will address transparency and encourage shorter and more consistent privacy notices, with the goal of allowing customers to compare privacy policies. Third, the report will address consumer choice and meaningful notice. Brill expressed her support for “streamlining” notices and focusing on “‘unexpected’ uses of consumer data, rather than on uses that consumers reasonably expect, such as giving their address to a shipping company in connection with an online product order.”

While we await the final details of the FTC report, at the very least, we can commend its concern with consumer expectations and its focus on unexpected uses of information in particular. Although consumer expectations are fluid and can be difficult to define, any effective privacy approach in our rapidly changing environment must be flexible enough to accommodate changing norms and technologies.

About the Author

Marshall Hogan

Marshall Hogan is a 2L at Columbia Law School
blog comments powered by Disqus