Questions Asked by the FTC in the Privacy Report - Part II
In last week's Privacy Report , the Federal Trade Commission posed a series of questions, soliciting comment and discussion from stakeholders to better inform its final report on the subject, due to be issued mid-2011.
We reviewed some of the questions in our December 2 post. Here are some of the other questions -- parties with significant interest in these issues should pay close attention to these questions and participate by filing a comment with the FTC.
Not all the FTC's questions are included here. For the full list of questions, see the Privacy Report and go to Appendix A.
Consumer Choice (Editor's Note -- this section includes some very important questions relating to current online marketing practices and comments to these questions may serve to frame some of the FTC's final report and the resulting Privacy "Framework")- Is the list of proposed "commonly accepted practices" set forth in the Report (see page 52) too broad or too narrow?
- Are there practices that should be considered "commonly accepted" in some business contexts but not in others?
- What types of first-party marketing should be considered "commonly accepted practices?"
- Even if first-party marketing in general may be a commonly accepted practice, should consumers be given a choice before sensitive data is used for such marketing?
- Should first-party marketing be limited to the context in which the data are collected from the consumer?
- Should marketing to consumers by commonly-branded affiliates be considered first-party marketing?
- How should the proposed framework handle the practice of data "enhancement," whereby a company obtains data about its customers from other sources, both online and offline, to enrich its databases. Should companies provide choice about this practice?
- Under what circumstances (if any) is it appropriate to offer choice as a "take it or leave it" proposition, whereby a consumer's use of a website, product, or service constitutes consent to the company's information practices?
- What types of disclosures and consent mechanisms would be most effective to inform consumers about the trade-offs they make when they share their data in exchange for services?
- What additional consumer protection measures, such as enhanced consent or heightened restrictions, are appropriate for the use of deep packet inspection?
- Is it feasible for data brokers to provide a standardized consumer choice mechanism and what would be the benefits of such a mechanism?
Next: Questions on "Do-Not-Track"
Author
Cynthia J. Larose
Member / Co-Chair, Privacy & Cybersecurity Practice
Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.