In response to the report released today at a forum sponsored by various privacy organizations, ITIF Senior Analyst Daniel Castro issued the following statement:
"The authors of a study released today claim that they are, 'debunking a myth that digital data collection is anonymous.' Despite the hype, the report merely identified some known technical issues that websites can address to improve privacy. Indeed the author of the report admitted at today's event that he was, 'not alleging any violation of self-regulation.' The fact remains that the vast majority of organizations and businesses on the Internet do not abuse consumer data and have policies and practices in place to protect consumers.
Contrary to statements made today, the sky is not falling. Consider that Internet users have more tools to protect their online privacy today than they had a decade ago, and the private sector is working diligently to strengthen and improve online advertising self-regulation. Moreover, online advertising, and increasingly behavioral advertising, is the foundation of today's Internet economy, the vast amount of free content and services available to consumers, and the potential growth of tomorrow's Internet. Sound public policy should be guided by thoughtful commentary, not hysteria and fear-mongering."
Castro explained that imposing stringent new rules on the Internet economy will likely hurt consumers more than help them, policymakers should focus on improving online privacy through light-touch regulation. He said immediate steps that Congress could take include:
- Creating a Data Policy Office within the Department of Commerce to focus on data policies that foster economic activity, including policies that increase data sharing, reduce barriers to global information flows, and protect consumer privacy. For example, the Data Policy Office could evaluate the impact of data regulations on competition and innovation, fund research on important issues like data anonymization, and work with other nations to improve international frameworks for sharing data across borders.
- Funding the development and deployment of privacy-enhancing technologies for consumers, such as an electronic ID system.
- Strengthening the enforcement of existing consumer protection laws, including providing more resources to the Federal Trade Commission to investigate allegations of consumer privacy violations.
- Passing a federal data breach notification law that establishes a single standard for notifying consumers of security incidents involving personal data, rather than allow each state to create its own rules.
For more background, see the following ITIF publications: