The following editorial first appeared in The New York Times:
More than a year before Edward Snowden exposed the vast reach of government surveillance, President Barack Obama proposed a “Privacy Bill of Rights” to protect Americans from the prying eyes of Internet companies, advertisers and other businesses. In a February 2012 report, his administration offered a well-reasoned argument for giving consumers more control over how much and what kind of data companies can collect about them and what businesses can do with that information.
“American consumers can’t wait any longer for clear rules of the road that ensure their personal information is safe online,” Obama said in a statement at the time. But few members of Congress expressed interest in his proposal and the administration did not push it aggressively, which is why the privacy bill of rights idea faded into obscurity - until now.
Last month, Obama tapped his special adviser, John Podesta, to take another look at privacy and big data (the millions of records that businesses are collecting and using to increase sales and improve operations) and produce a fresh report in 90 days.
With the Internet evolving fast, few consumers can adequately guard against losing control of their personal data. A recent report by the majority staff of the Senate Commerce Committee, for example, found that companies known as data brokers have assembled extensive dossiers on millions of individuals and families. Those files include information like web browsing histories, what consumers bought in physical and online stores, and what medical conditions people have.
Data brokers organize and sell that information to retailers, lenders and other businesses that pitch their products to people grouped in categories like “rural and barely making it” and “ethnic second-city strugglers.”
Some of the information is highly personal, if clearly irrelevant to any marketing campaign. A Chicago-area man recently received a marketing offer from OfficeMax that included the line “Daughter Killed in Car Crash” between his name and address, a reference to an accident that took place a year earlier. The company says that the phrase was included in error, but it offers a clue into the kind of data being collected. The Senate report also notes that hackers and identity thieves have stolen or even purchased information from data brokers.
While businesses have a legitimate need for customer information and want new ways to market what they have to offer, they need to operate transparently. And no less important, consumers should have the ability to protect information they consider sensitive.
A Pew Research survey released in September reported that a majority of Americans worry about their privacy. About 86 percent said they took some steps to “remove or mask their digital footprints” when they were online. But these efforts are often insufficient because companies have multiple ways to monitor people, some of which are very hard to evade. And 68 percent believed current laws are not strong enough to protect them.
The technology and advertising industries have argued that self-regulation is the best approach to dealing with such concerns. But industry efforts have failed to produce easy-to-use protections. That’s why it is important that the president’s latest initiative not produce another report that goes nowhere.
The president and the public need from Podesta and his team not only a thorough description of how businesses are collecting private data but also specific legislative proposals to give consumers more control of that information.