By Samantha Steinfeld

 

http://dailycaller.com/2012/03/05/white-house-follows-eu’s-lead-with-new-internet-rules-of-the-road/

 

This article, from March of last year, does a good job of synthesizing the notions undergirding this week’s discussion of European privacy laws and regulations, and the themes that have pervaded our previous class discussions.

 

The first interesting aspect of this article is its discussion of President Obama’s proposed “Internet Rules of the Road,” which, as the article’s author notes, in many ways resemble EU privacy regulations. Quoting Darren Hayes, a professor at Pace University, the article draws parallels between the ways in which EU laws and regulations, and the President’s proposed “Rules” are both aimed at “provid[ing] a shield to consumers…from unsavory marketing practices.” The author also points out that many American legal journals have begun to view European-style regulations as more “sophisticated” in recent years, and have thus begun to advocate for American laws that provide more uniformity and are less sectoral or self-regulatory in nature.

 

Specifically, the President’s proposed “Rules” would crack down on targeted advertisements and greatly curb the ways in which companies can track web users’ online behavior. They would also provide for a much broader FTC enforcement power, which we know to be a significant development, given that a major point in our class discussion regarding FTC enforcement is that the agency’s limited power and jurisdiction prevent FTC enforcement actions from being a truly powerful source of online data and privacy protection for consumers.  Enactment of these “Rules” would seem to minimize this issue, by creating an “enforceable ‘code of conduct’ that Internet companies would have to comply with, or face litigation or civil penalties, under the expanded FTC power.”  Finally, it is important to note that the President, in his proposal, has asked Congress to “codify the new rights;” not only would this approach represent a massive departure from the largely sectoral and self-regulatory approach to privacy that permeates U.S. privacy law to date, but it very much echoes the European “fundamental rights”-based approach to privacy and data protection that we have seen reflected in the EU Directive and OECD Guidelines.

 

In addition to hitting on these topics, the article also addresses some other major themes of our class thus far, such as the centrality of notice and consent to information privacy law, and the pushback by industry and other powerful figures against a more omnibus-style approach in the U.S. Providing a counterpoint to Professor Hayes’ support for the “Rules,” Professor Jacob D. Furst of DePaul University argues that privacy concerns can be mitigated by changes in consumer behavior, and that the only way people can be sure that their privacy is protected online is “to be smart about their online behaviors.” Furst, like many business leaders and other advocates for the American-style approach, points out that almost every company has privacy policies readily available on their website, and that forcing companies to do anything more to ensure that data is protected and not misused would be unduly burdensome, both in financial terms, as well as in terms of companies’ ability and willingness to continue to provide services to consumers on as wide of a scale.

 

The executive branch’s response to these concerns is, oddly, a characteristically European one, and focuses on the supremacy of consumers’ “internet rights.” Indeed, the article concludes with a statement from the White House asserting that “consumers can’t wait any longer for clear rules of the road that ensure their personal information is safe online.”

 

While I think that this move is certainly undergirded by legitimate policy concerns, I do not believe that an omnibus-style approach will work in America. Such a “Bill of Rights” would not just be a cumbersome effort to control industry, but it would also represent a top-down determination of what “type” of information sharing is “appropriate” on an individual level. In my opinion, the federal government should not be defining what is and is not acceptable information sharing by consumers; this is a decision that should be left to individuals. Perhaps a broader-based FTC enforcement power without an enforceable code of conduct would be a better way to achieve this outcome.

 

NB: you can find the proposed “Internet Rules of the Road,” along with its proposed “code of conduct” here: http://www.whitehouse.gov/the-press-office/2012/02/23/we-can-t-wait-obama-administration-unveils-blueprint-privacy-bill-rights