The Security Scrutinizer with Howard Anderson

FTC's Privacy Proposals Worth a Look

Is a 'Do Not Track' Mechanism Practical?
FTC's Privacy Proposals Worth a Look

Kudos to the Federal Trade Commission for outlining a series of proposed steps to protect the privacy of consumers who surf the Internet.

Hopefully, members of Congress will take a close look at the report and incorporate some of its key provisions into new legislation. While they're at it, they should read a privacy complaint to the FTC from four consumer advocacy groups calling for the agency to crack down on what it portrays as unfair and deceptive Internet-based healthcare marketing and advertising practices. That document also includes a wealth of good ideas about online privacy protections.

The 122-page preliminary FTC staff report, "Protecting Consumer Privacy in an Era of Rapid Change," concludes that industry efforts to address privacy through self-regulation "have been too slow and up to now have failed to provide adequate and meaningful protection."

The FTC recommendation that grabbed the most headlines was its call for a "do not track" mechanism so consumers can choose whether to allow the collection of data regarding their online searching and browsing activities.

The report recommends a simple, easy-to-use mechanism that consumers can use to opt out of the collection of information about their Internet behavior for targeted ads. "The most practical method would probably involve the placement of a persistent setting, similar to a cookie, on a consumer's browser signaling the consumer's choice about being tracked and receiving targeted ads."

Microsoft is taking a small step in this direction. It announced this week that the next version of its Internet Explorer browser will include a "tracking protection" feature. But consumers will have to indicate those websites with which they'd prefer not to exchange information. And that's a far cry from the FTC's vision of clicking a button to shut off all tracking.

It will be interesting to watch whether all the major browsers begin inching toward an online version of the "do not call list" that helps rein in telemarketers. If they don't do enough in the months ahead, Congress may feel compelled to act.

In a recent blog, I pointed out that federal regulators working on privacy protections for personal health records have been asked to pay particular attention to those PHRs that accept advertising.

"Commercial advertising-supported PHRs are essentially devices to transfer records to marketers," said Robert Gellman, a privacy and information policy consultant, portraying such data leakage as a critical issue. Perhaps a "do not track" mechanism might help alleviate some concerns about PHRs with ads.

Comments on the FTC's preliminary privacy report are being accepted through Jan. 31. So it's time to make your views known on the "do not track" concept and other privacy protection proposals.

About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.