Skip to main content

FTC’s ‘Privacy by Design’ plan: What you need to know

carrier-iq-privacy
Image used with permission by copyright holder

The Federal Trade Commission (FTC) released today its final report on privacy. An updated and revised version of the preliminary report the FTC released in December 2010, the new report (pdf), dubbed “Protecting Consumer Privacy in an Era of Rapid Change,” outlines laws that are on the books concerning user privacy, and details a framework for how US businesses can better protect user data. While the report does not establish any new rules, it does provide a comprehensive look at how the federal government is attempting to get a handle on privacy in the Web and application era. Rather than making you read through the full report, here’s a breakdown of the most important bits that could have an effect on you online life.

Who’s in, who’s out

The policy framework outlined by the FTC applies to nearly all companies “that collect or use consumer data that can be reasonably linked to a specific consumer, computer, or other device.” Due to the financial burden of the proposals in the famework, the FTC has updated this final version of the report to exclude business that collect data from fewer than 5,000 customers per year, and do not “share data with third parties.” In other words, the proposal applies to nearly every service that you use.

Recommended Videos

Privacy by design

At the heart of the FTC’s recommendations is that companies should build privacy protections into their businesses and services from the ground up. This includes “data security, reasonable collection limits, sound retention and disposal practices, and data accuracy.” Moreover, the FTC recommends that companies maintain these standards for data management for the life of a product or service.

Do-Not-Track

While asking businesses to build with privacy in mind is definitely good advice, it fails to address all the business that are already up and running at full force, and does little to help users protect themselves. That’s where Do Not Track comes in. For those of you in the dark, Do Not Track is a technology that allows users to opt-out of having their Web activity tracked by websites they do not visit. The FTC says Web users will have “an easy to use and effective” Do Not Track option by the end of this year.

Browsers: The FTC says “significant progress” has been made in the area of Do Not Track implementation, with Mozilla, Microsoft, and Apple all releasing updated versions of their browser with Do Not Track technology built in. Mozilla’s Firefox for Android also includes Do Not Track.

Digital Advertising Alliance: The Digital Advertising Alliance, or DAA, which represents about 90 percent of all websites that use advertising, has agreed to respect Do Not Track, as well as browser settings that prevent data collection. In addition, the DAA has created an icon that will appear in DAA-affiliated ads, which users can click to see what types of data is being collected. Finally, the DAA has agreed to limit the secondary use of collected data in credit reports, and employer background checks.

W3C: The World Wide Web Consortium (W3C), the international standards body for the Internet, has agreed to work on an industry-developed standard technology for Do Not Track, which will make it easier to implement, and hopefully negate the need for a law that requires the use of Do Not Track.

Better privacy policies

The FTC concludes that most privacy policies are “generally ineffective” at explaining to users what types of information they are handing over to companies because most are “too long, are difficult to comprehend, and lack uniformity.” For this reason, the FTC proposes that all privacy policies “should be clearer, shorter, and more standardized.” The simplification and shortening of privacy policies is especially recommended for services that are accessed via mobile devices, which have smaller screens. Unfortunately, at this time, there is broad disagreement in the industry for how to achieve this.

Increased transparency on data brokers

The FTC says it will push “targeted legislation” that will require all data brokers — shadowy companies that collect and sell a staggering (sometimes troubling) range of user data to marketers, media organizations, the government, and others  — to make it easy for users to see how and what information is collected. As part of this plan, the Commission seeks to create a centralized website where data brokers can “identify themselves to consumers and describe how they collect and use consumer data,” as well as provide details on who can access that information.

In addition to enabling users to see what of their personal data is collected, the FTC also proposes making it possible for users to access the data, and correct errors, or change inconsistencies. As with the privacy policies, most companies that the FTC spoke with said this was a good idea, but disagreed on how to make this happen.

Many of the companies and organizations the FTC spoke with also wanted to limit users’ ability to access and edit all types of data, instead restricting this feature for financial records and other “sensitive” data. They said giving users the ability to access all data would be too costly. The FTC agrees that access to data should “be proportional to the sensitivity and intended use of the data.”

Will this report change anything?

Not by itself. As the FTC makes clear, this proposal is just that — a set of ideas for how things should work, not a set of rules. This means that the report has no direct repercussions for companies or the way your data is treated; no enforcement mechanism is established. Its purpose, however, is to explain to the technology industry what the federal government expects them to do voluntarily, and what kinds of legislation the Commission hopes Congress will enact to help protect consumers from zealous data collectors.

We highly recommend everyone read through the whole report (pdf) themselves — it’s a little long, and probably boring. But it provides the best look at the state of online privacy, and where it might be headed.

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
Best Buy Memorial Day sale: early TV, laptop, and appliance deals
Digital Trends Best Buy Prime Day Deals Alt

While Memorial Day is still several days away, there are a lot of excellent early Memorial Day deals you can pick up right now from Best Buy. That includes everything from the best TVs, the best Phones, the best Air Fryers, and even the best smart home devices out there, so you have a huge variety of deals to pick from. Of course, there is an overwhelming number of options out there, which is why we've scoured Best Buy for our favorite deals in various categories and collected them all below, so be sure to check out everything in detail.

Best Best Buy Memorial Day TV Deals

Read more
Apple Memorial Day sales: Save on Apple Watch, iPad, MacBook, and more
The 14-inch MacBook Pro with M3 Max chip seen from behind.

Most of this year's Memorial Day deals are set to launch very soon, but if you want to get your shopping for Apple devices done early, we're here to help you out with this roundup of the early Apple Memorial Day sales that are already available. Whether you're planning to buy a new iPad, iPhone, AirPods, MacBook, or Apple Watch, we've got some excellent bargains below. If anything catches your eye. it's highly recommended that you complete your purchase as soon as possible because there's no telling how soon these offers will expire -- some may not even make it to Memorial Day itself!
Best Memorial Day iPad deals

Memorial Day is one of the best times of the year to search for iPad deals. There are some fantastic discounts that are available across a variety of models of Apple's tablet, including the entry-level Apple iPad and the creatives-focused Apple iPad Pro, so whatever your purpose is for thinking about getting an iPad, there won't be any shortage of options for you here.

Read more
Best LastPass alternatives for 2024
A digital security lock.

Whether you're security-conscious or have a terrible memory, using a password manager is a great way to free up brain space and secure your most important information. Unfortunately, LastPass -- once one of the best password managers -- has had several security incidents over the years, making customers look to other options.

This list of both free and paid password managers are solid replacements for LastPass.
Best LastPass alternatives

Read more