Skip to main content

FTC’s ‘Privacy by Design’ plan: What you need to know

carrier-iq-privacy
Image used with permission by copyright holder

The Federal Trade Commission (FTC) released today its final report on privacy. An updated and revised version of the preliminary report the FTC released in December 2010, the new report (pdf), dubbed “Protecting Consumer Privacy in an Era of Rapid Change,” outlines laws that are on the books concerning user privacy, and details a framework for how US businesses can better protect user data. While the report does not establish any new rules, it does provide a comprehensive look at how the federal government is attempting to get a handle on privacy in the Web and application era. Rather than making you read through the full report, here’s a breakdown of the most important bits that could have an effect on you online life.

Who’s in, who’s out

The policy framework outlined by the FTC applies to nearly all companies “that collect or use consumer data that can be reasonably linked to a specific consumer, computer, or other device.” Due to the financial burden of the proposals in the famework, the FTC has updated this final version of the report to exclude business that collect data from fewer than 5,000 customers per year, and do not “share data with third parties.” In other words, the proposal applies to nearly every service that you use.

Privacy by design

At the heart of the FTC’s recommendations is that companies should build privacy protections into their businesses and services from the ground up. This includes “data security, reasonable collection limits, sound retention and disposal practices, and data accuracy.” Moreover, the FTC recommends that companies maintain these standards for data management for the life of a product or service.

Do-Not-Track

While asking businesses to build with privacy in mind is definitely good advice, it fails to address all the business that are already up and running at full force, and does little to help users protect themselves. That’s where Do Not Track comes in. For those of you in the dark, Do Not Track is a technology that allows users to opt-out of having their Web activity tracked by websites they do not visit. The FTC says Web users will have “an easy to use and effective” Do Not Track option by the end of this year.

Browsers: The FTC says “significant progress” has been made in the area of Do Not Track implementation, with Mozilla, Microsoft, and Apple all releasing updated versions of their browser with Do Not Track technology built in. Mozilla’s Firefox for Android also includes Do Not Track.

Digital Advertising Alliance: The Digital Advertising Alliance, or DAA, which represents about 90 percent of all websites that use advertising, has agreed to respect Do Not Track, as well as browser settings that prevent data collection. In addition, the DAA has created an icon that will appear in DAA-affiliated ads, which users can click to see what types of data is being collected. Finally, the DAA has agreed to limit the secondary use of collected data in credit reports, and employer background checks.

W3C: The World Wide Web Consortium (W3C), the international standards body for the Internet, has agreed to work on an industry-developed standard technology for Do Not Track, which will make it easier to implement, and hopefully negate the need for a law that requires the use of Do Not Track.

Better privacy policies

The FTC concludes that most privacy policies are “generally ineffective” at explaining to users what types of information they are handing over to companies because most are “too long, are difficult to comprehend, and lack uniformity.” For this reason, the FTC proposes that all privacy policies “should be clearer, shorter, and more standardized.” The simplification and shortening of privacy policies is especially recommended for services that are accessed via mobile devices, which have smaller screens. Unfortunately, at this time, there is broad disagreement in the industry for how to achieve this.

Increased transparency on data brokers

The FTC says it will push “targeted legislation” that will require all data brokers — shadowy companies that collect and sell a staggering (sometimes troubling) range of user data to marketers, media organizations, the government, and others  — to make it easy for users to see how and what information is collected. As part of this plan, the Commission seeks to create a centralized website where data brokers can “identify themselves to consumers and describe how they collect and use consumer data,” as well as provide details on who can access that information.

In addition to enabling users to see what of their personal data is collected, the FTC also proposes making it possible for users to access the data, and correct errors, or change inconsistencies. As with the privacy policies, most companies that the FTC spoke with said this was a good idea, but disagreed on how to make this happen.

Many of the companies and organizations the FTC spoke with also wanted to limit users’ ability to access and edit all types of data, instead restricting this feature for financial records and other “sensitive” data. They said giving users the ability to access all data would be too costly. The FTC agrees that access to data should “be proportional to the sensitivity and intended use of the data.”

Will this report change anything?

Not by itself. As the FTC makes clear, this proposal is just that — a set of ideas for how things should work, not a set of rules. This means that the report has no direct repercussions for companies or the way your data is treated; no enforcement mechanism is established. Its purpose, however, is to explain to the technology industry what the federal government expects them to do voluntarily, and what kinds of legislation the Commission hopes Congress will enact to help protect consumers from zealous data collectors.

We highly recommend everyone read through the whole report (pdf) themselves — it’s a little long, and probably boring. But it provides the best look at the state of online privacy, and where it might be headed.

Editors' Recommendations

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
How to change your language in Google Chrome on desktop
Chrome OS

Google Chrome supports a wide range of languages. While it'll default to English in most cases, there's nothing stopping you from changing its settings and displaying pages in Spanish, French, or dozens of other languages.

Changing your default language in Chrome takes only a few seconds, and the technique used is the same across Windows and Mac. Aside from changing your language, note that Chrome now gives you the option to automatically translate pages written in another language – making it easy to read content from around the globe.

Read more
23 of the best Netflix hacks, tips, and tricks
The Netflix home screen.

Netflix is one of the most popular streaming platforms for all things movies and TV shows. Home to an immense library of titles, the Netflix archive is constantly changing and evolving, and so are the many ways you can use your Netflix account. 

For instance, did you know you can access region-locked Netflix shows and flicks by using a VPN? Or that you can disable that pesky Autoplay feature? There are tons of Netflix hacks, tips, and tricks out there, so we’ve gone ahead and rounded up all of our favorites! 
Expand your streaming with a VPN

Read more
How to make a GIF from a YouTube video
woman sitting and using laptop

Sometimes, whether you're chatting with friends or posting on social media, words just aren't enough -- you need a GIF to fully convey your feelings. If there's a moment from a YouTube video that you want to snip into a GIF, the good news is that you don't need complex software to so it. There are now a bunch of ways to make a GIF from a YouTube video right in your browser.

If you want to use desktop software like Photoshop to make a GIF, then you'll need to download the YouTube video first before you can start making a GIF. However, if you don't want to go through that bother then there are several ways you can make a GIF right in your browser, without the need to download anything. That's ideal if you're working with a low-specced laptop or on a phone, as all the processing to make the GIF is done in the cloud rather than on your machine. With these options you can make quick and fun GIFs from YouTube videos in just a few minutes.
Use GIFs.com for great customization
Step 1: Find the YouTube video that you want to turn into a GIF (perhaps a NASA archive?) and copy its URL.

Read more