Have you noticed how Facebook or Gmail tailor ads to the content you post or send? In today’s digital economy, companies’ practices of collecting, storing, sharing, and often times breaching consumers’ information has became a common practice. Although consumer information is often used as helpful data that drives product development and consumer appetite, companies must not do so at the expense of consumer privacy.
The Federal Trade Commission, the nation’s consumer privacy and protection enforcement agency, issued its final report setting forth guidelines, or best practices, that protect the privacy of consumers. The best practices for companies are to provide consumers with greater transparency of what information is collected and how it is used, including a Do-Not-Track mechanism or opt-out feature on Websites to allow consumers to control the tracking of their online activities, and developing privacy protections for consumer data.
Also, in the report, “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations For Businesses and Policymakers,” the FTC recommends that Congress needs to consider enacting general privacy legislation, data security and breach notification legislation. However, federal protection will not likely occur in the election year and the balances of consumers and data brokers behind the online advertising agreements will first have to strike some compromise. The best practices guidelines are largely voluntary and, although it threatens sanctions for non-compliance, the FTC’s authority is limited because of the lack of a federal law.
On one side of the debate are data brokers (i.e., Experian and Acxiom), which collect and sell information, and the online advertising companies (i.e. Google and Facebook) that target consumers based on their personal preferences. On the other side are consumer groups and privacy advocates that are concerned about the volume of data being collected, how little control consumers have over that information, and the lack of protection of the data. Therefore, the need for compromise between these two groups in the form of a federal law looks similar to the Hollywood v. Silicon Valley war over the proposed SOPA legislation.
Further, companies need to be careful of what information they collect for behavioral advertising and need to consider the privacy ramifications. Consumer data may translate into dollar signs, but the more data a company holds, the more potential liability the company is exposed to. It is wise to use data responsibly and in accordance with its sensitivity. Developing policies for data collection, retention, and deletion is crucial. Finally, it is important for companies to establish or upgrade their compliance programs governing data collection, protection, and use of personal information to mitigate risk of a data breach or legal violation which may result in litigation.