95
edits
Privacy/Policy/NTIA RFC: Difference between revisions
Jump to navigation
Jump to search
→II. Issues Suitable for Multistakeholder Processes and Codes of Conduct in Privacy
| Line 57: | Line 57: | ||
===II. Issues Suitable for Multistakeholder Processes and Codes of Conduct in Privacy=== | ===II. Issues Suitable for Multistakeholder Processes and Codes of Conduct in Privacy=== | ||
<br> | <br> | ||
One of the challenges in developing codes of conduct for online privacy is the pace of technological innovation and, in many cases, a lack of accountable institutions specialized in those areas of development. In newly emerging technical capabilities and associated business practices, existing institutional and public stakeholders may not be well prepared, vested or focused to fully understand important nuances in how users are engaging with them, such that there aren't well defined partners to participate in developing and promulgating codes of conduct. | One of the challenges in developing codes of conduct for online privacy is the pace of technological innovation and, in many cases, a lack of accountable institutions specialized in those areas of development. In the case of newly emerging technical capabilities and associated business practices, existing institutional and public stakeholders may not be well prepared, vested or focused to fully understand important nuances in how users are engaging with them, such that there aren't well defined partners to participate in developing and promulgating codes of conduct. | ||
For instance, if we look at mobile apps, with privacy issues associated with notices, location, advertising, and collection and use of new types of personal data, it isn't clear today who the particular stakeholders would be to represent all the parties engaged in this vibrant and rapidly emerging area. Unlike the advertising industry, where a handful of influential trade associations represent both the major and independent companies, the corollary doesn't appear to exist for app developers. While there are major mobile trade associations like the GSMA, which does bring together the major mobile carriers and has developed a set of privacy principles, it's an open question as to whether it would have the convening power to mobilize the decentralized app industry to adhere to a code of conduct. | For instance, if we look at mobile apps, with privacy issues associated with notices, location, advertising, and collection and use of new types of personal data, it isn't clear today who the particular stakeholders would be to represent all the parties engaged in this vibrant and rapidly emerging area. Unlike the advertising industry, where a handful of influential trade associations represent both the major and independent companies, the corollary doesn't appear to exist for app developers. While there are major mobile trade associations like the GSMA, which does bring together the major mobile carriers and has developed a set of privacy principles, it's an open question as to whether it would have the convening power to mobilize the decentralized app industry to adhere to a code of conduct. | ||
| Line 69: | Line 69: | ||
# There's a lack of existing regulation in the United States addressing that area. | # There's a lack of existing regulation in the United States addressing that area. | ||
Applying the above criteria and using the areas of interest | Applying the above criteria and using the areas of interest outlined by the NTIA in its <i>Federal Register</i> notice, we came up with the following analysis: | ||
{| class="fullwidth-table" | {| class="fullwidth-table" | ||
| Line 127: | Line 127: | ||
From our analysis, we would end up ranking privacy considerations for online services directed at teenagers as an ideal area for a code, given the maturity and number of accountable industry and public interest groups already working on kids privacy as a result of the Children's Online Privacy Protection Act. Likewise, looking to codes in the area of collecting personal data via multiple technologies (e.g., cookies, LSOs and cache) is another area where we see technology standards groups being well positioned and public interest groups having substantial experience working together with business and consumers to be a potentially good area for a code of conduct. | From our analysis, we would end up ranking privacy considerations for online services directed at teenagers as an ideal area for a code, given the maturity and number of accountable industry and public interest groups already working on kids privacy as a result of the Children's Online Privacy Protection Act. Likewise, looking to codes in the area of collecting personal data via multiple technologies (e.g., cookies, LSOs and cache) is another area where we see technology standards groups being well positioned and public interest groups having substantial experience working together with business and consumers to be a potentially good area for a code of conduct. | ||
Overall, from our perspective, the important thing for the Administration to recognize is when conditions are ideal to convene a multistakeholder process to develop a code of conduct for online privacy. | Overall, from our perspective, the important thing for the Administration to recognize is when conditions are ideal to convene a multistakeholder process to develop a code of conduct for online privacy - and when they are not. | ||
===III. Mozilla's Experience: Considerations for Implementing Multi Stakeholder Processes=== | ===III. Mozilla's Experience: Considerations for Implementing Multi Stakeholder Processes=== | ||