Jon Leibowitz is chairman of the Federal Trade Commission.
Over the past decade, as Americans have enthusiastically moved more and more of their lives online — from catching up on the latest NCAA results to buying a car, financing their college education or finding a job — we at the Federal Trade Commission have had to rethink what privacy means: to consider how consumers can continue to enjoy the riches of a thriving, increasingly online and mobile marketplace without surrendering their privacy as the price of admission.
Last week, the FTC, the nation’s premiere privacy protection agency, tackled that question with a report on the state of the right to privacy, what Louis Brandeis, one of the intellectual fathers of the FTC, called “the most comprehensive of rights and the right most valued by civilized men.” We detailed what we — in the public and private sectors — must do to make sure consumers’ right to privacy remains robust into the 21st century.
The FTC jumped in at this intersection of high-tech innovation and privacy rights not to erect a stop light but to look at traffic patterns. We asked who should control the personal information that consumers reveal — about sites they view, purchases they make, people they talk to, even physical locations they visit — when they surf the Web or use their mobile devices. Are consumers to be defined and judged by what the Atlantic called the “unconsciously created profile” they amass online? Or should they get some say in what personal information employers, marketers and the public see?
The stakes are high. There are clear benefits to the collection and sale of personal information: It funds the innovative online content we all enjoy for free and fuels the growth of the cyber-economy, a bright spot on our economic horizon. But allowing the minute details of our browsing behavior, shopping habits, and even sensitive financial, health and family decisions to run loose in a freewheeling, high-tech data market comes with equally clear risks. Do we want our health insurer to know we bought a deep fryer on Amazon? Our future employer to see that unfortunate picture of the first, and last, frat party we attended? Our neighbors, pastor or complete strangers to find out whether we are pregnant, have HIV, take antidepressants or attend anger-management classes?
To ensure that consumers retain control of their personal information, our report lays out three simple but powerful principles for companies to follow when handling consumer data: Incorporate privacy protections into products as they are developed — that is, privacy by design; offer consumers more choice about how their data are collected and used; and provide more transparency with better information explaining to consumers how the companies — including the data brokers who, for the most part, remain invisible to consumers — handle personal information. Our report also renews our call for industry to develop a Do Not Track system that would let consumers choose what information is collected about them online and how it is used.