Privacy & Information Security Law Blog

On December 3, 2013, Lawrence Strickling, Department of Commerce Assistant Secretary for Communications and Information, spoke at the American European Community Association Conference in Brussels on Data Protection: The Challenges and Opportunities for Individuals and Businesses. Strickling discussed the Obama Administration’s commitment to “preserving the dynamism and openness of the Internet, enhancing the free flow of information, and strengthening our Internet economy.” He addressed the issues surrounding U.S. surveillance operations and the European Commission’s recent report on Safe Harbor. Strickling also provided a progress report on improvements to consumer privacy protection since the White House released its Consumer Privacy Bill of Rights in February 2012, including an update on the National Telecommunications and Information Administration’s (“NTIA’s”) multistakeholder process to develop industry codes of conduct.

On July 12, 2012, the National Telecommunications and Information Administration (“NTIA”) of the U.S. Department of Commerce convened the first meeting of its multistakeholder process to develop industry codes of conduct. As we reported in June, the stated purpose for this meeting, entitled “Seeking Common Ground Regarding Mobile Application Transparency,” was to establish “a working dialogue that will eventually lead to a code of conduct that is broadly adopted.” Lawrence Strickling, Department of Commerce Assistant Secretary for Communications and Information, opened the session, which he characterized as an effort to highlight the key issues and explore topics to be addressed. Strickling emphasized that the structure and approach to the work would likely differ from that with which participants were familiar, and that it would be important to arrive at a constructive process that encourages collaboration and open engagement.

On July 14, 2011, the U.S. House of Representatives Energy and Commerce Committee convened a joint hearing of the Subcommittee on Commerce, Manufacturing and Trade (chaired by Rep. Mary Bono Mack (R-CA)), and the Subcommittee on Communications and Technology (chaired by Rep. Greg Walden (R-OR)), to launch a comprehensive review of Internet privacy.  The series of hearings began with testimony from officials representing three agencies with jurisdiction over consumer privacy issues: FTC Commissioner Edith Ramirez, FCC Chairman Julius Genachowski, and Department of Commerce Assistant Secretary for Communications and Information Lawrence Strickling.

On March 16, 2011, U.S. Department of Commerce Assistant Secretary for Communications and Information Lawrence Strickling called on Congress to enact robust, baseline legislation to “reform consumer data privacy in the Internet economy.” Speaking before the U.S. Senate Committee on Commerce, Science and Transportation, Assistant Secretary Strickling emphasized the Department of Commerce’s support for a legislative proposal that would adopt many of the recommendations of the “Green Paper,” a Department report authored last December.

As previously reported, on December 16, 2010, the U.S. Department of Commerce released its Green Paper “aimed at promoting consumer privacy online while ensuring the Internet remains a platform that spurs innovation, job creation, and economic growth.”

During a press teleconference earlier that morning announcing the release of the Green Paper, Secretary Gary Locke commented on the Green Paper’s recommendation of adopting a baseline commercial data privacy framework, or a “privacy bill of rights,” built on an expanded, revitalized set of Fair Information Practice Principles (“FIPPs”).  He indicated that baseline FIPPs would respond to consumer concerns and help increase consumer trust.  The Secretary emphasized that the Department of Commerce would look to stakeholders to help flesh out appropriate frameworks for specific industry sectors and various types of data processing.  He also noted that the agency is soliciting comments on how best to give the framework the “teeth” necessary to make it effective.  The Secretary added that the Department of Commerce is also open to public comment regarding whether the framework should be enforced through legislation or simply by conferring power on the Federal Trade Commission.

On December 16, 2010, the U.S. Department of Commerce Internet Policy Task Force issued its “Green Paper” on privacy, entitled “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.”  The Green Paper outlines Commerce’s privacy recommendations and proposed initiatives, which contemplate the establishment of enforceable codes of conduct, collaboration among privacy stakeholders, and the creation of a Privacy Policy Office in the Department of Commerce.  Noting that “privacy protections are crucial to maintaining the consumer trust that nurtures the Internet’s growth,” the Green Paper “recommends reinvigorating the commitment to providing consumers with effective transparency into data practices, and outlines a process for translating transparency into consumer choices through a voluntary, multistakeholder process.”

Earlier today, a Department of Commerce official briefed Hunton & Williams and Centre for Information Policy Leadership representatives on the Department’s forthcoming “Green Paper” on privacy.  On November 12, 2010, Telecommunications Reports Daily published an article based on information obtained from an unofficial, pre-release draft version of the Green Paper.  It remains to be seen which portions of the leaked draft ultimately will survive the interagency approval process currently underway.  The Department of Commerce representative emphasized that the content of the draft Green Paper currently undergoing review is consistent with Assistant Secretary of Commerce Larry Strickling’s October 27, 2010, speech in Jerusalem.  In his speech, Secretary Strickling explained that the Department is calling it a “Green” Paper, “not because of its environmental impact, but because it contains both recommendations and a further set of questions on topics about which [the Department] seek[s] further input.”

The International Conference of Data Protection and Privacy Commissioners is convening in Jerusalem.  Appropriately, given the ancient history of the host city, the conference theme is “Privacy: Generations.”  The debate on Day One has drawn on the founding principles of data protection, but also has heavily focused on the future challenges in safeguarding the fundamental rights of privacy and data protection in a world of ubiquitous computing and social networking.

The tone was set in the opening plenary when Dr. Yuval Steinitz, the Israeli Minister of Finance, reminded us of the key tensions in privacy policy.  While privacy may be a fundamental tenet of every democracy, individual cultures must make choices between the competing values of privacy and security, and privacy and transparency.  The balance between these values, and the priority given to one over the other, will shift over time and from one culture to another.  The conference provides a timely opportunity to reassess where that balance currently lies, and what balance may be appropriate in the near future.