Digital Discourse / Policy / Policy - Privacy

SIIA Op-Ed: Data-Driven Innovation is an Economic Driver

June 21, 2012 By

In a Roll Call op-ed today, SIIA President Ken Wasch explains how data is empowering innovation, and warns policymakers that a fixed regulatory approach could stunt economic growth.

The IT ecosystem is evolving at unprecedented speed, and data is becoming a driver of economic and social growth. Cloud computing, the ubiquity of smartphones, and improved bandwidth are fueling a new era of data-driven innovation, Wasch says.

“A range of previously unimaginable applications of data-driven innovation are already being produced — or will be in the near future. These innovations are making people’s lives better and safer and more prosperous, while also increasing energy efficiency and saving money.”

Wasch’s sentiment echoes a forum hosted earlier this month by the National Institute of Standards and Technology and the University of Maryland. Attendees like Google, the National Institutes of Health, and Lockheed Martin came together to discuss the ways data can help address a range of national priorities. The opportunities are vast.

“Right now, hospitals are providing better care by analyzing data about the triage process and using that information to eliminate wasteful steps that prevent patients from getting to the doctor quickly. Traffic-management centers are processing millions of cellphone and GPS signals, combining them with a wide range of other data about car speeds, weather conditions and more to assess road conditions in real time and avoid traffic jams. And financial services companies can collect and integrate customer transaction information in real time to quickly identify questionable patterns and proactively enact new processing rules to reduce fraud.”

But if this technological and economic evolution is to truly take hold, it needs support from policymakers who can ensure that the conversation stays focused on how to best benefit customers and the economy at large. A fixed regulatory approach would only stifle innovation and hurt consumers. If industry and policymakers can work together, we can safeguard consumers and unleash data’s enormous potential for transformative growth.

Laura Greenback is Communications Director at SIIA. Follow the SIIA Public Policy Team at @SIIAPolicy

Share|
Filed Under: Policy, Policy - Privacy, Software Tagged With: , ,

SIIA Welcomes Beginning of NTIA Multistakeholder Privacy Process

June 15, 2012 By

SIIA offers its enthusiastic support for the first multistakeholder privacy meeting, announced today by the National Telecommunications and Information Administration (NTIA). The meeting will take place on July 12 and the goal will be to develop a code of conduct to provide transparency in how companies provide applications and interactive services for mobile devices.

Today’s announcement marks the beginning of a multistakeholder process that can contribute significantly to the continuation of interoperable data privacy regimes, including the European Union’s proposed data protection regulations.

SIIA concurs with the Department of Commerce that voluntary, enforceable codes of conduct are the appropriate approach for data privacy protections because they develop faster and provide more flexibility than legislation or regulation.

Continued growth and innovation in the vibrant mobile marketplace depends on consumer confidence in the privacy protections provided by mobile application providers. For this reason, SIIA has been actively working to develop best practices that can help protect personal information while encouraging continued growth and innovation in the mobile marketplace.

In establishing this first multistakeholder process, NTIA was wise to focus on a definable area where stakeholders have begun to collaborate to develop practices, and we look forward to actively participating on behalf of our members and the industry broadly.

View comments SIIA made to NTIA in April here.

Ken WaschKen Wasch is President of SIIA.

Share|
Filed Under: Policy, Policy - Privacy

Mozilla Confirms Consensus on User Choice for Behavioral Advertising

June 1, 2012 By

There is broad agreement that consumers must have a clear and easy mechanism for opting out of online tracking. And there is also broad agreement that industry self-regulation and voluntary efforts are making substantial progress in developing solutions to provide consumers with meaningful choices about collection of their data. So much so that Obama administration officials just months ago cited these efforts as an example of voluntary but enforceable best practices.

Why is there such agreement on this topic? Well, that’s because customers, businesses and policymakers alike also broadly recognize the need to preserve the economic model that has been propelling the availability of content online: effective advertising. Indeed, targeted advertising is more effective and generates substantially more value that, in turn, provides for much of the valuable content provided on the Web.

In light of the broad consensus emerging around behavioral advertising and consumer choice, it was surprising that Microsoft announced yesterday that Internet Explorer 10 in Windows 8 will have “Do Not Track” (DNT) feature on by default—a move that defies the objective to enable users to make informed decisions.

But of even greater concern, Microsoft’s decision is likely to have the opposite effect. That is, in light of the fact that there is not yet consensus among the advertising industry (including among Microsoft’s own ad networks) on how to implement settings such as this, the end result will be confusion and disappointment from consumers when this ultimately doesn’t do what it says it will do. The Microsoft blog announcing the decision was clear in admitting that a uniform, industry-wide response is still under development:

“Sending a DNT signal from a browser is only part of the process. Obviously, for DNT to be effective, it is also important that websites have a common understanding of what the consumer expects when their browser sends the DNT signal. As well as engineering the world’s most used browser, Microsoft also owns and manages a growing advertising business – including a network that provides advertising to our own and other Web properties, so we have a unique perspective into this discussion.

At the moment there is not yet an agreed definition of how to respond to a DNT signal, and we know that a uniform, industry-wide response will be the best way to provide a consistent consumer experience across the Web.”

Fortunately, in response to Microsoft’s recent decision, Mozilla announced that the user’s choice is absolutely critical on this issue, and they confirmed that it will not set the “Do Not Track” feature in its Firefox browser to turn on by default. As articulated by Mozilla:

“DNT is intended to express an individual’s choice, or preference, to not be tracked. It’s important that the signal represents a choice made by the person behind the keyboard and not the software maker, because ultimately it’s not the browser being tracked, it’s the user.”

Amen, this also reflects the consensus that has emerged within the W3C Tracking Protection that “[k]ey to that notion of expression is that it must reflect the user’s preference, not the preference of some institutional or network-imposed mechanism outside the user’s control.”

So, again, there’s broad consensus on user choice and preference. Hopefully Microsoft will come to recognize this and continue to support the consensus effort.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Policy, Policy - Privacy Tagged With:

Do Not Track and Consumer Choice

June 1, 2012 By

Yesterday, Microsoft announced that that the latest version of its Windows 8 operating system has an Internet browser that has the “do not track” feature turned on as the default. This might seem like just a business choice, and one that is pro-privacy as well. But it’s not. This unilateral action will set back the cause of industry self-regulation, produce considerable consumer confusion and delay the introduction of an effective “do not track” feature.

The essential problem is that a “do not track” flag works only with the cooperation of websites and ad networks. If they do not honor the “do not track” setting in the consumer’s browser, the consumer will be tracked. But the industry has announced that they will cooperate with a “do not track” request only if it is an opt-in choice from the consumer himself, not a choice made on his behalf by a platform provider. If they stick to this position, the new “do not track” feature described in today’s announcement won’t in fact stop tracking.

And here’s where the consumer confusion comes in. Some reports say flatly “…when browsing on PCs and mobile devices featuring Windows 8, a user automatically won’t be tracked on the Web.” Well, that’s wrong, but most users will believe what they read and think they have successfully turned off advertising tracking by using the latest Windows operating system. It will take months to unwind this consumer confusion.

But why would the industry refuse to honor a consumer “do not track” request? Targeted ads are more effective and more valuable than regular ads. If regular ads replace all or most of the targeted ones, ad revenue declines dramatically. And the content that depends on ad revenue declines as well.

If ad networks and websites honored “do not track” requests that are on by default, they would be accepting a dramatic decline in their revenue. People rarely change a default setting unless they really care about something. Getting regular ads instead of targeted ones is not so intrusive, annoying or disturbing that people will go out of their way to change things. So if the default is set at “do not track” it will stay there.

Is that the right way to structure the consumer choice? No. Arranging the choice that way threatens the economic basis for Internet content for no good reason.

When people care about something, they will act, as they did in response to the FTC’s Do Not Call rule. That rule required consumers to affirmatively call or email the FTC to ask to be put on a Do Not Call list. Three quarters of all Americans have signed up for the registry accounting for over 200 million phone numbers. When they want something, people will take affirmative action to get it.

But it makes sense to see if they really want it, rather than making the decision for them. When the economic basis of Internet content is at risk this is the only sensible choice. Put “do not track” on the same track as Do Not Call – make it opt-in.

The way forward is for the industry to coalesce around an opt-in “do not track” mechanism. The advertising industry has already agreed to cooperate with that. The details have to be worked out, but the right direction is clear. Today’s announcement means that it will take longer for the industry to come to a real agreement on the topic. It is a detour that will only delay the arrival of an effective “do not track” mechanism.

Mark MacCarthy, Vice President, Public Policy at SIIA, directs SIIA’s public policy initiatives in the areas of intellectual property enforcement, information privacy, cybersecurity, cloud computing and the promotion of educational technology.

Share|
Filed Under: Policy, Policy - Privacy Tagged With:

Administration Releases Digital Government Roadmap

May 29, 2012 By

Last week, Federal CIO Steve VanRoekel released a Roadmap for Digital Government, entitled “Digital Government: Building a 21st Century Platform to Better Serve the American People.” The strategy document provides agencies with a 12-month roadmap that focuses on several priority areas and seeks to enable more efficient and coordinated digital service delivery by requiring agencies to establish specific, measurable goals for delivering better digital services; encouraging agencies to deliver information in new ways that fully utilize the power and potential of mobile and web-based technologies; ensuring the safe and secure delivery and use of digital services to protect information and privacy; requiring agencies to establish central online resources for outside developers and to adopt new standards for making applicable Government information open and machine-readable by default.

The strategy is the result of an Executive Order (EO 13571) issued by the President in late April to require executive departments and agencies to identify ways to use innovative technologies to streamline their delivery of services to lower costs, decrease service delivery times and improve the customer experience.

Importantly, with the release of this Roadmap, VanRoekel has declared that agencies will increasingly open up their valuable data to the public and set up Developer pages to give external developers tools to build new services, which will include a transformation of Data.gov into a data and API catalog that in real time pulls directly from agency websites. Additionally, adopting the incremental approach articulated in the Cloud First Directive, agencies have been directed to mobilize two of their priority customer-facing services in the next 12 months, and a wholesale reworking of the Federal government’s own use of mobile technology.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Policy, Policy - Privacy

Mobile Payments Get Currency

April 25, 2012 By

The FTC is looking at mobile payments this Thursday, an event that caps several weeks of intense attention to this innovative new technology by policymakers. In March the House Financial Services Committee and the Senate Banking Committee held hearings. And the Internet Caucus held a Congressional briefing, which I chaired.

Several years ago a study by ITIF highlighted mobile payment’s opportunities for efficiencies, growth and innovation. It wondered why it hadn’t taken off in the US, the way it had in other jurisdictions such as Japan and Korea. Since then Square, Intuit, Google, ISIS, PayPal have all ramped up their efforts to bring the new service to consumers and retailers in an attractive easy to use package. The majority of Americans will be embracing mobile payments by 2020, a Pew Internet study found last week.

The benefits are enormous. Mobile payment technology means faster checkout, more through put for merchants, the opportunity to send and receive offers and promotions, greater security, and a platform for new innovative services that haven’t been created yet.

It is worth pausing on the benefits of increased security. Unlike traditional magnetic stripe payment card transactions, mobile payments use a different security code for each transaction. Even if the transaction data is compromised, it cannot be used to make a counterfeit card that would work at the point of sale. This takes the merchant system out of harm’s way and reduces risk to cardholders. Mobile payments implemented on a smartphone can also be protected by a password or PIN number, adding barriers to illicit use of a lost or stolen phone. If asked to choose based on security, shoppers would be smart to use mobile payments over traditional cards.

Some have suggested that mobile payments create increased privacy risks because new information would be available to new players. But these risks are speculative and are being addressed in advance by market players who design their systems to be privacy-protective. They know that the market will only work on the basis of trust, careful handling of personal information, and a compelling user experience.

Mobile payment providers collect location information from their users, but only with affirmative consent. Product specific information isn’t collected at all and so cannot be added to a consumer profile to target ads. Cell phone and email information are available to mobile payment service providers at the time of sign up, but are not transferred to third parties such as retailers. Mobile payment services are savvy enough to avoid the mistake of allowing secret, undesirable acquisition of contact information by third parties. Under the Google Wallet rules, for example, contact information could not be disclosed to a retailer for marketing or advertising purposes without affirmative consent.

The privacy default for mobile payments is that consent is needed for any sharing of consumers’ personal information for marketing purposes. Industry participants have set up their systems with this requirement for consent as the default. This privacy-by-default approach renders concerns about privacy violations more theoretical than real. Mobile payment users can feel confident that they can enjoy the conveniences and added security and usefulness of mobile payments without worrying about privacy violations.

Mark MacCarthy, Vice President, Public Policy at SIIA, directs SIIA’s public policy initiatives in the areas of intellectual property enforcement, information privacy, cybersecurity, cloud computing and the promotion of educational technology.

Share|
Filed Under: All About Mobile, Government, Mobility, Policy, Policy - Cybersecurity, Policy - Privacy, Software, Software Events Tagged With: , , ,

In Comments on NTIA Multistakeholder Privacy Process, SIIA Applauds Government’s Role as Convener; Calls for Collaboration Instead of Legislation

April 2, 2012 By

Today the Software & Information Industry Association submitted comments to the Department of Commerce regarding the National Telecommunications and Information Administration (NTIA) “Multistakeholder Process to Develop Consumer Data Privacy Codes of Conduct.”

SIIA applauds the NTIA’s process of bringing together relevant parties in order to gather their collective expertise, and reiterated its call for a collaborative, rather than legislative, approach to addressing consumer data privacy. We believe that the proposed multistakeholder process can contribute significantly to the mutual recognition of data privacy regimes, including the European Union’s proposed data protection regulations.

SIIA looks forward to actively participating on behalf of our members and the industry broadly.

In its submission, SIIA says, “As highlighted by the Privacy and Innovation Blueprint, voluntary, enforceable codes of conduct are the appropriate approach for privacy protections because they develop faster and provide more flexibility than legislation or regulation. SIIA also concurs that the Government’s role in this process is primarily as a coordinator, acting as an active convener of the many stakeholders that share the interest of continued development of the digital marketplace.”

“The Federal Trade Commission has substantial authority to take action against actors it thinks has violated its privacy policies and is able to enforce a company’s promise to abide by a code of conduct through its authority to prevent deceptive practices.  As a result, SIIA believes that the multistakeholder process can and should proceed in the absence of new privacy legislation.”

SIIA goes on to make recommendations in several specific areas, and also calls on NTIA to adhere to several key principles while undertaking the multistakeholder process, including: 1) maintaining a commitment to openness and transparency of process and decision-making; 2) ensuring that the Department of Commerce plays an active role as convener; 3) enforcing a structure that has a timeline for deliverables, clear criteria for what counts as consensus and a division that allows progress to be made in sub-groups, and; 4) ensuring a process that is open to all affected parties, but does not preclude the submission of draft documents for review by the group.

For a copy of SIIA’s complete comments to the agency, click here.

David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy.

Share|
Filed Under: Policy, Policy - Privacy Tagged With:
« Older Posts
Newer Posts »