TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout

Privacy Perspectives | DNT 2.0: What Next for Policymakers? Related reading: Lessons from the GDPR and CCPA for Congress

rss_feed

""

DPC18_Web_300x250-COPY
GDPR-Ready_300x250-Ad

Could the appointment of Justin Brookman of the Center for Democracy and Technology (CDT) and Carl Cargill of Adobe salvage the World Web Consortium (W3C) Do Not Track (DNT) process? Hopefully, all sides will work together to pursue an agreed-upon solution, since an implosion of the process, which seemed inevitable on Tuesday as the Digital Advertising Alliance (DAA) announced its departure from the group, would cast a long shadow over the prospects for multi-stakeholder resolutions to the burning privacy problems of our time.

In January 2012, the Obama Administration staked its privacy policy reputation on encouraging “multi-stakeholder processes to develop enforceable codes of conduct” in different industry sectors. The Federal Trade Commission similarly supported the development of a DNT standard by industry without need for legislation or regulatory enforcement. And yet a year-and-a-half later, these processes have become mired in protracted discussions about the relatively non-contentious issue of transparency for mobile apps, as well as lingering failure to reach an accord on DNT.

Some would argue that the W3C, a technical standard-setting organization, is ill suited to resolve such policy debates. Bridging the gap between the diametrically opposed views of industry hardliners and consumer advocates has proved daunting, even for Prof. Peter Swire, the seasoned professional who co-chaired the discussions over the past nine months. Indeed, the members of the DAA themselves appear to be in discord, with the Interactive Advertising Bureau, Network Advertising Initiative and Direct Marketing Association stating they will remain engaged in the process—although cynics would argue that their intention is simply to ward off a deal that is harmful to industry. One lesson may be that a solution based on consensus is highly unlikely given that those who are most motivated to mobilize are advocacy and industry voices from the furthest extremes. Indeed, a palatable solution is probably one that leaves all sides unhappy.

Critics of the process point to another W3C foray into privacy policymaking—the adoption in 2002 of a “Platform for Privacy Preferences” (P3P), which would allow websites to match their intended uses of information with users’ stated privacy preferences. Despite being implemented by Microsoft browsers (like DNT), P3P failed given the industry’s wholesale disregard for—and in some cases gaming—the standard, and lack of consumer buy-in. EPIC, the privacy advocacy group, dubbed P3P “pretty poor privacy”.

The big question is what happens now with Brookman and Cargill at the helm. The policy environment has become disjointed with California pursuing its own DNT legislation; Microsoft setting its browser to automatically require (whom?) not to track (what?), and various industry bodies administering their own opt-out programs without a clear tie into DNT. European voices point to the faltering multi-stakeholder process as sign of perceived weakness of privacy protections in the U.S. Given the demonstrated difficulty in resolving privacy issues at every public policy instance—witness the tortuous progress of the draft European General Data Protection Regulation—we must work to better understand what works and what does not in the multi-stakeholder space.

Comments

If you want to comment on this post, you need to login.