Privacy - American carrot or European stick?
Jinfo Blog

By Tim Buckley Owen

Abstract

The US government prepares to set out its data privacy principles while Europe sees problems in its own more advanced policy. Meanwhile individuals are deciding for themselves about who has access to their own personal online data.

Item

As the United States government finally sets out its data privacy principles, all is not well with the rather more advanced European policy. Meanwhile, though, are individuals starting to leapfrog the law by managing their own privacy better?

“We can’t wait,” says the Obama administration as it unveils its proposals for a Privacy Bill of Rights to protect consumers online. Presumably that means it can’t wait for the industry to get around to regulating itself regarding the control users have over how their information is used – although the US government’s announcement does acknowledge the Digital Advertising Alliance’s commitment to implementing Do Not Track technology within nine months.

Nevertheless, it all seems a little permissive. The US government’s white paper points out that “there is no Federal regulation at the end of the process, and codes will not bind any companies unless they choose to adopt them”.

But before the apparently more privacy-conscious Europeans start to shuffle discontentedly and grumble once more about lack of American commitment, holes are also beginning to appear in their own proposals (LiveWire background here).

According to a blog posting by information law training specialist Amberhawk, the United Kingdom Ministry of Justice (MoJ) data protection policy boss, John Bowman, complained recently that the proposed European regulation “gold plated” citizens’ rights and was disproportionately biased against business. The MoJ currently has a Call for Evidence out on the proposal (more LiveWire background) – and it’s easy to see what answer it would like.

Then Google’s global privacy counsel Peter Fleischer has said that search engines shouldn’t have to comply with the “right to be forgotten”; that’s the job of webmasters. All the search engines should have to do is keep their indexing up to date and make it easier for webmasters to remove their site from search results.

The European Commission begs to differ (the ZDNet technology site reports); the rules certainly will apply to search engines, it says. But in her robust response to Google, European Commission privacy champion Viviane Reding did seem to make one concession: social networking sites may not have to forget when users have already restricted access to “friends”.

If so, it looks as if users may be helping this process along. A new study by the Pew Research Center’s Internet & American Life Project finds that around six in 10 set their profiles to “friends only”, while another fifth allow only friends of friends in.

What’s more, the numbers of people pruning their friend lists, deleting comments made about them by others and untagging photos identifying them have also increased. Looks as if people are starting to take responsibility for their own “right to be forgotten” – in America, at any rate.

« Blog