` NTIA Posts Business / Public Comments on Global Privacy Priorities - Clarip Privacy Blog
ENTERPRISE    |    CONSUMER PRIVACY TIPS    |    DATA BREACHES & ALERTS    |    WHITEPAPERS

NTIA Posts Business / Public Comments on Global Privacy Priorities

The National Telecommunications and Information Administration (NTIA) in the U.S. Department of Commerce has posted the public responses to its call for comments on international internet policy priorities for 2018 and beyond. The purpose of seeking commentary was to determine the most important issues facing the internet globally so that it can leverage its resources and policy expertise effectively.

Given the extensive privacy debates that have been going on in 2018, it should come as no surprise that a not insubstantial portion of the comments were devoted to privacy issues.

The NTIA is the Executive Branch agency responsible for advising the President on telecommunications and information policy. It was established in 1978 and has made growth and innovation in communications technologies (including most recently internet communications) the cornerstone of its mission. In the area of international data privacy, NTIA works to advance interoperable privacy regimes and mechanisms to ensure that different approaches do not impede global commerce.

The questions that the NTIA asked about privacy were: What international venues are the most appropriate to address questions of digital privacy? What privacy issues should NTIA prioritize in those international venues?

The NTIA also asked a related question in its first category of questions that caused many responders to discuss privacy. The question was: What are the challenges to the free flow of information online?

globalinternet

We have reviewed a number of the public comments and have summarized or quoted from a few of them here with respect to their submissions on privacy:

ACT | The App Association:

App Association represents thousands of small business software application development companies and technology firms that create apps. According to its submission:

App Association supports international trade negotiations as well as bilateral/multilateral dialogues to ensure the free flow of personal information across country borders while establishing meaningful protections of personal information.

Association of National Advertisers:

The ANA membership includes nearly 2,000 companies with more than 25,000 brands and almost 150,000 professionals that annually spend more than $400 billion collectively in marketing and advertising. According to its submission:

ANA asked NTIA to study the effects of GDPR on competition and consumers to warn other countries considering adopting it. It warned that insufficiently considered government action on privacy presents some of the foremost challenges to the free flow of information online. It discussed how the imposition of opt-in consent models could “drastically alter the online experience” and recommended the use of implied consent or opt-out rights in advertising and marketing where there is no history of consumer harm. It also believes that the rights of access and deletion should not be extended to advertising and marketing databases, which are used to provide consumers with valuable information and facilitates economic growth. It supports the current targeted and sectoral approach to federal privacy regulation rather than blanket rules applying across industries and data types. It believes that industry self-regulation should also be encouraged.

AT&T:

AT&T is an integrated media and entertainment company providing mobile, video and data solutions. According to its submission:

AT&T encourages the government to pursue stable and interoperable cross-border privacy frameworks. “Political or legal uncertainty regarding the ongoing availability of cross-border transfer mechanisms creates significant operational and financial challenges for business and their customers. This disruption of cross-border data flows has far-reaching economic consequences and threatens to impede the continued growth of the Digital Economy.”

“The FTC should continue to be sensitive to the concerns of international regulators and to pursue aggressive enforcement against companies that have failed to comply with the rigorous requirements of the Privacy Shield.”

“To make data-driven innovation compatible with data privacy, it is critical to empower users without over-regulating data controllers or data collection.”

“… privacy rules should be consistent across the global digital ecosystem. Privacy regulations that apply to only one set of technologies, data class or industry players can create confusion. Rather, consumers expect that one set of common rules will apply …”

“NTIA should collaborate with other U.S.G. agencies to build consensus around the adoption of federal baseline privacy legislation in the United States. A clear legal framework will demonstrate U.S. leadership in this area and provide a model for other states. It will also facilitate the operations of companies that may be obligated to comply with a patchwork of requirements in different U.S. states.”

Center for Democracy & Technology:

CDT is a non-profit public interest advocacy organization that works to promote individual rights in internet law and policy. According to its submission:

Among other things, it advocates for considering regulations around the privacy and security of Internet of Things (IoT) devices. The concerns in this industry include hacking, data leakage, uncontrolled sharing of information across multiple devices and unauthorized setting adjustments. CDT also believes that the United States has lost its global leadership on the issue of privacy and needs to articulate its own privacy framework in order to stop other countries from adopting versions of GDPR.

Entertainment Software Association:

ESA represents nearly all major video game publishers and platform providers in the United States. According to its submission:

It asks the United States to foster dialogue between foreign governments and industry stakeholders so that ambiguities in privacy laws can be avoided. It also seeks to encourage free cross-border data flows while highlighting the viability of voluntary self-regulation mechanisms.

Google:

Google is the world’s largest search engine. According to its submission:

It opposes global removals under the Right to be Forgotten because it could allow non-democratic governments to censor information around the world.

“The U.S. government should continue to advocate on the global stage for policies that embrace the unprecedented opportunities for human advancement made possible by data, but that also protect consumers and address the potential for harm from the misuse of data by making the data ecosystem more transparent and ensuring accountability.”

Information Technology & Innovation Foundation:

ITIF is a non-profit, non-partisan public policy think tank committed to a pro-productivity, pro-innovation and pro-technology public policy agenda. According to its submission:

It objects to application of national laws to the global Internet in a manner that impede on the sovereignty of other nations and individuals, such as Europe’s application of the right to be forgotten. It also objects to the GDPR attack on the light-touch regulation of the internet that has caused the digital economy to flourish. Instead, it sees GDPR bringing higher compliance costs, threatening substantial penalties for mistakes, reducing access to data, and reducing the viability of free business models.

Microsoft:

Microsoft is a multinational technology company that develops and sells personal computers and computer software. According to its submission:

“A strong legal framework for data protection provides an essential foundation for data-driven innovation and entrepreneurship to flourish. Such foundation should integrate core principles to instill the level of trust needed to propel international trade, sustain economic growth and create new opportunities for everyone inclusively.”

Microsoft would have the government apply a broad definition of personal data to all entities, give consumers data subject rights, require strict standards for consent or other legal grounds for processing, support de-identification, and avoid overly broad extraterritorial application of data restrictions. It encourages facilitation of intercompany and cross-border data flows protected by appropriate technical and legal measures. there should be a single framework applied consistently to different industries with oversight from a central regulator, rather than distribution among several regulators.

“Microsoft believes that robust privacy protections do not have to, and should not, stifle innovation …”

“Appropriate privacy regulations can be critical for establishing a trusted environment and lead to even greater prosperity for U.S. companies.”

“Privacy is an essential pillar for enabling the digital transformation.”

Software & Information Industry Association:

SIIA is the principal trade association for the software and digital content industry. According to its submission:

It suggests a number of priorities for NTIA including maintaining cross-border data flow interoperability mechanisms between different privacy systems, distinguishing between B2B and B2C obligations in privacy dialogues and oppose extraterritorial application of other countries’ privacy laws. It also urges advocacy for a U.S.-style sectoral privacy system rather than the comprehensive GDPR system that it declares convenient to emulate.

TechFreedom:

TechFreedom is a non-profit, non-partisan technology think tank focusing on Internet freedom and technological progress. According to its submission:

They warn that the “free, open and borderless Internet is at risk of balkanization because of privacy and security regulation.” They express concern about increasing costs to create barriers to entry to startups, as well as regulations that alter or break the business models that have created the growth of the Internet. It identifies GDPR as an impediment to the free flow of information and a constraint on innovation, economic growth and free expression by limiting the business models and data practices that have allowed services to flourish online. It also contends that it will entrench companies that can afford the compliance and litigation costs.

U.S. Chamber of Commerce:

The U.S. Chamber of Commerce represents the interests of more than 3 million businesses. According to its submission:

They are concerned that the adoption of the EU’s GDPR by other countries could forestall innovation for years to come. They warn that complying with GDPR will disadvantage small businesses and the ePrivacy Regulation could create further confusion with GDPR. They see a number of risks in China choosing a privacy protections without interoperability that will fragment the internet, Latin America using GDPR as a template for privacy regulations, and possible challenges to the EU-U.S. Privacy Shield.

Instead, they recommend the U.S. government support international privacy frameworks that “facilitate digital trade and the seamless movement of data,” while “pushing back against the contagion of GDPR in other countries …”

Verizon:

Verizon is a global telecommunications company. According to its submission:

Verizon considers that “Ensuring privacy and cybersecurity is vital for consumer trust in the digital economy ….” It thinks that countries need to strike the right balance between protecting privacy and enabling the use of data for innovation. It also seeks to maintain the free flow of data by avoiding “overly prescriptive privacy regimes”. It warns that inconsistent and conflicting approaches to privacy risk confusing consumers and limiting international competition and commerce.

The complete list of comments and recommendations submitted are available here.

Contact Clarip for Help with Your Privacy Program

The Clarip data privacy software and team are available to help improve privacy practices at your organization. Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo or speak to a member of the Clarip team.

If you are working towards GDPR compliance, we can help through our modular GDPR software. Whether you are starting the process with GDPR data mapping software, need privacy impact assessment software, or looking to meet ePrivacy requirements with cookie consent manager, Clarip can help strengthen your privacy program.

If CCPA compliance in 2020 is on your radar, ask us about our California Consumer Privacy Act software. Improve efficiency of responses to data subject access requests with our DSAR Portal, or provide the right to opt out of the sale of personal information with our consent software.

Click here to contact us (return messages within 24 hours) or call 1-888-252-5653 to schedule a demo and speak to a member of the Clarip team.

Other Blog Posts on Proposed Federal Privacy Law Changes:

NIST Voluntary Privacy Framework
Media Reports White House Considering Privacy Law Changes
Business Roundtable Privacy Framework
Intel Draft Privacy Law
ITI FAIR Privacy Framework
US Chamber of Commerce Privacy Principles

Contact

  • 1521, Concord Pike, Suite #301,
    Wilmington, DE 19803 USA
  • 20 Montchanin Road, Suite 20,
    Greenville, DE 19807 USA
  • Contact Online

888-252-5653

About

Consumers

Businesses

The pixel
Show Buttons
Hide Buttons