米国連邦取引委員会 FTC Issues Final Commission Report on Protecting Consumer Privacy
Do-Not-Track - The Commission commends the progress made in this area: browser vendors have developed tools to allow consumers to limit data collection about them, the Digital Advertising Alliance has developed its own icon-based system and also committed to honor the browser tools, and the World Wide Web Consortium standards-setting body is developing standards. "The Commission will work with these groups to complete implementation of an easy-to-use, persistent, and effective Do Not Track system," the report says.
Mobile - The FTC urges companies offering mobile services to work toward improved privacy protections, including disclosures. To that end, it will host a workshop on May 30, 2012 to address how mobile privacy disclosures can be short, effective, and accessible to consumers on small screens.
Data Brokers - The Commission calls on data brokers to make their operations more transparent by creating a centralized website to identify themselves, and to disclose how they collect and use consumer data. In addition, the website should detail the choices that data brokers provide consumers about their own information.
Large Platform Providers - The report cited heightened privacy concerns about the extent to which platforms, such as Internet Service Providers, operating systems, browsers and social media companies, seek to comprehensively track consumers' online activities. The FTC will host a public workshop in the second half of 2012 to explore issues related to comprehensive tracking.
Promoting Enforceable Self-Regulatory Codes - The FTC will work with the Department of Commerce and stakeholders to develop industry-specific codes of conduct. To the extent that strong privacy codes are developed, when companies adhere to these codes, the FTC will take that into account in its law enforcement efforts. If companies do not honor the codes they sign up for, they could be subject to FTC enforcement actions.
Final FTC Privacy Framework and Implementation Recommendations.
A. FTC Roundtables and Preliminary Staff Report
B. Department of Commerce Privacy Initiatives
C. Legislative Proposals and Efforts by Stakeholders
1. Do Not Track
2. Other Privacy Initiatives
III. Main Themes From Commenters
A. Articulation of Privacy Harms
B. Global Interoperability
C. Legislation to Augment Self-Regulatory Efforts
IV. Privacy Framework
1. Companies Should Comply with the Framework Unless They Handle Only Limited Amounts of Non-Sensitive Data that is Not Shared with Third Parties
2. The Framework Sets Forth Best Practices and Can Work in Tandem with Existing Privacy and Security Statutes
3. The Framework Applies to Offline As Well As Online Data
4. The Framework Applies to Data That is Reasonably Linkable to a Specific Consumer,Computer, or Device
B. Privacy by Design
1. The Substantive Principles: Data Security, Reasonable Collection Limits, Sound Retention Practices, and Data Accuracy
2. Companies Should Adopt Procedural Protections to Implement the Substantive Principles
C. Simplified Consumer Choice
1. Practices That Do Not Require Choice
2. For Practices Inconsistent with the Context of their Interaction with Consumers, Companies Should Give Consumers Choices
1. Privacy Notices
3. Consumer Education