With the utility of privacy law in question, and the U.S. unwilling to relinquish industry self-regulation, we are left with a choice. Continue the march toward the privacy cliff or find an alternative to both the EU’s “government-centric” and the U.S.’s “industry-centric” regulatory approaches.
The most viable alternative, and the way back from the cliff, is to empower consumers to motivate corporate respect for privacy by giving them the technology to control their own data online.
For example, continue deploying do-not-track (DNT) tools that afford consumers some control over whether advertisers track their browsing. And encourage the advertising industry to more effectively publicize programs such as the Digital Advertising Alliance’s Self-Regulatory Program for Online Behavioral Advertising.
Beyond this, further empower and simplify for the consumer. Specifically, enlist e-commerce stakeholders to create a single, simple, universal digital form that consumers may complete online to express their privacy requirements. Then require businesses to access and respect these forms. The result: Users who choose not to file a form may be tracked by default, and those who choose not to be tracked will not be.
Finally, beyond even this, develop technologies enabling consumers to manage their data as they would any other asset. One emerging technology is the personal data locker (PDL). A cloud service for storing anything one creates or does online, a PDL functions like a personal bank account. The individual controls it, and no third party can access it without the consumer’s permission. PDLs can put consumers and businesses on an equal privacy footing.
Empowering consumers acknowledges the transnational reality of Internet commerce. The day after Commissioner Reding’s address, U.S. Ambassador to the EU William E. Kennard spoke to the same Conference. He discussed, among other issues, “International Interoperability” and “Regulatory Cooperation,” the areas in which the U.S., EU, and all national sovereignties clash loudest.
The only means for achieving permanent interoperability and cooperation is to create, by international treaty, a transnational cyber zone for digital commerce. Modern ideas of national sovereignty date to the origin, some 500 years ago, of the nation-state. Alas, the utility of this durable invention does not extend into cyberspace. As no nation claims to control an entire ocean just because its waters touch its coast, no nation can claim sovereignty over cyber space just because it is a node on the network.
Going forward, a combination of consumer empowerment and legal recognition of what the Internet already is—transnational—provides a simple, uncompromising alternative to suffering the collective fate of digital lemmings. Consumer empowerment and transnational recognition is the only way back from the privacy cliff.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.