There has been scant detailed coverage of the current discussions in Congress around an online privacy bill. The Wall Street Journal has published several pieces on it in their “What They Know” section but I’ve had a hard time finding anything that actually details the substance of the proposed legislation. There are mentions of Internet Explorer 9′s Tracking Protection Lists, and Firefox’s “Do Not Track” functionality, but little else.
Not surprisingly, we’re generally feeling like legislators are barking up the wrong tree by pushing to limit rather than expand legitimate uses of data in hard-to-enforce ways (e.g. “Do Not Track,” data deletion) without actually providing standards and guidance where government regulation could be truly useful and effective (e.g. providing a technical definition of “anonymous” for the industry and standardizing “privacy risk” accounting methods).
Last but not least, we’re dismayed that no one seems to be worried about the lack of public access to all this data.
In response, we sent the following letter to the editor to the New York Times on March 23, 2011 in response to the first appearance of the issue in their pages – an opinion piece titled “A New Internet Privacy Law,” published on March 18, 2011.
While it is heartening to see Washington finally paying attention to online privacy, the new regulations appear to miss the point.
What’s needed is more data, more creative re-uses of data and more public access to data.
Instead, current proposals are headed in the direction of unenforceable regulations that hope to limit data collection and use.
So, what *should* regulators care about?
1. Much valuable data analysis can and should be done without identifying individuals. However, there is as yet, no widely accepted technical definition of “anonymous.” As a result, data is bought, sold and shared with “third-parties” with wildly varying degrees of privacy protection. Regulation can help standardize anonymization techniques which would create a freer, safer market for data-sharing.
2. The data stockpiles being amassed in the private sector have enormous value to the public, yet we have little to no access to it. Lawmakers should explore ways to encourage or require companies to donate data to the public.
The future will be about making better decisions with data, and the public is losing out.
The Common Data Project – Working towards a public trust of sensitive data