Critics say FTC, Obama privacy plans would lead to major regulation

Officials with the NTIA and FTC defend the proposals, saying they're mostly focused on voluntary actions by Internet companies

Recent online privacy proposals by the U.S. White House and Federal Trade Commission could lead to new regulations that stifle innovation on the Internet, some lawmakers and other critics said Thursday.

The proposals "would encompass a massive expansion of the government," Representative Marsha Blackburn, a Tennessee Republican, said during a hearing.

Both proposals are largely focused on voluntary steps Web companies can take to protect customers' privacy. But the White House proposal, released last month, also calls on Congress to pass a privacy "bill of rights" and give the FTC new privacy enforcement authority, potentially including new powers to fine violators.

Several Republican lawmakers questioned the need for new online privacy laws during a hearing in the House of Representatives Energy and Commerce Committee's trade subcommittee. "I am highly skeptical of Congress' or government's ability to keep up with the innovative and vibrant pace of the Internet without breaking it," said Representative Fred Upton, a Michigan Republican. "Consumers and the economy as a whole will not be well served by government attempts to wrap the Web in red tape."

But representatives of the FTC and the National Telecommunications and Information Administration (NTIA) said their proposals would not create major new regulations. The White House proposal seeks a 10- to 15-page bill that would put general privacy principles, including individual control of personal data and data collection transparency, into law, said Lawrence Strickling, the NTIA's administrator.

The FTC's privacy report, released this week, focuses partly on steps businesses can take on their own to better protect Web users' privacy, added Jon Leibowitz, the agency's chairman.

The FTC report calls on websites and online advertising networks to support an online do-not-track system in which customers could tell those businesses to stop tracking them across the Web.

"Our report is just best practices for companies," Leibowitz said. "It doesn't impose any obligations upon companies. [It contains] no rules, no force of law."

But privacy legislation is needed to protect online companies trying to do the right thing from an "uneven playing field" where competitors take advantage of a lack of rules, Leibowitz said. He also told lawmakers he would support efforts to give the FTC fining authority for online privacy violations as a way to provide a more "effective deterrence."

The hearing came on the same day that Yahoo announced that it will comply with visitor do-not-track requests later this year.

Other witnesses questioned the need for new regulations. While both proposals contain several good ideas, they could give the FTC too much power over online commerce, said Berin Szoka, president of TechFreedom, a free market think tank.

Congress should look for balance between privacy rights and the benefits of commerce, with an emphasis on letting consumers make choices for themselves. Szoka added. "Privacy advocates and policy makers alike all too often overstate the value of privacy and understate its costs," he said.

The White House proposal recognizes that government regulations can't keep up with the changing Internet market, but some of its specific proposals seem to run counter to that philosophy, Szoka said. "Government lacks the flexibility, speed and decentralization necessary to address Internet policy challenges," he said.

While some Republicans questioned the proposals, other Republicans and most Democrats on the subcommittee praised the proposals. Lawmakers need to protect privacy, but also stay away from broad regulations, said Representative Mary Bono Mack, the subcommittee chairwoman and a California Republican.

"Despite the recent, highly publicized privacy initiatives taken by several companies, I don't believe industry is doing enough on its own to protect American consumers, while the government, as we all know, has this really bad habit of overreaching whenever it comes to new regulations.," she said.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.

More about Federal Trade CommissionFredFTCIDGYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts