Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Seeking Freevacy: SOPA Resurrected and the “Consumer Bill of Rights”

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

What we really need from Congress and the administration is a Freevacy bill  — a freedom and privacy all-in-one statute that satisfies consumers and anti-piracy proponents as well as open-Internet advocates. But, then we also need fat-free, sugar-free, calorie-free ice cream sundaes, cigarettes that don’t cause lung cancer and a computer and cell phone in one easy-carry device.  Oh, they make that last thing?

Anyway, what’s being proposed by the Obama administration is a “Consumer Privacy Bill of Rights,” which says companies aren’t permitted to take user data without notifying them and lets users opt out of having their online activities tracked.

Sean Ludwig in VentureBeat notes that the White House’s blog announcing the bill talks about Google, Microsoft, AOL, and Yahoo, but says not one word about Facebook — the company that controls and sells 800 million users’ worth of data.

In his piece, Ludwig also lays out the basic tenets of the proposed bill which would be enforced by the Federal Trade Commission.

Individual Control: Consumers have a right to exercise control over what personal data organizations collect from them and how they use it.

Transparency: Consumers have a right to easily understandable information about privacy and security practices.

Respect for Context: Consumers have a right to expect that organizations will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data.

Security: Consumers have a right to secure and responsible handling of personal data.

Access and Accuracy: Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data are inaccurate.

Focused Collection: Consumers have a right to reasonable limits on the personal data that companies collect and retain.

Accountability: Consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.

Addressing the President Obama directly in TechCrunch, Devin Coldewey, says, “I’m glad your administration has taken the time to craft what looks like a fairly forward-thinking and potentially globally influential policy towards consumer privacy on the internet. No doubt it will have to be snipped here and built up there and the fast pace of the technology world may make some of its provisions quaint after a few years, but overall it seems strong, and fair to both companies and their consumers.”

Then, shifting gears faster than an Indie driver on Memorial day, Coldewey  says,” But if you’ll forgive me for saying so, Mr. President, I think you’re barking up the wrong tree. Google, Apple, Comcast, tracking cookies, deep packet inspection — this is something we can handle with minimal assistance. Tech is a young, fast-moving field, and tends to regulate itself, perhaps because the Internet is the collective medium of billions, and tyrants don’t live long here. And to be honest, laws passed by the U.S. are considered more rough guidelines, to be transgressed at will by individuals or multinationals.”

Whoa.  Excuse us. Did he really say tech can regulate itself? And tyrants don’t live long here? Guess he’s never tried bringing a new operating system to market or creating a new search engine or starting a new company without paying for a Google listing.

And did he really say laws passed by the U.S. are considered more rough guidelines to be transgressed at will by individuals or multinationals? It’d be interesting to see his 1040 at tax time.

Anyway…Coldewey appears to believe.  Perhaps Mr. Coldewey should speak for himself:

Where we do need your help, [Mr. President], is where we, the young, free Internet, have little presence and receive no consideration. The threat of bills like SOPA, PIPA, PCFIPA, and their equivalents elsewhere is real, but they are conceived and considered in that sea of ignorance and corruption that is, I am sorry to say, your current place of residence. We need your help in Washington.

I doubt you’re unaware of this, actually. Your administration has been friendly to technology and has embraced where it could have restricted and regulated. And you did, in fact, state your opposition to SOPA — though it must be said that this opposition appeared after months of criticism from practically every independent tech group in the world; our own statement of opposition, itself quite late, appeared in November. How much of the abandonment of that bill was due to real acknowledgement of the unprecedented Internet-based activism shown on January 18th, and how much was due to your administration’s opposition, announced simultaneously and rendering it politically expedient to jump ship, we will never know. But what we do know is that we could have used your support long before then.

And the result of all that effort is that SOPA is substantially back on the table, perhaps worse than ever, tied to a fail-proof bill ostensibly about combating child pornography. I don’t need to tell you how reprehensible this tactic is, or what these desperate means say about the legitimacy of the measures to be enacted.

The power of the Internet, Mr. President, which is to say the people’s power, is that of exposing something to the light — making something known. Sometimes this process amplifies something trivial, and sometimes it changes the world. But all we can do is put it out there, and in the case of legislation like this, that’s not nearly enough.

Your power, on the other hand, is to sign or veto laws in order to advance the public good. It is also to be a voice representing that public. That means expressing to a Congress full of clueless old men and awash with lobbyist money that the U.S. should be a bastion of liberty and transparency, not a test market for shoddy laws ghost-written by dinosauric industries. SOPA was nearly passed despite the vocal protests of millions upon millions and the expert testimony of the people who literally created the Internet, among others.

What you can do for us — and when I say us, Mr. President, I mean for the entire population of the free Internet, internationally, as the U.S. is a trendsetter in this way — is establish a standard for freedom on the Internet that is fundamental enough and rigorous enough to compel both private companies and public servants to acknowledge it. I realize you’re in no position to dictate policy, but it is very important for the White House to at least signal that it has the best interests of the citizens of the Internet in mind. We have no assurance right now that that is truly the case.

The requirement of companies to respect the privacy of their users becomes hollow and cynical when the same government establishing these “rights” is actively working to undermine them. The left hand giveth, and the right hand taketh away. This is not a healthy representative government in action.

You may be aware that it is an election year, Mr. President, and I humbly suggest that the safety and privacy of this country’s citizens on the Internet (and indeed that of billions worldwide who value it for a variety of reasons, from recreation to revolution) must be an issue on which you personally, and by extension the United States, take a principled stand. This may be difficult. But you have the mixed fortune of standing over one of the many fulcrums of history, and while this critical and global issue won’t be settled in the next year, or maybe even the next decade, we rely on you to at least take a few steps in the right direction.

By ThreatMetrix Posted