The Federal Trade Commission (FTC) has published its final report setting forth best practices for businesses to protect consumers’ privacy and give them greater control over the collection and use of their personal data.
Entitled “Protecting Consumer Privacy in an Era of Rapid Change, Recommendations for Businesses and Policymakers,” the report recommends that businesses follow the practices outlined in it and that Congress consider enacting general privacy legislation, data security and breach notification legislation, and data broker legislation.
The report expands upon a preliminary report issued in 2010. The final report’s major recommendations include:
- Privacy by Design. Companies should promote consumer privacy throughout their organizations and at every stage of the development of their products. Companies should incorporate substantive privacy protections into their practices, such as data security, reasonable collection limits, sound retention and disposal practices, and data accuracy.
- Simplified Choice for Businesses and Consumers. Companies should give consumers the option to decide what information is shared about them and with whom. This could include a Do-Not-Track mechanism that would provide a simple, easy way for consumers to control the tracking of their online activities.
- Greater Transparency. Companies should disclose details about their collection and use of consumers’ information and provide consumers access to the data collected about them.
The report stated that the FTC will focus on five areas in the next year: do not track, mobile, data brokers, large platform providers, and promoting enforceable self-regulatory codes. The FTC will conduct a workshop on May 30, 2012, on mobile privacy disclosures and how those disclosures can be short, effective, and accessible to consumers on small screens.