For the past month, online companies have considered the privacy legislation discussion draft from Rep. Boucher and Stearns. The legislation is a broad attempt to set privacy defaults for the collection, use and sharing of information on the Internet.
Last Friday, NetChoice submitted comments to Rep. Boucher and Stearns.
While there are some aspects of the bill to like (eg. no private right of action), we’re worried that the bill does too much, too soon, to set opt-in or opt-out defaults. We explored in a previous post why flexibility in setting user defaults is important for continued social network innovation.
Fortunately, open and thoughtful consideration of this matter can continue without undue pressures to find a quick fix for privacy. Because while there have been state legislative proposals on privacy, there is not now a patchwork of state laws creating unworkable compliance challenges for interstate e-commerce. In other words, we can take our time and get this right.
Our comments discuss how the draft bill would interfere with four commonplace scenarios for collecting and using information. Here’s one of ‘em:
1. The Operational Purpose exemption in this draft legislation is too narrow, in that it does not permit use of covered information for marketing or advertising to existing customers.
Case 1: A consumer buys a new washer and dryer and writes her email address on a product registration card. That’s an Operational Purpose, so no consent is required to collect the info.
But if the retailer later wants to send an email offering an extended service contract, he has to first obtain consent to send the email, since that’s a use of covered information for marketing purposes.
Continue reading →