Describe and evaluate the different methods that are being used to protect online privacy. Which of these methods do you think is or could be the most effective?
Answer: The different methods being used to protect online privacy include legal protections, industry self-regulation, privacy advocacy groups, and technology solutions.
In the United States, the Federal Trade Commission has taken the lead in researching online privacy and recommending legislation to Congress. The FTC has issued the Fair Information Practice (FIP) Principles, which forms the basis for its recommendations for online privacy. Two core principles are Notice/Awareness and Choice/Consent. The Notice/Awareness principle recommends that sites disclose their information practices before collecting data. The Choice/Consent principle recommends that there be a choice system in place that allows consumers to choose how their information will be used for secondary purposes other than supporting transactions. Although the FIP principles are guidelines, not laws, they have stimulated private firms to develop their own guidelines and are being used as the basis of new legislation, such as the Children's Online Privacy Protection Act (COPPA), which requires Web sites to obtain parental permission before collecting information on children under 13 years of age. Recently, the FTC has developed a new framework to address consumer privacy. The main principles are privacy by design, simplified choice and greater transparency, applied to all commercial entities that collect or use consumer data, not just those that collect PII. It has also called for a "Do Not Track" mechanism for online behavioral advertising. As with FIP, these principles remain guidelines. Although several bills have been introduced in Congress to implement them, none have been passed as of yet.
The online industry, of course, opposes any legislation. It argues that self-regulation can address the growing consumer concern about misuse of personal information. The online industry formed the Online Privacy Alliance (OPA) to encourage self-regulation. In addition, the Network Advertising Initiative, a consortium of major Internet advertising companies, was formed to develop policies for the industry. The NAI policies are designed to offer consumers opt-out programs and to provide consumers with redress for abuses. Other forms of self-regulation include various "seals" of approval that sites can display when in compliance with certain privacy policies. However, these seal programs have had a limited impact on Web privacy practices and critics argue that the programs are not particularly effective in safeguarding privacy.
In general, industry efforts at self-regulation in online privacy have not succeeded in reducing American fears of privacy invasion during online transactions or in reducing the level of privacy invasion. In addition, consumer privacy groups have formed to monitor developments, and there are some technological solutions that help, although primarily in the arena of security. Technological tools include spyware blockers, pop-up blockers, methods to secure email; anonymous remailers, anonymous surfing, cookie managers, and P3P.