The buzz words in privacy over the last few months (really longer than that) have been "Do Not Track." Twitter is just the latest company to adopt the DNT browser option, indicating in a blast email to all Twitter users that the setting is now available for implementation if a user so chooses. Interestingly, however, a much less publicized setting was also presented in that same email blast: Twitter's new "tailored suggestion feature." Applications and widgets created by Twitter will begin to collect data about Twitter users from third party websites that feature those products. This is an entirely new feature from Twitter, and is being implemented as a default option for both new and existing Twitter users.
Nowadays, a news story on privacy is out of place if it doesn't mention Do-Not-Track (known as "DNT") or Big Data. While these hot topics represent key concerns for privacy professionals, advocates and regulators, there is no clear agreement on what they mean or how to address the privacy issues they raise. In this post, we consider recent developments on these topics, including how the Federal Trade Commission has sought to focus on and connect these new issues.DNT or DNC DNT is in the midst of a multi-faceted identity crisis, starting with a disagreement over the definition of DNT. Self-regulatory organizations and the advertising industry assert that DNT stands for "Do Not Target," referring to the use of consumer data for the purposes of targeted advertising. The FTC, buoyed by privacy advocates, appears to take the view that DNT means not only "Do Not Target" but also "Do Not Collect" (DNC). FTC Commissioner Brill elaborated at the 2012 IAPP Summit that she doesn't view the current DNT efforts as entirely sufficient because the choice DNT offers does not give consumers appropriate protection against what Brill characterized as "limitless, unmitigated" data collection. But Brill does not argue for wholesale implementation of DNC, and has indicated that the details of the implementation of DNT/DNC will continue to remain a key focus for the FTC.
Banks and other financial institutions face unique issues when it comes to the use of social media. Faced with conflicts between social media platform rules, customer expectations, self-regulatory standards, and the strict regulations that govern the industry, guidance has been needed. The industry received some of that guidance recently through a whitepaper issued by BITS, the technology arm of The Financial Services Roundtable whose members are 100 of the largest financial institutions in the U.S.The report addresses the compliance, legal, operational, and reputational risks - and related mitigation strategies - of using social media in connection with a financial or banking operation. Regarding compliance, the report discusses the myriad of compliance areas relevant to banks, including marketing, privacy and security. For example, because social media web sites and web activities are deemed advertising by regulators, the report warns of the risks of failing to comply with various marketing laws and regulations applicable to the banking industry, including state Unfair and Deceptive Acts or Practices Acts and Prize and Gift Acts, as well as others that require additional steps for financial institutions, such as Truth in Lending, Truth in Savings, and FDIC membership rules. The paper predicts even stronger and more subjective requirements to come under the Dodd-Frank Wall Street Reform and Consumer Protection Act. Risks of non-compliance vary widely - from litigation and reputation risk, regulatory enforcement actions and in some cases civil money penalties.
The FTC's December 2010 release of its much anticipated Privacy Framework included the typical public comment period, which ended in February. We've reviewed each of the 442 separate comments received by the FTC during the comment period to uncover the themes, trends and thoughts raised by the Framework. The result is added perspective into what the FTC will be weighing in its future versions and any resulting recommendations for additional legislation and regulation. With this in mind, what can the public comments tell us?