April 18, 2024

You are here: Home / Archives for privacy law

Slipstream: In Privacy Laws, an Incomplete American Quilt

March 30, 2013 by Leave a Comment

That was the message of a report from the Republican Party a few weeks ago on how to win future presidential elections.

It’s also the strategy that Peter Fleischer, the global privacy counsel at Google, recently proposed for the United States to win converts abroad to its legal model of data privacy protection. In a post on his personal blog, titled “We Need a Better, Simpler Narrative of U.S. Privacy Laws,” he describes the divergent legal frameworks in the United States and Europe. 

The American system involves a patchwork of federal and state privacy laws that separately govern the use of personal details in spheres like patient billing, motor vehicle records, education and video rental records. The European Union, on the other hand, has one blanket data protection directive that lays out principles for how information about its citizens may be collected and used, no matter the industry.

Mr. Fleischer — whose blog notes that it reflects his personal views, not his employer’s — is a proponent of the patchwork system because, he writes, it offers multilayered protection for Americans. The problem with it, he argues, is that it doesn’t lend itself to simple storytelling.

“Europe’s privacy narrative is simple and appealing,” Mr. Fleischer wrote in mid-March. If the United States wants to foster trust in American companies operating abroad, he added, it “has to figure out how to explain its privacy laws on a global stage.”

Other technology experts, however, view the patchwork quilt of American privacy laws as more of a macramé arrangement — with serious gaps in consumer protection, particularly when it comes to data collection online. Congress should enact a baseline consumer privacy law, says Leslie Harris, the president of the Center for Democracy and Technology, a public policy group that promotes Internet freedom.

“I don’t think this fight is about branding,” Ms. Harris says. “We’ve been trying to get a comprehensive privacy law for over a decade, a law that would work for today and for technologies that we have not yet envisioned.”

Many Americans are aware that stores, Web sites, apps, ad networks, loyalty card programs and so on collect and analyze details about their purchases, activities and interests — online and off. Last year, both the United States and the European Union proposed to give their citizens greater control over such commercial data-mining.

If the American side now appears to be losing the public relations battle, as Mr. Fleischer suggested, it may be because Europe has forged ahead with its project to modernize data protection. When officials of the United States and the European Union start work on a free trade agreement in the coming months, the trans-Atlantic privacy regulation divide is likely to be one of the sticking points, analysts say.

“We really are an outlier,” says Christopher Calabrese, legislative counsel for privacy-related issues at the American Civil Liberties Union in Washington.

For the moment, officials on either side of the Atlantic seem to be operating at different speeds.

In January 2012, the European Commission proposed a new regulation that could give citizens in the E.U.’s 27 member states some legal powers that Americans now lack. These include the right to transfer text, photo and video files in usable formats from one online service provider to another. American consumers do not have such a national right to data portability, and have to depend on the largesse of companies like Google, which permits them to download their own YouTube videos or Picasa photo albums.

A month after Europe proposed to update its data protections, the Obama administration called on Congress to enact a “consumer privacy bill of rights” that would apply to industries not already covered by sectoral privacy laws. These could include data brokers, companies that collect details on an individual’s likes, leisure pursuits, shopping habits, financial status, health interests and more.

The White House’s blueprint for legislation, for example, would give Americans the right to some control over how their personal data is used, as well as the right to see and correct records that companies hold about them. The White House initiative broadened the historical American view of privacy as “the right to be let alone” — a definition put forward by Louis Brandeis and Samuel Warren in 1890 — to a more modern concept of privacy as the right to commercial data control.

“We can’t wait,” a post on the White House blog effused at the time.

A year later, the data protection regulation proposed by the European Commission has been vetted by a number of regulators and committees of the European Parliament. The document now has several thousand amendments, some developed in response to American trade groups that had complained that certain provisions could hinder innovation and impede digital free trade. Peter Hustinx, the European data protection supervisor, said last Wednesday that European officials hoped to enact the law by next spring.

In the United States, by contrast, a year after the Obama administration introduced the notion of a consumer privacy bill of rights, a draft has yet to be completed, let alone made public.

Cameron F. Kerry, the general counsel of the Commerce Department and the official overseeing the privacy effort, was not available to comment last week. In a phone interview in January, however, Mr. Kerry said that the agency was working on legislative language to carry out the White House’s plan.

“The idea is to have baseline privacy protections for those areas not covered today by sectoral regimes,” Mr. Kerry said. He added: “We think it is important to do it in a way that allows for flexibility, that allows for innovation, and is not overly prescriptive.”

Chris Gaither, a Google spokesman, said his company was “engaging on important issues” like security breach notification and declined to comment on consumer privacy legislation. But at least some American technology companies suggest that a baseline privacy law could benefit both consumers and companies. In a statement last year, Microsoft said national privacy legislation could help ensure “that all businesses are using, storing and sharing data in responsible ways.”

With stronger European data rights and trade negotiations pending, Ms. Harris, of the Center for Democracy and Technology, says Congress may feel pressure to pass privacy legislation. That would represent a big change for American consumers as well as a better privacy sound bite abroad.

“We either have to enact our own law or we are going to have to comply with other countries’ laws,” Ms. Harris says. “But doing nothing may no longer be the answer.”

E-mail: slipstream@nytimes.com.

Article source: http://www.nytimes.com/2013/03/31/technology/in-privacy-laws-an-incomplete-american-quilt.html?partner=rss&emc=rss

Filed Under: Global Business Tagged With: , ,

European Court Rejects Bid to Limit News on Celebrities

May 11, 2011 by Leave a Comment

The European Court of Human Rights in Strasbourg, France, on Tuesday struck down a legal bid to strengthen the privacy protections for public figures. At the same time, individuals have been turning to the Internet to circumvent British reporting restrictions that protect these figures, turning Twitter into a sort of WikiLeaks for celebrity tell-alls.

In the Strasbourg decision, the European court rejected a bid by Max Mosley, former president of the governing body of Formula One auto racing, to require news organizations to notify the subjects of articles before publication. The court said such a requirement would have had a “chilling effect” on freedom of speech.

The lawsuit stemmed from a 2008 article in The News of the World, a racy British tabloid, with the headline “F1 boss has sick Nazi orgy with 5 hookers” and was based on video shot secretly by one of the participants.

Mr. Mosley, a son of Oswald Mosley, former leader of the British Union of Fascists, sued The News of the World, saying the paper had not bothered to check the story with him before publishing. A British court called the article a flagrant invasion of Mr. Mosley’s privacy and fined the paper £60,000, or nearly $100,000. The court said there was no evidence of Nazi behavior in the sex session and thus no justification for publication.

When confronted by tabloids with similar exposés, or simply with allegations of garden-variety extramarital affairs, many British celebrities have gone to court to secure injunctions against publication. In some cases, these injunctions even bar newspapers from acknowledging the existence of the court order.

Even before the European court ruling on Tuesday, however, such injunctions were being undermined by a force that is arguably more powerful than British privacy law: the Internet.

Since the weekend, Twitter has been abuzz with speculation about public figures who may have obtained such court orders. An unidentified user of the service posted six short messages in which he or she listed well-known soccer stars, actors and others who had supposedly received injunctions preventing the press from reporting on suspected affairs.

By Tuesday evening, the Twitter feed had attracted about 80,000 followers.

British newspapers have been lobbying against the use of these injunctions, denouncing them as one of a number of perceived threats to freedom of speech in Britain, along with the country’s tough libel laws.

“Highlighting the perceived evils of British privacy and defamation law certainly seems to be paying off for Fleet Street,” said Amber Melville-Brown, a media specialist at the law firm Withers in London.

The government recently introduced legislation to overhaul the defamation laws. On Tuesday, officials said they were considering changes to the privacy laws, too, in an effort to bring them into the digital age.

“We are in this crazy situation where information is available freely online that you are not able to print in newspapers,” Jeremy Hunt, the British culture secretary, said. “We are in a situation where technology, and Twitter in particular, is making a mockery of the privacy laws that we have, and we do need to think about the regulatory environment. It should be Parliament that decides where we draw the line on our privacy law.”

While Internet forums like Twitter, under European Union law, have generally not been held accountable for the information posted on them, individuals can be sued for comments that are libelous or that invade others’ privacy. But Twitter, like many other big Internet companies, is based in the United States, putting it outside British jurisdiction.

“People blogging and reporting online are subject to the same laws,” Ms. Melville-Brown said. “It’s just a question of enforcement.”

In his case before the European court, Mr. Mosley, the former president of the International Automobile Federation, argued that British media laws violated the European Convention on Human Rights by failing to protect him from intrusions into his private life. He sought a requirement that newspapers and other media give the subjects of their articles a chance to respond before the papers appeared on the newsstand.

The court rejected Mr. Mosley’s claim, saying there were already sufficient privacy protections in place in Britain.

“Although punitive fines and criminal sanctions could be effective in encouraging prenotification, that would have a chilling effect on journalism, even political and investigative reporting, both of which attracted a high level of protection under the convention,” the court wrote. “That ran the risk of being incompatible with the convention requirements of freedom of expression.”

Mr. Mosley said he planned to appeal the decision to the Grand Chamber of the Strasbourg court.

Article source: http://www.nytimes.com/2011/05/11/business/media/11privacy.html?partner=rss&emc=rss

Filed Under: Global Business Tagged With: , ,