Chris Babel, TrustArc’s Chief Executive Officer, will testify today before the House Judiciary Subcommittee on “New Technologies and Innovations in the Mobile, and Online space, and the Implications for Public Policy”.
Mr. Babel will share new privacy technologies developed by TRUSTe to address consumer privacy in the mobile and online environments. He will also speak to the merits of self-regulation, the progress made by industry to date, and the need to provide adequate time for privacy best practices to evolve in the marketplace. His testimony is available here and excerpted below:
The Privacy Explosion: New Privacy Challenges and Technologies to Address Them
The rollout of new technologies and platforms continues at a rapid pace and companies like TRUSTe that offer privacy solutions must move as quickly. The industry shift to mobile devices and the cloud, the growth of online behavioral advertising, and changing global standards have created new privacy challenges, particularly given the underlying reality that data is easier to collect, cheaper to store and faster to analyze (often referred to as “Big Data”) than ever before.
Mobile & Wireless Devices
Mobile devices – especially smartphones – present unique privacy challenges because they are carried by many consumers at all times and are in a state of perpetual data collection. TRUSTe has attempted to meet these challenges in the mobile space in several ways:
-
- In 2010 TRUSTe launched the industry’s first mobile app privacy certification program, leveraging technology to verify app data collection and requiring extra privacy protections around sensitive data collections like user location data. That same year we also introduced an innovative privacy policy format for mobile devices that makes privacy policies readable and user-friendly on mobile devices.
- In 2011, TRUSTe released a free online privacy policy generator leveraging this mobile format, allowing app developers nationwide to create policies for their apps and mobile websites.
- In 2012 TRUSTe partnered with the Application Developers Alliance to educate mobile developers on important privacy issues as part of a countrywide educational roadshow. This year, we also launched TRUSTed Mobile Ads, a pioneering technology platform that notifies consumers of tracking on their mobile devices and enables them to opt-out if they desire.
Online Behavioral Advertising
Consumers have historically been under educated regarding targeted advertising and did not have meaningful control over their data. Industry has banded together to form an organization called the Digital Advertising Alliance (DAA). This effort, spearheaded by the American Association of Advertising Agencies, the American Advertising Federation, the Association of National Advertisers, the Better Business Bureau, the Direct Marketing Association and the Interactive Advertising Bureau has developed www.aboutads.info to educate consumers and give them control over targeted ads
TRUSTe is a service provider for this industry effort. Our TRUSTed Ads program is a technology platform that provides consumers with privacy notice and opt-out choice for targeted advertising on web pages and display ads where tracking occurs. Today we are the largest independent provider of compliance technology for the DAA program.
Changing Global Standards
Privacy has become a global issue and other countries have adopted different frameworks and regulations. As an EU Safe Harbor Provider since 2001, we have helped many clients comply with the EU’s unique data protection requirements around data transfers. Earlier this year, we began delivering privacy solutions to provide users choice and notice under the EU’s new “Cookie Laws” which regulate online tracking and targeted advertising.
These solutions include our EU Cookie Audit, a powerful auditing technology that can detect and report on all first and third-party tracking mechanisms present on a website. Our clients operating in the EU have used this auditing technology to gain key insight into the scope of data collection on their properties and to prepare for compliance with EU privacy laws. These clients then use our TRUSTed Consent Manager on their sites to allow consumers to express or withdraw their consent to be tracked. The Consent Manager can be implemented based on the specific requirements of each EU Member State’s Cookie Law.
Self Regulation Works
TRUSTe has helped thousands of companies self-regulate their online privacy practices for 15 years and this experience has reinforced our belief that self regulation is a critical component to any privacy framework. We think that there are at least 3 reasons why self regulation works when it comes to online privacy and data protection:
Self-Regulation Facilitates Global Best Practices. Self-regulatory programs like those offered by TRUSTe can integrate national and international privacy frameworks into a unified program that allows companies to satisfy regulatory requirements and best practices from around the globe.
Self-Regulation Can Evolve With Technology – Online privacy frameworks must be dynamic, like the technology they regulate. At TRUSTe, we are constantly adding and updating our program requirements to keep pace with the fascinating and rapidly changing technologies we are seeing in the marketplace.
Self-Regulation Can Provide Strong Incentives for Compliance – Self-regulation can encourage compliance by industry through participation incentives. Two important incentives include:
-
- Safe harbors to help foster the growth and promotion of best practices, which in turn are critical to the overall success of a self-regulatory framework.
- Due Process to preserve incentives for companies to certify and self-regulate their privacy practices within voluntary frameworks. Under TRUSTe’s certification process, due process includes appropriate confidentiality and adequate procedural safeguards, and the opportunity to cure a mistake.