"While more work remains to be done on Do Not Track, the Commission believes that the developments to date are significant and provide an effective path forward," the testimony states.
The report, titled "Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers," advocates three main principles for protecting consumer privacy: First, companies should adopt a "privacy by design" approach by building privacy protections into their everyday business practices. Second, companies should provide simpler and more streamlined choices to consumers about their data practices. Third, companies, particularly those that don't deal directly with consumers, such as data brokers, should take steps to make their data practices more transparent by, for example, improving their privacy disclosures and giving consumers reasonable access to the data that companies maintain about them.
According to the testimony, the new FTC privacy report also commends initiatives undertaken by a number of companies that have begun to step up to the challenge since the agency first voiced its support for a Do Not Track mechanism in 2010: Microsoft, Mozilla, Apple and Google, as well as initiatives by the online advertising industry through the Digital Advertising Alliance and the World Wide Web Consortium, an international standard-setting body. Yahoo also today announced global implementation of Do Not Track. In a statement announcing its plans for allowing visitors to opt out of tracking, Yahoo maintained that allowing advertisers to regulate themselves was the best and quickest way to introduce protections to the market place without sacrificing innovation or value creation.
The privacy report also recommends that data brokers that compile information for marketing purposes make their operations more transparent by exploring creation of a centralized website to identify themselves, and that they disclose how they collect and use consumer data. The website would detail the choices that these data brokers provide consumers about their own information.
The Commission recommends Congress consider enacting general privacy legislation, and that it enact data security and breach notification legislation and targeted legislation to address data brokers, the testimony states. It also urges individual companies and self-regulatory bodies to accelerate the adoption of the principles contained in the privacy framework, to the extent they have not already done so.