What is the FTC proposal, "Privacy By Design"? This U.S. government agency charged with protecting the public when it comes to commerce says companies should build privacy protections into their businesses and services from the get-go. This includes “data security, reasonable collection limits, sound retention and disposal practices, and data accuracy.” In addition, the FTC recommends that companies maintain these standards for data management for the life of a product or service.
We all agree with the FTC that most privacy policies are “generally ineffective” at explaining to users what types of information they are handing over to companies because most are “too long, are difficult to comprehend, and lack uniformity.” For this reason, the FTC proposes that all privacy policies “should be clearer, shorter, and more standardized.”
The agency's privacy guidelines could raise issues for e-commerce and online advertising. The policy outlined by the agency applies to nearly all companies “that collect or use consumer data that can be reasonably linked to a specific consumer, computer, or other device.” Due to the financial burden of the initial proposal, the FTC updated the final version to exclude business that collect data from fewer than 5,000 customers per year, and do not “share data with third parties.” However, this is a common sense approach, one that web services, mobile apps and any internet-based software developer should be already doing.
Read the full report here.