This week, the Direct Marketing Association (DMA) provided written comments to the National Telecommunications and Information Administration (NTIA) in response to the agency’s June 2014 request for public comment on Big Data and the Consumer Privacy Bill of Rights.
DMA provided comments to NTIA in the following areas:
- Benefits of Big Data. The NTIA should consider, from the outset, the benefits of big data and the successful track record of the current U.S. approach to privacy regulation. The collection and use of data for marketing purposes has been supporting our nation’s economy for more than 100 years.
- Value of Self-Regulation. Consumers have enjoyed both meaningful privacy protections and the benefits of data-driven marketing under the existing U.S. approach in which enforceable industry self-regulatory principles supplement certain sector-specific laws. DMA and Digital Advertising Alliance (DAA) self-regulatory programs are examples of how the data-driven marketing industry effectively regulates its marketing data practices, delivering enhanced transparency and control to consumers.
- Applicability of the “Consumer Privacy Bill of Rights” to Big Data. The Administration should opt to continue its support for existing self-regulation and programs like the “safe harbors” as accepted means of providing transparency, choice, individual participation, security, and enforcement for consumers, among other goals embodied in the Fair Information Practice Principles (FIPPs). Maintaining this approach will help ensure that the U.S. remains an innovative leader in the information economy, while also providing consumers with meaningful protections.
- Notice and Choice. The notice and choice model remains a successful and effective mechanism to provide consumer privacy in an age of big data. As big data has evolved, so too have notice and choice. Through industry efforts including both self-regulation and innovation by individual companies, consumers now are provided with an array of notice and choice mechanisms.
- Data Retention Benefits Consumers and Businesses. While individual companies often institute data deletion policies according to their specific business models, government-mandated data deletion requirements could cause significant harm to consumers, including by undermining fraud prevention services and other consumer-friendly programs for which organizations retain data.
- Data Services Sector. The data services sector facilitates legitimate commercial data practices that are essential to America’s job creation, economic growth, and global leadership. It has been examined several times recently by the FTC, Congress, GAO, and other government entities, and in no case has any concrete harm or wrongdoing been identified.
- Role of De-identification Practices. De-identification procedures are common in the data-driven marketing industry, and the DMA and DAA Principles provide guidance to help ensure that data is not re-identified after any transfer of data. These methods assure that data is not connected to individuals after it has been de-identified.
- Robust Laws to Protect Against Improper Uses of Data. The expanding scope of data and advancing technology have not made existing anti-discrimination and consumer protections less valuable or less effective, and the focus of policy frameworks should continue to be on uses of data shown to be harmful to consumers, rather than on restricting the responsible use of data for marketing purposes.
- Privacy Enhancing Technologies. Improving competition around consumer privacy protections is an admirable goal, but such innovative privacy practices can best be developed by the private sector, which is better able to respond to consumer preferences than government.