Information Privacy and Innovation in the Internet Economy, 80042-80044 [2010-31971]
Download as PDF
<![CDATA[
80042
Federal Register / Vol. 75, No. 244 / Tuesday, December 21, 2010 / Notices
meeting and hearing locations, see
supplementary information.
Council Address: Pacific Fishery
Management Council, 7700 NE
Ambassador Place, Suite 101, Portland,
OR 97220.
FOR FURTHER INFORMATION CONTACT: Mr.
Chuck Tracy, telephone: (503) 820–
2280.
SUPPLEMENTARY INFORMATION:
Schedule for Document Completion and
Availability
February 17, 2011: ‘‘Review of 2010
Ocean Salmon Fisheries’’ will be mailed
to the public and posted on the Council
Web site at https://www.pcouncil.org.
March 3, 2011: ‘‘Preseason Report I–
Stock Abundance Analysis for 2011
Ocean Salmon Fisheries’’ will be mailed
to the public and posted on the Council
Web site at https://www.pcouncil.org.
March 22, 2011: ‘‘Preseason Report II–
Analysis of Proposed Regulatory
Alternatives for 2011 Ocean Salmon
Fisheries’’ and public hearing schedule
will be mailed to the public and posted
on the Council Web site at https://
www.pcouncil.org. The report will
include a description of the adopted
salmon management alternatives and a
summary of their biological and
economic impacts.
April 22, 2011: ‘‘Preseason Report III–
Analysis of Council-Adopted Ocean
Salmon Management Measures for 2011
Ocean Salmon Fisheries’’ will be mailed
to the public and posted on the Council
Web site at https://www.pcouncil.org.
May 1, 2011: Federal regulations for
2011 ocean salmon regulations will be
published in the Federal Register and
implemented.
srobinson on DSKHWCL6B1PROD with NOTICES
Meetings and Hearings
January 18–21, 2011: The Salmon
Technical Team (STT) will meet at the
Pacific Council office in a public work
session to draft ‘‘Review of 2010 Ocean
Salmon Fisheries’’ and to consider any
other estimation or methodology issues
pertinent to the 2011 ocean salmon
fisheries.
February 22–25, 2011: The STT will
meet at the Pacific Council office in a
public work session to draft ‘‘Preseason
Report I–Stock Abundance Analysis for
2011 Ocean Salmon Fisheries’’ and to
consider any other estimation or
methodology issues pertinent to the
2011 ocean salmon fisheries.
March 28–29, 2011: Public hearings
will be held to receive comments on the
proposed ocean salmon fishery
management options adopted by the
Pacific Council. Written comments
received at the public hearings, and a
summary of oral comments at the
VerDate Mar<15>2010
20:40 Dec 20, 2010
Jkt 223001
hearings will be provided to the Council
at its April meeting.
All public hearings begin at 7 p.m. at
the following locations:
March 28, 2011: Chateau Westport,
Beach Room, 710 W Hancock, Westport,
WA 98595, telephone: (360) 268–9101.
March 28, 2011: Red Lion Hotel,
Umpqua Room, 1313 N Bayshore Drive,
Coos Bay, OR 97420, telephone: (541)
267–4141.
March 29, 2011: Red Lion Eureka,
Evergreen Room, 1929 Fourth Street,
Eureka, CA 95501, telephone: (707)
445–0844.
Although non-emergency issues not
contained in the STT meeting agendas
may come before the STT for
discussion, those issues may not be the
subject of formal STT action during
these meetings. STT action will be
restricted to those issues specifically
listed in this document and to any
issues arising after publication of this
document requiring emergency action
under Section 305(c) of the MagnusonStevens Fishery Conservation and
Management Act, provided the public
has been notified of the STT’s intent to
take final action to address the
emergency.
Special Accommodations
The meetings are physically
accessible to people with disabilities.
Requests for sign language
interpretation or other auxiliary aids
should be directed to Ms. Carolyn Porter
at (503) 820–2280 (voice), or (503) 820–
2299 (fax) at least 5 days prior to the
meeting date.
Authority: 16 U.S.C. 1801 et seq.
Dated: December 16, 2010.
Tracey L. Thompson,
Acting Director, Office of Sustainable
Fisheries, National Marine Fisheries Service.
[FR Doc. 2010–31954 Filed 12–20–10; 8:45 am]
BILLING CODE 3510–22–P
PO 00000
Frm 00009
Fmt 4703
Sfmt 4703
DEPARTMENT OF COMMERCE
Office of the Secretary
National Telecommunications and
Information Administration
International Trade Administration
National Institute of Standards and
Technology
[Docket No. 101214614–0614–01]
RIN 0660–XA22
Information Privacy and Innovation in
the Internet Economy
Office of the Secretary, U.S.
Department of Commerce; National
Telecommunications and Information
Administration, U.S. Department of
Commerce; International Trade
Administration, U.S. Department of
Commerce; National Institute of
Standards and Technology, U.S.
Department of Commerce.
ACTION: Notice and request for public
comments.
AGENCY:
The Department of
Commerce’s Internet Policy Task Force
is conducting a comprehensive review
of the nexus between privacy policy and
innovation in the Internet economy. On
April 23, 2010, the Department
published a Notice of Inquiry seeking
comment from all Internet stakeholders
on the impact of current privacy laws in
the United States and around the world
on the pace of innovation in the
information economy. The Department
now seeks further comment on its report
entitled, ‘‘Commercial Data Privacy and
Innovation in the Internet Economy: A
Dynamic Policy Framework,’’ available
at https://www.ntia.doc.gov/
internetpolicytaskforce/. Through this
Notice requesting comments on the
report, the Department hopes to spur
further discussion with Internet
stakeholders that will lead to the
development of a series of
Administration positions that will help
develop an action plan in this important
area.
DATES: Comments are due on or before
January 28, 2011.
ADDRESSES: Written comments may be
submitted by mail to the National
Telecommunications and Information
Administration, U.S. Department of
Commerce, 1401 Constitution Avenue,
NW., Room 4725, Washington, DC
20230. Submissions may be in any of
the following formats: HTML, ASCII,
Word, rtf, or pdf. Online submissions in
electronic form may be sent to
privacynoi2010@ntia.doc.gov. Paper
SUMMARY:
E:\FR\FM\21DEN1.SGM
21DEN1
srobinson on DSKHWCL6B1PROD with NOTICES
Federal Register / Vol. 75, No. 244 / Tuesday, December 21, 2010 / Notices
submissions should include a three and
one-half inch computer diskette or
compact disc (CD). Diskettes or CDs
should be labeled with the name and
organizational affiliation of the filer and
the name of the word processing
program used to create the document.
Comments will be posted at https://
www.ntia.doc.gov/
internetpolicytaskforce/.
FOR FURTHER INFORMATION CONTACT: For
questions about this Notice contact:
Aaron Burstein, Office of Policy
Analysis and Development, National
Telecommunications and Information
Administration, U.S. Department of
Commerce, 1401 Constitution Avenue,
NW., Room 4725, Washington, DC
20230; telephone (202) 482–1880; e-mail
aburstein@ntia.doc.gov; or Manu
Bhardwaj, Office of Policy Analysis and
Development, National
Telecommunications and Information
Administration, U.S. Department of
Commerce, 1401 Constitution Avenue,
NW., Washington, DC 20230; telephone
(202) 482–4985; e-mail
mbhardwaj@ntia.doc.gov. Please direct
media inquires to NTIA’s Office of
Public Affairs at (202) 482–7002.
SUPPLEMENTARY INFORMATION:
Recognizing the vital importance of
the Internet to U.S. innovation,
prosperity, education, and political and
cultural life, the Department has made
it a top priority to ensure that the
Internet remains open for innovation.
The Department established the Internet
Policy Task Force to identify leading
public policy and operational
challenges in the Internet environment.
The Task Force leverages expertise
across many bureaus, including those
responsible for domestic and
international information and
communications technology policy,
international trade, cyber security
standards and best practices,
intellectual property, business advocacy
and export control.
Moreover, the Obama Administration
has launched an initiative to develop an
interagency policy structure for
commercial data privacy issues. The
Commerce Department’s General
Counsel Cameron Kerry and the Justice
Department’s Assistant Attorney
General for the Office of Legal Policy
Christopher H. Schroeder chair a
recently launched subcommittee of the
National Science and Technology
Council that the White House has
chartered to work on Privacy and
Internet Policy issues. Through that
vehicle, the Administration is engaging
agencies throughout the U.S.
Government in a conversation on
commercial data privacy to ensure that
VerDate Mar<15>2010
20:40 Dec 20, 2010
Jkt 223001
the Administration speaks with one
voice and takes advantage of its many
areas of expertise to promote the
development of strategic and
comprehensive Internet privacy
policies.
Background: The Department has
launched the Privacy and Innovation
Initiative to identify policies that will
enhance: (1) The clarity, transparency,
scalability and flexibility needed to
foster innovation in the information
economy; and (2) the public confidence
necessary for full citizen participation
with the Internet. On April 23, 2010, the
Department published a Notice of
Inquiry seeking public comment from
all Internet stakeholders, including the
commercial, academic and civil society
sectors, on the impact of current privacy
laws in the United States and around
the world on the pace of innovation in
the information economy.1 Through that
Notice of Inquiry, the Department
sought to understand whether current
privacy laws serve consumer interests
and fundamental democratic values.
The Department also held a symposium
on May 7, 2010, to discuss stakeholder
views and to facilitate further public
discussion on privacy policy in the
United States.2
The Department has now prepared a
report, entitled ‘‘Commercial Data
Privacy and Innovation in the Internet
Economy: A Dynamic Policy
Framework,’’ as a vehicle to spur further
discussion with Internet stakeholders on
this important area of policy
development.3
Request for Comment: This Notice
seeks input on the report. The questions
below, which also appear in Appendix
A of the report, are intended to assist in
identifying issues. They should not be
construed as a limitation on comments
that parties may submit. Comments that
contain references, studies, research and
other empirical data that are not widely
published should include copies of the
referenced materials with the submitted
comments.
(1) Should baseline commercial data
privacy principles, such as
comprehensive FIPPs, be enacted by
statute or other means, to address how
current privacy law is enforced?
1 Notice of Inquiry, Information Privacy and
Innovation in the Internet Economy, 75 FR 21226
(Apr. 23, 2010), available at https://
www.ntia.doc.gov/frnotices/2010/
FR_PrivacyNOI_04232010.pdf. Comments received
in response to this Notice of Inquiry are posted at
https://www.ntia.doc.gov/comments/1004021740175-01/.
2 The Public Meeting Notice, 75 FR 19942 (Apr.
16, 2010), and the meeting agenda are available at
https://www.ntia.doc.gov/internetpolicytaskforce/.
3 The report is available at https://
www.ntia.doc.gov/internetpolicytaskforce/.
PO 00000
Frm 00010
Fmt 4703
Sfmt 4703
80043
(2) How should baseline privacy
principles be enforced? Should they be
enforced by non-governmental entities
in addition to being the basis for FTC
enforcement actions?
(3) As policymakers consider baseline
commercial data privacy legislation,
should they seek to grant the FTC the
authority to issue more detailed rule?
What criteria are useful for deciding
which FIPPs require further
specification through rulemaking under
the Administrative Procedure Act?
(4) Should baseline commercial data
privacy legislation include a private
right of action?
(5) What is the best way of promoting
transparency so as to promote informed
choices? The Task Force is especially
interested in comments that address the
benefits and drawbacks of legislative,
regulatory, and voluntary private sector
approaches to promoting transparency.
(6) What incentives could be provided
to encourage the development and
adoption of practical mechanisms to
protect consumer privacy, such as PIAs,
to bring about clearer descriptions of an
organization’s data collection, use, and
disclosure practices?
(7) What are the elements of a
meaningful PIA in the commercial
context? Who should define these
elements?
(8) What processes and information
would be useful to assess whether PIAs
are effective in helping companies to
identify, evaluate, and address
commercial data privacy issues?
(9) Should there be a requirement to
publish PIAs in a standardized and/or
machine-readable format?
(10) What are consumers’ and
companies’ experiences with systems
that display information about
companies’ privacy practices in contexts
other than privacy policies?
(11) What are the relative advantages
and disadvantages of different
transparency-enhancing techniques in
an online world that typically involves
data from multiple sources being
presented through a single user
interface?
(12) Do these (dis)advantages change
when one considers the increasing use
of devices with more limited user
interface options?
(13) Are purpose specifications a
necessary or important method for
protecting commercial privacy?
(14) Currently, how common are
purpose specification clauses in
commercial privacy policies?
(15) Do industry best practices
concerning purpose specification and
use limitations exist? If not, how could
their development be encouraged?
E:\FR\FM\21DEN1.SGM
21DEN1
srobinson on DSKHWCL6B1PROD with NOTICES
80044
Federal Register / Vol. 75, No. 244 / Tuesday, December 21, 2010 / Notices
(16) What incentives could be
provided to encourage companies to
state clear, specific purposes for using
personal information?
(17) How should purpose
specifications be implemented and
enforced?
(18) How can purpose specifications
and use limitations be changed to meet
changing circumstances?
(19) Who should be responsible for
demonstrating that a private sector
organization’s data use is consistent
with its obligations? What steps should
be taken if inconsistencies are found?
(20) Are technologies available to
allow consumers to verify that their
personal information is used in ways
that are consistent with their
expectations?
(21) Are technologies available to help
companies monitor their data use, to
support internal accountability
mechanisms?
(22) How should performance against
stated policies and practices be
assessed?
(23) What incentives could be
provided to encourage companies to
adopt technologies that would facilitate
audits of information use against the
company’s stated purposes and use
limitations?
(24) Should the FTC be given
rulemaking authority triggered by
failure of a multi-stakeholder process to
produce a voluntary enforceable code
within a specified time period?
(25) How can the Commerce
Department best encourage the
discussion and development of
technologies such as ‘‘Do Not Track’’?
(26) Under what circumstances
should the PPO recommend to the
Administration that new policies are
needed to address failure by a multistakeholder process to produce an
approved code of conduct?
(27) How can cooperation be fostered
between the National Association of
Attorneys General, or similar entities,
and the PPO?
(28) Do FIPPs require further
regulatory elaboration to enforce, or are
they sufficient on their own?
(29) What should be the scope of FTC
rulemaking authority?
(30) Should FIPPs be considered an
independent basis for FTC enforcement,
or should FTC privacy investigations
still be conducted under Federal Trade
Commission Act Section 5 ‘‘unfair and
deceptive’’ jurisdiction, buttressed by
the explicit articulation of the FIPPs?
(31) Should non-governmental
entities supplement FTC enforcement of
voluntary codes?
(32) At what point in the development
and of a voluntary, enforceable code of
VerDate Mar<15>2010
20:40 Dec 20, 2010
Jkt 223001
conduct should the FTC review it for
approval? Potential options include
providing an ex ante ‘‘seal of approval,’’
delaying approval until the code is in
use for a specific amount of time, and
delaying approval until enforcement
action is taken against the code.
(33) What steps or conditions are
necessary to make a company’s
commitment to follow a code of conduct
enforceable?
(34) What factors should breach
notification be predicated upon (e.g., a
risk assessment of the potential harm
from the breach, a specific threshold
such as number of records, etc.)?
(35) Are there lessons from sectorspecific privacy laws—their
development, their contents, or their
enforcement—that could inform U.S.
commercial data privacy policy?
(36) Should a preemption provision of
national FIPPs-based commercial data
privacy policy be narrowly tailored to
apply to specific practices or subject
matter, leaving states free to regulate
emerging technologies? Or should
national policy, in the case of
legislation, contain a broad preemption
provision?
(37) How could a preemption
provision ensure that federal law is no
less protective than any existing state
laws? What are useful criteria for
comparatively assessing how protective
different laws are?
(38) To what extent should state
Attorneys General be empowered to
enforce national commercial data
privacy legislation?
(39) Should national FIPPs-based
commercial data privacy legislation
preempt state unfair and deceptive trade
practices laws?
(40) The Task Force seeks case studies
and statistics that provide evidence of
concern—or comments explaining why
concerns are unwarranted—about cloud
computing data privacy and security in
the commercial context. We also seek
data that links any such concerns to
decisions to adopt, or refrain from
adopting, cloud computing services.
(41) The Task Force also seeks input
on whether the current legal protections
for transactional information and
location information raise questions
about what commercial data privacy
expectations are reasonable and whether
additional protections should be
mandated by law. The Task Force also
invites comments that discuss whether
privacy protections for access to
location information need clarification
in order to facilitate the development,
deployment and widespread adoption of
new location-based services.
(42) The Task Force seeks information
from the law enforcement community
PO 00000
Frm 00011
Fmt 4703
Sfmt 4703
regarding the use of ECPA today and
how investigations might be affected by
proposed amendments to ECPA’s
provisions.
Dated: December 16, 2010.
Gary Locke,
Secretary of Commerce.
Lawrence E. Strickling,
Assistant Secretary for Communications and
Information.
´
Francisco J. Sanchez,
Under Secretary of Commerce for
International Trade.
Patrick Gallagher,
Director, National Institute of Standards and
Technology.
[FR Doc. 2010–31971 Filed 12–20–10; 8:45 am]
BILLING CODE 3510–60–P
CORPORATION FOR NATIONAL AND
COMMUNITY SERVICE
Notice of Establishment of the White
House Council for Community
Solutions
Corporation for National and
Community Service (CNCS).
ACTION: Notice of establishment of the
White House Council for Community
Solutions.
AGENCY:
Pursuant to the Federal
Advisory Committee Act, as amended (5
U.S.C. Appendix 2), the Chief Executive
Officer, CNCS, announces the
establishment of the White House
Council for Community Solutions by
Presidential Executive Order. The
Council will focus on highlighting ways
to enlist more Americans and leaders
across sectors to help catalyze change in
communities and have an impact in
addressing our nation’s important goals
in education, youth development and
employment.
DATES: The White House Council for
Community Solutions was established
on December 14, 2010 by Presidential
Executive Order.
ADDRESSES: The public is invited to
submit written statements to the
Council by electronic mail: Send written
statements to the Council’s electronic
mailbox at
WhiteHouseCouncil@cns.gov.
The public can follow the Council’s
work by visiting its Web site: https://
www.serve.gov/communitysolutions.
FOR FURTHER INFORMATION CONTACT:
Susannah Washburn, Executive
Director, White House Council for
Community Solutions, Corporation for
National and Community Service, 1201
New York Avenue, NW., Washington,
DC 20525, swashburn@cns.gov.
SUMMARY:
E:\FR\FM\21DEN1.SGM
21DEN1
]]>Agencies
[Federal Register Volume 75, Number 244 (Tuesday, December 21, 2010)]
[Notices]
[Pages 80042-80044]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2010-31971]
-----------------------------------------------------------------------
DEPARTMENT OF COMMERCE
Office of the Secretary
National Telecommunications and Information Administration
International Trade Administration
National Institute of Standards and Technology
[Docket No. 101214614-0614-01]
RIN 0660-XA22
Information Privacy and Innovation in the Internet Economy
AGENCY: Office of the Secretary, U.S. Department of Commerce; National
Telecommunications and Information Administration, U.S. Department of
Commerce; International Trade Administration, U.S. Department of
Commerce; National Institute of Standards and Technology, U.S.
Department of Commerce.
ACTION: Notice and request for public comments.
-----------------------------------------------------------------------
SUMMARY: The Department of Commerce's Internet Policy Task Force is
conducting a comprehensive review of the nexus between privacy policy
and innovation in the Internet economy. On April 23, 2010, the
Department published a Notice of Inquiry seeking comment from all
Internet stakeholders on the impact of current privacy laws in the
United States and around the world on the pace of innovation in the
information economy. The Department now seeks further comment on its
report entitled, ``Commercial Data Privacy and Innovation in the
Internet Economy: A Dynamic Policy Framework,'' available at https://www.ntia.doc.gov/internetpolicytaskforce/. Through this Notice
requesting comments on the report, the Department hopes to spur further
discussion with Internet stakeholders that will lead to the development
of a series of Administration positions that will help develop an
action plan in this important area.
DATES: Comments are due on or before January 28, 2011.
ADDRESSES: Written comments may be submitted by mail to the National
Telecommunications and Information Administration, U.S. Department of
Commerce, 1401 Constitution Avenue, NW., Room 4725, Washington, DC
20230. Submissions may be in any of the following formats: HTML, ASCII,
Word, rtf, or pdf. Online submissions in electronic form may be sent to
privacynoi2010@ntia.doc.gov. Paper
[[Page 80043]]
submissions should include a three and one-half inch computer diskette
or compact disc (CD). Diskettes or CDs should be labeled with the name
and organizational affiliation of the filer and the name of the word
processing program used to create the document. Comments will be posted
at https://www.ntia.doc.gov/internetpolicytaskforce/.
FOR FURTHER INFORMATION CONTACT: For questions about this Notice
contact: Aaron Burstein, Office of Policy Analysis and Development,
National Telecommunications and Information Administration, U.S.
Department of Commerce, 1401 Constitution Avenue, NW., Room 4725,
Washington, DC 20230; telephone (202) 482-1880; e-mail
aburstein@ntia.doc.gov; or Manu Bhardwaj, Office of Policy Analysis and
Development, National Telecommunications and Information
Administration, U.S. Department of Commerce, 1401 Constitution Avenue,
NW., Washington, DC 20230; telephone (202) 482-4985; e-mail
mbhardwaj@ntia.doc.gov. Please direct media inquires to NTIA's Office
of Public Affairs at (202) 482-7002.
SUPPLEMENTARY INFORMATION:
Recognizing the vital importance of the Internet to U.S.
innovation, prosperity, education, and political and cultural life, the
Department has made it a top priority to ensure that the Internet
remains open for innovation. The Department established the Internet
Policy Task Force to identify leading public policy and operational
challenges in the Internet environment. The Task Force leverages
expertise across many bureaus, including those responsible for domestic
and international information and communications technology policy,
international trade, cyber security standards and best practices,
intellectual property, business advocacy and export control.
Moreover, the Obama Administration has launched an initiative to
develop an interagency policy structure for commercial data privacy
issues. The Commerce Department's General Counsel Cameron Kerry and the
Justice Department's Assistant Attorney General for the Office of Legal
Policy Christopher H. Schroeder chair a recently launched subcommittee
of the National Science and Technology Council that the White House has
chartered to work on Privacy and Internet Policy issues. Through that
vehicle, the Administration is engaging agencies throughout the U.S.
Government in a conversation on commercial data privacy to ensure that
the Administration speaks with one voice and takes advantage of its
many areas of expertise to promote the development of strategic and
comprehensive Internet privacy policies.
Background: The Department has launched the Privacy and Innovation
Initiative to identify policies that will enhance: (1) The clarity,
transparency, scalability and flexibility needed to foster innovation
in the information economy; and (2) the public confidence necessary for
full citizen participation with the Internet. On April 23, 2010, the
Department published a Notice of Inquiry seeking public comment from
all Internet stakeholders, including the commercial, academic and civil
society sectors, on the impact of current privacy laws in the United
States and around the world on the pace of innovation in the
information economy.\1\ Through that Notice of Inquiry, the Department
sought to understand whether current privacy laws serve consumer
interests and fundamental democratic values. The Department also held a
symposium on May 7, 2010, to discuss stakeholder views and to
facilitate further public discussion on privacy policy in the United
States.\2\
---------------------------------------------------------------------------
\1\ Notice of Inquiry, Information Privacy and Innovation in the
Internet Economy, 75 FR 21226 (Apr. 23, 2010), available at https://www.ntia.doc.gov/frnotices/2010/FR_PrivacyNOI_04232010.pdf.
Comments received in response to this Notice of Inquiry are posted
at https://www.ntia.doc.gov/comments/100402174-0175-01/.
\2\ The Public Meeting Notice, 75 FR 19942 (Apr. 16, 2010), and
the meeting agenda are available at https://www.ntia.doc.gov/internetpolicytaskforce/.
---------------------------------------------------------------------------
The Department has now prepared a report, entitled ``Commercial
Data Privacy and Innovation in the Internet Economy: A Dynamic Policy
Framework,'' as a vehicle to spur further discussion with Internet
stakeholders on this important area of policy development.\3\
---------------------------------------------------------------------------
\3\ The report is available at https://www.ntia.doc.gov/internetpolicytaskforce/.
---------------------------------------------------------------------------
Request for Comment: This Notice seeks input on the report. The
questions below, which also appear in Appendix A of the report, are
intended to assist in identifying issues. They should not be construed
as a limitation on comments that parties may submit. Comments that
contain references, studies, research and other empirical data that are
not widely published should include copies of the referenced materials
with the submitted comments.
(1) Should baseline commercial data privacy principles, such as
comprehensive FIPPs, be enacted by statute or other means, to address
how current privacy law is enforced?
(2) How should baseline privacy principles be enforced? Should they
be enforced by non-governmental entities in addition to being the basis
for FTC enforcement actions?
(3) As policymakers consider baseline commercial data privacy
legislation, should they seek to grant the FTC the authority to issue
more detailed rule? What criteria are useful for deciding which FIPPs
require further specification through rulemaking under the
Administrative Procedure Act?
(4) Should baseline commercial data privacy legislation include a
private right of action?
(5) What is the best way of promoting transparency so as to promote
informed choices? The Task Force is especially interested in comments
that address the benefits and drawbacks of legislative, regulatory, and
voluntary private sector approaches to promoting transparency.
(6) What incentives could be provided to encourage the development
and adoption of practical mechanisms to protect consumer privacy, such
as PIAs, to bring about clearer descriptions of an organization's data
collection, use, and disclosure practices?
(7) What are the elements of a meaningful PIA in the commercial
context? Who should define these elements?
(8) What processes and information would be useful to assess
whether PIAs are effective in helping companies to identify, evaluate,
and address commercial data privacy issues?
(9) Should there be a requirement to publish PIAs in a standardized
and/or machine-readable format?
(10) What are consumers' and companies' experiences with systems
that display information about companies' privacy practices in contexts
other than privacy policies?
(11) What are the relative advantages and disadvantages of
different transparency-enhancing techniques in an online world that
typically involves data from multiple sources being presented through a
single user interface?
(12) Do these (dis)advantages change when one considers the
increasing use of devices with more limited user interface options?
(13) Are purpose specifications a necessary or important method for
protecting commercial privacy?
(14) Currently, how common are purpose specification clauses in
commercial privacy policies?
(15) Do industry best practices concerning purpose specification
and use limitations exist? If not, how could their development be
encouraged?
[[Page 80044]]
(16) What incentives could be provided to encourage companies to
state clear, specific purposes for using personal information?
(17) How should purpose specifications be implemented and enforced?
(18) How can purpose specifications and use limitations be changed
to meet changing circumstances?
(19) Who should be responsible for demonstrating that a private
sector organization's data use is consistent with its obligations? What
steps should be taken if inconsistencies are found?
(20) Are technologies available to allow consumers to verify that
their personal information is used in ways that are consistent with
their expectations?
(21) Are technologies available to help companies monitor their
data use, to support internal accountability mechanisms?
(22) How should performance against stated policies and practices
be assessed?
(23) What incentives could be provided to encourage companies to
adopt technologies that would facilitate audits of information use
against the company's stated purposes and use limitations?
(24) Should the FTC be given rulemaking authority triggered by
failure of a multi-stakeholder process to produce a voluntary
enforceable code within a specified time period?
(25) How can the Commerce Department best encourage the discussion
and development of technologies such as ``Do Not Track''?
(26) Under what circumstances should the PPO recommend to the
Administration that new policies are needed to address failure by a
multi-stakeholder process to produce an approved code of conduct?
(27) How can cooperation be fostered between the National
Association of Attorneys General, or similar entities, and the PPO?
(28) Do FIPPs require further regulatory elaboration to enforce, or
are they sufficient on their own?
(29) What should be the scope of FTC rulemaking authority?
(30) Should FIPPs be considered an independent basis for FTC
enforcement, or should FTC privacy investigations still be conducted
under Federal Trade Commission Act Section 5 ``unfair and deceptive''
jurisdiction, buttressed by the explicit articulation of the FIPPs?
(31) Should non-governmental entities supplement FTC enforcement of
voluntary codes?
(32) At what point in the development and of a voluntary,
enforceable code of conduct should the FTC review it for approval?
Potential options include providing an ex ante ``seal of approval,''
delaying approval until the code is in use for a specific amount of
time, and delaying approval until enforcement action is taken against
the code.
(33) What steps or conditions are necessary to make a company's
commitment to follow a code of conduct enforceable?
(34) What factors should breach notification be predicated upon
(e.g., a risk assessment of the potential harm from the breach, a
specific threshold such as number of records, etc.)?
(35) Are there lessons from sector-specific privacy laws--their
development, their contents, or their enforcement--that could inform
U.S. commercial data privacy policy?
(36) Should a preemption provision of national FIPPs-based
commercial data privacy policy be narrowly tailored to apply to
specific practices or subject matter, leaving states free to regulate
emerging technologies? Or should national policy, in the case of
legislation, contain a broad preemption provision?
(37) How could a preemption provision ensure that federal law is no
less protective than any existing state laws? What are useful criteria
for comparatively assessing how protective different laws are?
(38) To what extent should state Attorneys General be empowered to
enforce national commercial data privacy legislation?
(39) Should national FIPPs-based commercial data privacy
legislation preempt state unfair and deceptive trade practices laws?
(40) The Task Force seeks case studies and statistics that provide
evidence of concern--or comments explaining why concerns are
unwarranted--about cloud computing data privacy and security in the
commercial context. We also seek data that links any such concerns to
decisions to adopt, or refrain from adopting, cloud computing services.
(41) The Task Force also seeks input on whether the current legal
protections for transactional information and location information
raise questions about what commercial data privacy expectations are
reasonable and whether additional protections should be mandated by
law. The Task Force also invites comments that discuss whether privacy
protections for access to location information need clarification in
order to facilitate the development, deployment and widespread adoption
of new location-based services.
(42) The Task Force seeks information from the law enforcement
community regarding the use of ECPA today and how investigations might
be affected by proposed amendments to ECPA's provisions.
Dated: December 16, 2010.
Gary Locke,
Secretary of Commerce.
Lawrence E. Strickling,
Assistant Secretary for Communications and Information.
Francisco J. S[aacute]nchez,
Under Secretary of Commerce for International Trade.
Patrick Gallagher,
Director, National Institute of Standards and Technology.
[FR Doc. 2010-31971 Filed 12-20-10; 8:45 am]
BILLING CODE 3510-60-P
