"Right now there are no uniform requirements on how companies regulate privacy online," U.S. Commerce Department Secretary Gary Locke said on a call with reporters. "We need a more uniform framework." Mr. Locke went on to say that the self-regulation efforts being put in place by a coalition of online ad groups are "not enough."
The Obama administration outlined its privacy suggestions in an 88-page report that covers a broad range of digital privacy issues, including advertising, cloud computing as well as addressing the differences in privacy laws internationally.
Those efforts, like today, were also put together by the Commerce Department in concert with the Federal Trade Commission and resulted in the formation of various self-regulatory programs, one of which, the Network Advertising Initiative (NAI), allowed people the ability to prevent marketers from collecting information about them online. Though the NAI is still active today, it is now participating in a broader industry program called About Ads that allows people to choose whether or not they want marketers to track and target them online.
Debate and enforcement around online privacy largely came to a halt under President George W. Bush, only to be more recently undertaken by the FTC, an independent agency. Some observers note that the Commerce report signals an important first step toward potential legislation, though Mr. Locke made clear that that was but one possibility among others.
"We're advocating the development of a baseline privacy bill of rights," Mr. Locke said. "We want stakeholders in the industry and consumer groups to participate." He went on to point out that such a bill of rights would allow for a framework that could then be enacted under legislation or new powers to the FTC.
The FTC has authority to prosecute companies under a broad guideline governing consumer protection. But the commission does not have the authority to enact what it sees as a potentially desirable solution to online privacy: a "Do Not Track" mechanism. One method the commission suggested was the development and adoption of an extension to web browsers that would filter out sites and advertisers, set by the user.
But Stuart P. Ingis, partner at Washington law firm Venable and lead counsel for the industry's About Ads program, said a scenario where such codes are anointed by the Obama administration amounts to government regulation and not self-regulation.
"The codes have to be laid out by the industry," he said. "[Commerce] and the FTC are both at some level uniquely situated to further industry efforts and keep industry's feet to the fire. But to the extent that you need government approval for an industry code, that is another way of having de facto regulation, and I don't think that's going to be effective."
Interestingly, some consumer advocates are also unhappy with the Obama administration's position. "It's good that the Department of Commerce recognizes that we have a privacy problem, but the solution is not more self-regulation," Susan Grant of the Consumer Federation of America said in a statement. "We've tried that, and it's clearly inadequate. We need a privacy law that sets the rules of the road."
According to insiders, Commerce and the FTC are in many ways competing against each other in the debate over self-regulation or legislative protections. But in effect, the FTC will most likely act as the primary enforcing body, while Commerce will play a deeper role in bridging the gap in privacy laws around the globe.
Multibillion-dollar internet companies such as Google and Facebook are increasingly facing regulatory scrutiny overseas, particularly in the European Union, which recently passed much more prescriptive and stringent online privacy laws. Silicon Valley companies have called on the Obama administration to resolve the legislative gap, thus allowing U.S. companies to remain competitive and unhindered in emerging markets abroad.
Google hailed the Commerce report in a company blog post, reading, in part, "We support the Department of Commerce's recommendation for privacy to be approached comprehensively and broadly, with a clear focus both on users and innovation on the Internet."
Jeffrey Chester of consumer-advocacy group Center for Digital Democracy said that the Obama administration's stake in the debate speaks to the concerns of the internet companies more so than it does to consumers. "What the Obama administration offered today was an 'I can collect your data anywhere in the world card,'" he said.
Follow Edmund Lee on Twitter.