Presentation for a recent discussion on the role of self-regulation in defining online privacy frameworks. I moderated this panel discussion at the ABA\'s 2011 Annual Meeting which was held in Toronto, Canada. Our all star panel - FTC Cmr. Brill, Canada\'s Privacy Stoddart, Stu Ingis and Paolo Balboni.
The Ultimate Guide to Choosing WordPress Pros and Cons
Law Keep Up Tech Self-Regulation
1. Can the Law Keep Up with
Technology?
Can Self Regulation help?
ABA Antitrust Section - Practical Privacy Series
ABA Annual Meeting
Toronto, Canada
August 6, 2011
2. Our Panelists
• Commissioner Julie Brill – U.S. Federal
Trade Commission
• Privacy Commissioner Jennifer Stoddart –
Office of the Privacy Commissioner of
Canada
• Dr. Paolo Balboni – Director, European
Privacy Association
• Stuart Ingis – Partner, Venable LLP
• Moderator – Saira Nayak, Nayak Strategies
3. Our Topic
Can Self Regulation help?
Let’s examine the following questions:
1. Is Self Regulation is an essential part of a
consumer data protection framework?
2. What should Self Regulation look like in the
consumer data context?
We will start our presentation by identifying the
underlying theories and key elements of self-
regulation.
4. Key Elements of Self Regulation
• Clear & Consistent Standards – defined by
legal/regulatory framework or voluntary
codes of conduct
• Accountability – internal & external
• Accountability Agents/3rd Party Audits
• Individual User Access
• Safe Harbor provisions – to incentivize
participation
• Consumer Education
5. Accountability
Organizations should be accountable for
complying with measures that give effect to the
fair information principles.
• Accountability is part of APEC, European,
OECD & PIPEDA frameworks
• Art. 29 WP guidance – to ensure that
controllers are more generally in control and in
the position to ensure and demonstrate
compliance with data protection principles in
practice.
• CIPL Accountability– 5 essential elements
6. Self vs. Co Regulatory
Self Regulatory Organizations
- Cinematic Content – MPAA Rating System
- Children s Advertising & Marketing e.g. CARU,
ICTI s Toy Marketing Guidelines Europe
- Online Advertising in the US e.g. MMA
Guidelines, ANA & NAI Guidelines
Co Regulatory Organizations
- Online Advertising in Europe
- OBA Notice & Choice – DAA scheme, browser-
based choice (Chrome, Explorer, Firefox)
8. Digital Advertising Alliance
(DAA)
• Self regulatory program for online behavioral
advertising
• www.AboutAds.Info
9. Self-Regulatory Principles for
Online Behavioral Advertising
• Education
• Transparency
• Consumer Control
• Data Security
• Material Changes to
Existing OBA Policies
and Practices
• Sensitive Data
• Accountability
10. Advertising Option Icon
The Advertising Option Icon and
accompanying language appears
in or near online advertisements or
on Web pages where data is
collected and used for behavioral
advertising.
• The Icon indicates adherence to the Principles.
• By clicking on the Icon, consumers can link to:
– a clear disclosure statement
– an easy-to-use opt-out mechanism
13. DAA Consumer Choice
Mechanism
• The Consumer Opt-Out
Page www.AboutAds.info
gives consumers the
ability to conveniently opt-
out of some or all
participating companies
online behavioral ads, if
they choose
• Organizations can now
register to participate and
be listed on the Consumer
Opt-Out Page
14. CBBB and DMA Commence
Accountability Programs
• CBBB and DMA have
complementary
Accountability Programs to:
– Monitor the marketplace
externally for data that
suggests non-compliance with
key notice and choice
requirements
– Follow-up directly with non-
complying entities
– Report non-compliance and
refer uncorrected non-
compliance to government
16. EU Trustmarks
• Action 17 EU Digital Agenda – conduct
an impact assessment for EU online
trustmarks in 2011.
• Art. 29 Working Party Opinion 3/2010 –
suggests development of certification
programs or seals as a way to implement
the Accountability principle.
17. Trustmarks
Electronic labels or visual representations
indicating that an e-merchant has demonstrated
its conformity to standards regarding, e.g.,
security, privacy, and business practice.
=