“Do not track” legislation

“€œDo Not Track”€ Legislation, a series of legislative efforts to give internet users the option to choose to not have their online behavior tracked by third parties. Regular internet usage involves constant interaction between the user and various entities, including large corporations like Google and Facebook. During these interactions, the internet users provide identifying information to third parties. This information, such as IP addresses and browsing history, can be used to track and profile the online behaviors of the user. For example, many websites will store a piece of data, or a “cookie,” on the user’s computer. From these cookies, advertising services can determine what websites the user has visited. This record can be used to build a profile of that user’s potential interests. In turn, this behavior profile can be used to display targeted ads to which the user is more likely to respond.

The first usage of a cookie dates back to 1994; it was designed to be a mechanism for a website to remember session history between user visits. The creation of the cookie was responsible for many modern internet features, such as virtual shopping carts and persistent log-ins. Third party cookie usage was quickly identified as a consumer privacy problem, drawing the attention of the Federal Trade Commission (FTC). See David M. Kristol, HTTP Cookies: Standards, Privacy, and Politics, 1(2) ACM Transaction on Internet Technology (2001). Subsequently, internet privacy advocates have attempted to respond to this threat by proposing cookie management policies that limit or prevent the storage of cookies on a web user’s computer. Many web browsers have implemented features specifically designed for cookie control. However, successive cookie-like technologies, such as the “Local Shared Objects” stored by Adobe’s Flash, have been developed to circumvent advances in privacy controls. See Ashkan Soltani et al., Behavioral Advertising: The Offer You Cannot Refuse, 6 Harvard Law & Policy Review 273 (2012).

Privacy concerns arising from the usage this type of online behavioral tracking in social networking, advertising services, and webpage analytics have resulted in international legislative efforts to protect a web user’s ability to choose not to participate in such tracking. In March of 2011, the FTC recommended that Congress impose restrictions on web behavior tracking, including the implementation of a uniform “Do Not Track” mechanism for web browsers. Since 2011, a series of bills have been introduced in the United States based on the issue of behavioral tracking.

The “Do Not Track Me Online Act of 2011” proposed to authorize the FTC to promulgate regulations that would require companies to abide by opt-out settings. The Act would have enabled the FTC to impose fines on services that continue to track users who have chosen the no-tracking setting, while allowing exceptions for websites using such information for their own website analytics, websites serving less than 10,000 visitors per year, and websites belonging to the government. The FTC would have been authorized to enforce these regulations through random audits. H.R. 654, 112th Cong. (2011). The similarly titled “Do Not Track Online Act of 2011” proposed that the FTC establish standards by which a user could indicate whether he or she wished to opt out, but excepted information necessary to provide services requested by the user. Under this Act, the FTC would be obligated to enforce compliance with the “Do Not Track” standards. S. 913, 112th Cong. (2011). This Act was reproposed in 2013. S. 418, 113th Cong. (2013).

Also proposed in 2011 was the “Consumer Privacy Protection Act of 2011,” which proposed to balance consumer and business interests by requiring a notice and an opt-out mechanism for third-party use of personally identifiable information for targeted advertising. The FTC would have been charged with creating a safe harbor program, which would have individually excepted entities with privacy practices with substantially the same notice and data collection practices as the required by the Act. S. 799, 112th Cong. (2011).

The “Commercial Privacy Bill of Rights Act of 2011” would have required websites to provide clear notice to the users and give them the opportunity to ‘opt-out’ or ‘opt-in’ to their information being collected. This Act incorporated an exception for companies that collect data, but are conspicuous and visible to the users and have pre-existing relationships with the user. This proposal limited protection to a user’s more sensitive data such as medical, financial, and religious information. S. 799, 112th Cong. (2011).

Subsequently, the “Commercial Privacy Bill of Rights Act of 2014” was proposed. The first portion of the Act targeted companies that collect, use, transfer, or store personally identifiable information, requiring them to provide increased notice to the customer of their data usage and means to access and correct stored information. As with the “Commercial Privacy Bill of Rights Act of 2011,” tracking services must provide ‘opt-in’ or ‘opt-out’ opportunities. The second part of the Act was an amendment of the “Children’s Online Privacy Protection Act of 1998” referred to as “Do Not Track Kids Act of 2014.” It was intended to expand the prohibition on collecting information about children from websites and online services to online and mobile applications. S. 2378, 113th Cong. (2014).

The Obama administration released a draft legislation of a “Consumer Privacy Bill of Rights Act of 2012” in February of 2012. This proposal sought to provide more protection for the customer by addressing the commercial uses of personal data and information. This proposal incorporated several concepts from earlier Acts, including mandating the secured handling of customer data and ensuring a user’s ability to access and correct stored data. This draft legislation was re-introduced in 2015 as the “Consumer Privacy Bill of Rights Act of 2015” along with the companion bill the “Data Security and Breach Notification Act of 2015.” This bill expanded on the original draft by proposing to permit services and industries to create their own regulatory standards, subject to approval by the FTC. S. 1158, 114th Cong. (2015).

Although no Federal attempt at a general “Do Not Track” legislation has passed, California managed to sign “Assembly Bill AB 370” into law in 2013. This legislation amended a section of the California Business and Professions Code and required websites that collect personally identifiably information about California residents to provide explicit privacy policies. that clearly identify which types of personal information they are collecting. The bill also mandated that websites and services describe how they respond to “do-not-track” signals or other actions that indicate a user’s tracking preference.

Beyond legislative efforts, the FTC has worked with the advertisement industry to provide a private solution to unwanted behavior tracking. For example, the Digital Advertising Alliance promoted a self-regulatory solution that would permit users to opt out of targeted ads and most of the major web browsing platforms incorporate tracking control features.

Source: Essay UK - http://lecloschateldon.com/essays/law/do-not-track-legislation/


Not what you're looking for?

Search our thousands of essays:

Search:


About this resource

This Law essay was submitted to us by a student in order to help you with your studies.



Word count:

This page has approximately words.


Share:


Cite:

If you use part of this page in your own work, you need to provide a citation, as follows:

Essay UK, “Do not track” legislation. Available from: <http://lecloschateldon.com/essays/law/do-not-track-legislation/> [24-01-19].


More information:

If you are the original author of this content and no longer wish to have it published on our website then please click on the link below to request removal:


Essay and dissertation help


Latest essays in this category:


Our free essays:

badges

 
[HorribleSubs] Virtual-san wa Miteiru - 01 (1080p) | Netflix APK | Mitsubishi Mirage MT Eco Hatchback Nhập khẩu