White House Drone Privacy Plan relying on "stakeholders" empowers Big Data lobby, not public
By: Jeff Chester | Feb 16 2015
Yesterday's White House announcement on drones (see attached) has the Administration relying on an inadequate approach to protect consumer/individual privacy. It relies on the very ineffective "multistakeholder" process, operated by the Commerce Department, to develop self-regulatory rules for drone related commercial data practices. This is practically a guarantee that either no rules will ever be written--or if they are-- will favor the ubiquitous and always advancing Big Data driven collection system already in place (across our devices, applications, etc.).
CDD has been involved with these stakeholder meetings for more than two years (run by the NTIA). First on mobile apps and currently focused on facial recognition. This process has failed to ensure there has been adequate and independent analysis of current and pending digital data collection practices; it has been largely dominated by industry lobbyists, who outnumber the few consumer and privacy groups that can participate; many of the leading companies, including Google and Facebook, have not been forthcoming about their own data practices (so there is a lack of actual market information); it is not diverse or representative; and there is no attempt to develop a comprehensive approach to the problem (which would reflect Pres. Obama's Privacy Bill of Rights framework, issued three years ago this month, and was a supposed mandate for this group to begin with).
We don't know who is advising President Obama on Internet privacy. But they do him a disservice when they support so-called multistakeholder approaches. The theory about such proceedings is that businesses and civil society can do a better job and move faster than government when developing Internet related policy. But it’s not the case. With industry stakeholders (online data companies, their trade associations and partners) dominating the process, there is absolutely no incentive for them to adopt a code of conduct or principles that would undermine their revenues. Protecting user privacy is the last thing they want because it undercuts their business model and operational practices. Since the Commerce Department (or in the case of another similar multistakeholder initiative run by the W3C on Do Not Track) has a largely hands-off approach to the proceedings, there is no effective counter-force telling the industry (who pay the bills in the case of W3C and have large political clout in the case of DC) that it must operate responsibly. As a consequence, the mobile transparency "code of conduct" has been adopted by very few and it has failed to address the ever growing data gathering practices of the mobile app industry (and the Commerce led process also failed to address many of the basics on app data use). In the case of facial recognition, it is fair to say that there is growing concern from privacy groups that the process isn’t capable of delivering control to an individual on the use of their facial and biometric information.
The White House should have asked the Federal Trade Commission to spearhead work on protecting our privacy from commercial drone use. What are needed are independent experts on privacy--not a lobbyist dominated forum. The FTC could convene various groups, other agencies, and propose effective privacy controls for individuals and communities. What the White House gave the data collection industry yesterday, was a drone delivered Valentine's gift.