Just days after lawmakers on the Senate Commerce Committee proposed privacy legislation, the ad industry's Privacy for America coalition has unveiled its wish list of items it would like to see included in a national law.
"This new approach clearly defines and would make illegal data practices that would harm consumers or otherwise make personal data vulnerable to breach or misuse, while preserving the benefits that come from the responsible use of data and ensuring the economy can grow and innovate,” the coalition stated Tuesday.
Until last year, the ad industry largely argued in favor of self-regulation. But after California passed a sweeping privacy bill, the industry reversed course and began urging federal lawmakers to enact a national law that would override state measures.
Privacy for America's 41-page proposed framework largely mirrors the current self-regulatory code -- but with a few tweaks. That code has long called for companies to allow consumers to opt out of the use of "non-sensitive" data for advertising, and to obtain opt-in consent before collecting or using "sensitive" data.
Since 2012, the code has also prohibited members from collecting any information about people in order to determine their eligibility for employment, credit, health care or insurance.
Privacy for America's framework likewise says Congress should require companies to obtain consumers' opt-in consent before obtaining “sensitive” data -- which the coalition says includes health, financial, biometric, and geolocation information, call records, private emails, and device recording and photos.
The organization also says companies should be able to draw on non-sensitive "personal information" -- including, the kind of web-browsing data relied on by ad-tech companies for targeting -- on an opt-out basis. (The group's proposed definition of personal information includes data "reasonably" linkable to particular devices or individuals.)
Privacy for America also says a privacy law should ban the use of personal information to discriminate based on factors such as race or religion, and using data to reject applicants for insurance, jobs, housing or credit.
The organization's proposed framework includes special rules regarding data on teens between the ages of 13 and 15, including an “eraser” concept that would allow people to delete material posted when they were under 16.
In 2013, California passed a version of an eraser-button law, which allows minors to remove content they have posted to social media services. The major platforms have long allowed people of all ages to delete their own posts.
The industry says enforcement should fall to the FTC and state Attorneys General.
Privacy for America, which formed earlier this year, includes the Interactive Advertising Bureau, Association of National Advertisers, American Association of Advertising Agencies and Network Advertising Initiative.
Jessica Rich, former director of the FTC's Bureau of Consumer Protection, serves as the group's consultant.
Last week, four Democrats on the Senate Commerce Committee introduced the Consumer Online Privacy Rights Act of 2019, which would require companies to obtain consumers' opt-in consent before using their web-browsing data for ad targeting.
Republican Senator Roger Wicker (Mississippi) also floated a similar, but somewhat narrower proposal.
The industry-funded think tank Future of Privacy Forum, which analyzed both Senate proposals, says the bills are “closer together on most issues than they are apart.”