Will the U.S. have soon a Data Protection Commissioner?
The Wall Street Journal reported last week that the Obama administration plans to introduce soon new Internet privacy legislation. The Wall Street Journal also reported that the administration will create a new position to oversee these efforts, which should be announced in the next few weeks, when a much anticipated U.S. Department of Commerce report on privacy will be published.
The White House National Science and Technology Council already announced last month the launch of a new Subcommittee on Privacy and Internet Policy. Its members will be representatives from more than a dozen Departments, agencies and Federal offices, and will be co-chaired by Cameron Kerry, the Department Commerce General Counsel, and by Department of Justice Assistant Attorney General Christopher Schroeder. The co-chairs wrote: “[r]ecognizing the global nature of the digital economy and society, the Subcommittee will monitor and address global privacy policy challenges and develop approaches to meeting those challenges through coordinated U.S. government action.”
According to the Wall Street Journal article, this Subcommittee should help to implement the Department of Commerce’s recommendations into policy. Although the proposals of the Department of Commerce privacy report are not yet known, one may gather some clues from Mr. Kerry’s remarks last month, when he was one of the panelists at the OECD 30th Annual Privacy Guidelines Conference in Jerusalem. He stated that “the time has come to adapt the legal and policy framework and avoid fragmented, inconsistent, and unpredictable rules that frustrate innovation and undermine essential consumer trust.”
Should this be interpreted as a U.S. commitment to have a comprehensive internet/data privacy law? Currently, the U.S. privacy laws are diverse, and legal remedies stem from federal laws, state laws, common law, and case law. Mr. Kerry was careful to add that “[b]uttressing these [privacy] laws and legal remedies is a robust system of industry self-regulation, combined with informal agency guidance and enforcement by the Federal Trade Commission and state attorneys general. Taken together, these strands weave a fabric of privacy protection as strong in practice as any omnibus system.”
Will the U.S. soon have a Data Protection Commissioner, as most Western nations do? If so, it will be interesting to find out how the new Data Commissioner will share his responsibilities with the Federal Trade Commission. Mr. Kerry stated that “[a] federal privacy office would help our efforts to bolster the role of privacy policy and urge greater privacy by design. Such an office would work closely with the FTC, while respecting its status as an independent enforcement authority.” However, the Wall Street Journal reports that the Republicans are unlikely to support a bill which would expand the Federal Trade Commission’s enforcement powers.
European Union Data Protection Commissioners have struggled in the past because of lack of enforcement powers. As the European Union may soon expand criminal penalties to enforce data protection, the U.S. will need to decide whether a comprehensive Internet privacy legislation and a Data Protection Commissioner with the power to enforce it, is the route that needs to be taken to preserve consumers’ trust in the Internet, while promoting electronic commerce, cultural and social exchange on the Internet.