Describe and evaluate the different methods that are being used to protect online privacy. Which of these methods do you think is or could be the most effective?

What will be an ideal response?

The different methods being used to protect online privacy include legal protections, industry self-regulation, privacy advocacy groups, privacy protection products, and technology solutions.

In the United States, the Federal Trade Commission has taken the lead in researching online privacy and recommending legislation to Congress. The FTC has issued the Fair Information Practice (FIP) Principles, which forms the basis for its recommendations for online privacy. Two core principles are Notice/Awareness and Choice/Consent. The Notice/Awareness principle recommends that sites disclose their information practices before collecting data. The Choice/Consent principle recommends that there be a choice system in place that allows consumers to choose how their information will be used for secondary purposes other than supporting transactions. Although the FIP principles are guidelines, not laws, they have stimulated private firms to develop their own guidelines and are being used as the basis of new legislation, such as the Children's Online Privacy Protection Act (COPPA), which requires Web sites to obtain parental permission before collecting information on children under 13 years of age. Recently, the FTC has developed a new framework to address consumer privacy. The main principles are privacy by design, simplified choice, and greater transparency, applied to all commercial entities that collect or use consumer data, not just those that collect PII. It has also called for a "Do Not Track" mechanism for online behavioral advertising. As with FIP, these principles remain guidelines. The emphasis in recent FTC privacy reports is not on restricting the collection of information (as in previous eras of privacy regulation), but instead on giving consumers rights with respect to the information collected about them in large databases and its use by various businesses and agencies. Although several bills have been introduced in Congress to implement them, none have been passed as of yet.

Historically, the online industry in the United States has opposed online privacy legislation, arguing that industry can do a better job of protecting privacy than government. However, facing fines, congressional investigations, and public embarrassment over their privacy invading behaviors, with the potential loss of some business and credibility, the major players in the e-commerce industry in the United States are beginning to change some of their policies regarding the treatment of consumer data. Large Internet firms that rely on personal information (Google, Facebook, Microsoft, and many others), along with privacy advocates, are calling on Washington to develop comprehensive consumer privacy protection legislation that would clarify for consumers and business firms the meaning of privacy in the current online commercial environment.

The online industry formed the Online Privacy Alliance (OPA) to encourage self-regulation. In addition, the Network Advertising Initiative, a consortium of major Internet advertising companies, was formed to develop policies for the industry. The NAI policies are designed to offer consumers opt-out programs and to provide consumers with redress for abuses. Other forms of self-regulation include various "seals" of approval that sites can display when in compliance with certain privacy policies. However, these seal programs have had a limited impact on Web privacy practices and critics argue that the programs are not particularly effective in safeguarding privacy.

In general, industry efforts at self-regulation in online privacy have not succeeded in reducing American fears of privacy invasion during online transactions or in reducing the level of privacy invasion.

In addition a number of firms have sprung up to sell products that they claim will help people protect their privacy, from protecting their online reputation to selling their personal information to the highest bidder. Consumer privacy groups have also formed to monitor developments, and there are some technological solutions that help, although primarily in the arena of security. Technological tools include spyware blockers, pop-up blockers, methods to secure e-mail, anonymous remailers, anonymous surfing, and cookie managers.

[Student evaluations of which methods are the most effective will vary.]