The US Department of Commerce has issued a notice seeking comment on the impact of current privacy laws on Internet innovations, such as cloud computing models, under which companies can collect and store information in different locations throughout the world,. In particular, the department is looking at the cross-over between these new innovations and current privacy laws, including whether those laws “serve consumer interests and fundamental democratic values.” Among the questions about which the department is seeking input is the impact various differing state data breach notification laws have on commerce (including companies’ compliance costs associated therewith), as well as how international privacy laws impact corporations’ compliance costs. In its request for comments, the department points out the role it has historically played in policies that have “helped commerce over the Internet flourish,” including its role in the U.S.-EU Safe Harbor Program (which it administers). The department also references in its notice the work being done by the FTC and the FCC in the privacy area, and indicates that it will coordinate with both bodies in moving forward with its work. Comments are due to the Department of Commerce by June 7, 2010. After receiving comments, the department plans to issue a report which may include potential regulatory and/or self-regulatory steps to address privacy and innovation.
TIP: When developing plans that involve using consumer information, companies should keep in mind that bodies other than those we normally think of – FTC, state attorneys general – are interested and may become active in the online privacy area. We will continue to monitor both the Department of Commerce’s activities in the privacy area, as well as the activities of other government bodies like the FTC and the FCC.