• Meghan Musselman - Counselor Library.com/Hudson Cook

    Meghan Musselman

    Average rating: Rating: 4Rating: 4Rating: 4Rating: 4Rating: 4

    Article count: 1

    Views per article: 2026

    Subscribe to Meghan Musselman's Feed

    Meghan Musselman is an associate in the Maryland office of Hudson Cook, LLP. She represents motor vehicle dealers, sales finance companies, and lenders engaged in motor vehicle finance transactions. Meghan can be reached at 410.865.5403 or by e-mail at mmusselman@hudco.com.

    Counselor Library.com/Hudson Cook - Linthicum, MD
    410.865.5403

FTC Privacy Report

Appeared January 2011 - volume 8 - issue 1 - page 26
Article has been viewed 2027 times.

Rating: 4Rating: 4Rating: 4Rating: 4Rating: 4 - 4 ratings

Share  |  Rate  |  Comment

In our increasingly electronic economy, more and more businesses rely on the Internet to sell to customers that they could not have reached even a few years ago. In the buy here-pay here space, dealers are relying on the World Wide Web to market to new customers and generate business. Some BHPH dealers have web sites on which they will display inventory and accept credit applications. Other BHPH dealers operate or use online lead generation services to bring customers in the door. Now, the Federal Trade Commission has weighed in with a new framework for protecting consumer privacy. Dealers with any kind of electronic presence should take heed to the recommendations in the report – “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers.”

The FTC Report touches on virtually every online activity that involves the collection and use of consumer information. Although the framework is voluntary for now, it will likely serve as a model for any future privacy regulation at the federal level. Additionally, if businesses abide by the proposed framework as a self-regulatory measure, it could sway lawmakers and regulators against adopting a more formal privacy regulation regime – a good result in this era of re-regulation.

The impetus for the report and the proposed framework stems largely from the FTC’s concerns about the way businesses collect and use consumer information in an online environment. Specifically, the FTC notes that the Internet allows businesses to collect and use consumer information easily and at a relatively low cost. At the same time, consumers understand very little about how their online activities can result in the collection of personal information and how businesses can use that information.

For example, in offline activities, a business generally has to specifically request a consumer’s information, such that the consumer knows she is providing personal information to the business. In contrast, businesses can collect consumer information online simply by monitoring a consumer’s browsing habits. Consumers are largely unaware that this passive collection of data takes place and that it allows businesses to develop a user profile and to tailor advertising campaigns to their individual browsing habits. The FTC acknowledges that this kind of targeted advertising and the anticipation of a consumer’s wants and needs can be very valuable to consumers. In fact, consumers have expressed a desire to receive these kinds of personalized benefits. However, the FTC wants consumers to understand how businesses collect and use their information and to have the option to choose not to share their information.

Traditionally, the FTC has required businesses to provide consumers with notice of their privacy practices, and, in certain cases, to provide consumers with a choice to limit how the business will use their information. However, as privacy notices grow longer and more complex, consumers understand less how businesses use their information. This means that even when businesses give them a choice to limit this use, consumers sometimes fail to make an informed choice because they are overwhelmed by the complexity of the notices. To protect consumers, the FTC has sued businesses that have not adequately explained how they use consumer information or that fail to keep promises they made in their privacy notice. However, this harm-based approach only targeted the worst offenders, and only provided consumers with after-the-fact redress, rather than preventing the harm in the first place. Given that neither the notice and choice model, nor the enforcement or harm-based approach seem to work, the FTC decided to examine the state of privacy regulation and consider how it could change to provide better protection and more transparency for consumers.

The result is the FTC report, which involves three principles:

Privacy by Design: Businesses should incorporate measures to protect consumer information throughout their organizations and for the duration of the customer relationship. Businesses should safeguard data, collect only the data actually needed for a specific business purpose, dispose of data once it is no longer needed, and ensure accuracy of data.

Simplified Choice: Where consumers have a choice as to how a business will use their information, businesses should make the choices clear. Businesses do not need to offer consumers choice in order to collect and use information for: product and service fulfillment (e.g., selling and financing a car), internal operations, fraud prevention, legal compliance and public purpose (e.g. reporting delinquencies to credit bureaus), and first-party marketing. In any other event, businesses should offer consumers an opportunity to limit the use of their information in a clear, concise and easy to use way. The FTC specifically proposes a Do Not Track option to allow consumers to prevent the collection and use of their online browsing data.

Greater Transparency: Businesses should make privacy notices clearer, shorter and more standardized to allow consumers to compare information collection and use practices between businesses. Businesses should also provide consumers with reasonable access to the information they maintain. Businesses should inform consumers and obtain their consent before using any information in a way that differs from the initial disclosure. Finally, businesses should attempt to educate consumers about data privacy practices.

The FTC is currently accepting comments on this proposed framework and expects to issue a final report in 2011. BHPH dealers that operate online should consider the FTC’s proposal and how they can implement these principals into their business. At a minimum, this proposal will likely serve as a self-regulatory regime that all businesses must follow. However, chances are that the FTC or Congress will take a more formal approach and make this framework law. Be prepared.

Bookmark and Share
Rate this article

- Click with mouse to select rating.

back to top

post a comment
No comments have been posted for this article.

back to top