Lobbyists derailed an effort by U.S. President Barack Obama's administration to create mobile privacy standards, a privacy group charged on Thursday, while some participants in the process conceded it lacked focus.
The U.S. National Telecommunications and Information Administration's year-long multistakeholder process on mobile privacy, culminating in July in a proposed code of conduct for mobile app developers, also failed to fully examine mobile data collection efforts and marketing techniques, the Center for Digital Democracy said in a report released Thursday.
"While the [Obama] administration had an opportunity to advance the privacy and consumer protection interests of the American public, it failed to engage in the serious scrutiny and leadership these issues require," Jeffrey Chester, CDD's executive director, wrote in the report. "Missing almost entirely from the more than yearlong discussion was the impact that current digital marketing, mobile, and app-related business models have on the capability of a consumer to make meaningful privacy choices."
The NTIA's decision to separate out mobile privacy for discussion ignored significant cross-platform tracking of consumers, Chester said. The privacy discussions were "dominated by industry lobbyists," leading to weak consumer safeguards, he wrote. Other privacy advocates agreed, saying they were under-represented during the discussions.
The NTIA's process was "really horrible," added Susan Grant, director of consumer protection at the Consumer Federation of America. Grant called on the Obama administration to push for a baseline consumer privacy law during an NTIA meeting Thursday afternoon to discuss lessons learned in the first round of discussions. After a baseline privacy law, multistakeholder discussions could fill in some gaps, Grant said.
The NTIA's process also lacked focus and an agenda and needed more expert testimony about mobile privacy practices, other participants in the discussions said Thursday's meeting at the NTIA. The NTIA has additional privacy discussions planned. The data collection practices discussed during the NTIA meetings often didn't echo real-life practices, said Morgan Reed, executive director at the Association for Competitive Technology, a trade group representing app developers.
Other participants criticized the process for allowing contentious attacks during the discussions.
Some participants defended the NTIA and the process, however. Critics wanting more progress should realize that major change happens "incrementally" in Washington, D.C., said Stuart Ingis, counsel to the Digital Advertising Alliance, a self-regulatory advertising group.
Even though the process was flawed, the group has produced the mobile code of conduct that's now being tested, said Michelle De Mooy, senior associate for national priorities with Consumer Action. With no real deadline in the NTIA process, industry participants had little incentive to move forward with any initiatives, but the group eventually approved the code of conduct, she said.
ACT's Reed commended participants for being able to "manage the chaos" of the process to come up with a code of conduct.
CDD's report, coming from a group critical of the process from the onset, raised some legitimate issues, De Mooy said in an interview. But there was also a need for privacy advocates who "engaged in the process despite its flaws," she said.
The NTIA also defended the process, with a spokeswoman saying Thursday's meeting is an effort to improve moving forward. "The process involved true give-and-take," she said. "Stakeholders started with widely disparate views but came together and reached compromises to find common ground."
The multistakeholder discussions were a new process for the NTIA, Lawrence Strickling, the agency's administrator, said at Thursday's meeting. "We know this was different," he said. "It has been a learning experience for all of us."
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is firstname.lastname@example.org.