Senators John Kerry and John McCain have introduced an Internet privacy bill that would require companies to clearly spell out the types of data they collect from consumers online and how it's used; it would also require corporate safeguards from hackers and other criminals. (Federal Trade Commission Chairman Jon Leibowitz is visiting Consumer Reports' headquarters in Yonkers, NY, today. We'll have a follow-up to this post with his comments about the proposed bill.)
[UPDATE: For more details about what FTC Chairman Leibowitz had to say about this bill, see our post, FTC chairman Leibowitz: Do Not Track will happen even without legislation. Also check out the video interview with the head of the FTC, conducted by The Consumerist's Executive Editor, Meghann Marco. —Ed.]
The bill, which is backed by the Obama administration, would also create a Commercial Privacy Bill of Rights to give consumers more control over how their personal data is collected and shared among third parties. Should the bill become law, it would affect well-known online heavyweights such as Google and Facebook, as well as less-conspicuous marketing firms such as Epsilon. (Earlier this month, hackers broke into Epsilon's database, stealing millions of consumer e-mail addresses given by Epsilon clients including Citigroup, Disney, JP Morgan Chase, and Walgreens for online marketing efforts.)
Consumer Reports experts have been tracking the rise of online threats to consumer privacy for years. In last year's "State of the Net" report, we noted the increasing risks posed by social networking sites such as Facebook. (Our 2011 "State of the Net" report will update the threats of online privacy—including risks posed by smart phones.)
Consumers Union, the non-profit publisher of Consumer Reports, applauds Washington's efforts to address consumer concerns. Said Ioana Rusu, Regulatory Counsel for Consumers Union:
This is an important step forward in giving people more control over their personal information online. For the first time, all businesses would have to operate under consistent, mandatory standards for online privacy protection. To us, that's progress.