The unlikeliest folks are pushing to pass broad privacy regulations these days.
On Wednesday, the Association of National Advertisers, the largest ad trade org out there, urged the Federal Trade Commission to advocate for a national privacy law that preempts the regional laws cropping up all over the country.
The FTC is collecting comments in advance of a February hearing on consumer privacy and data security, part of an ongoing series of public hearings on related topics.
“We’ve been looking at the state privacy proposals being put forward and they’re inconsistent,” said Dan Jaffe, the ANA’s group EVP of government relations. “It would be hard for anyone, let alone small and medium-sized businesses, to comply with these inconsistent standards.”
Beyond the California Consumer Protection Act set to take effect at the beginning of 2020, which has garnered most of the headlines, a bunch of other states are working on legislation of their own, including Washington state, New Jersey, Massachusetts and Oregon. Not to mention the General Data Protection Regulation in Europe and evolving privacy rules in countries around the world, from Canada and Brazil to Japan and South Korea.
“We do not have a systematic approach that goes beyond the sector analysis,” Jaffe said. “This would be the US answer to what’s happening in the United States, a global approach to privacy in the United States.”
The ANA is proposing a framework it’s calling the “New Paradigm,” which, to boil it down, places data collection into three buckets: reasonable uses, unreasonable uses and gray area uses that aren’t obviously either reasonable or unreasonable at first blush.
A reasonable use of data might be, in the ANA’s view, the collection and use of non-sensitive data for advertising purposes, so long as consumers are given transparency, notice and choice.
Unreasonable uses would be the sorts of practices that are already verboten under sectoral laws, like the Children’s Online Privacy Protection Act and the Health Insurance Portability and Accountability Act.
For data practices that are on the fence, the ANA suggests applying a reasonableness test to see if they meet certain non-negotiable criteria. Does the practice harm or benefit consumers? Is there a risk to consumers in using the data? Does the usage fit with consumer expectations?
If all that sounds a little vague, that’s because the ANA is still working with its member companies and other industry groups and associations to hammer out the details.
“When people start talking about privacy, it’s often an umbrella term and quite subjective, too,” Jaffe said. “We need to try and spell this out clearer so that it’s not based on what you feel in your gut. We’re trying to give people clear rules of the road, and that’s why we should have a national standard.”
But it’s not just the difficulty of having to comply with multiple privacy standards within the United States that the ANA and other trade bodies, like the 4As, the Interactive Advertising Bureau and the Network Advertising Alliance, object to; it’s the move away from a harm-based approach to privacy law, which is how the FTC currently approaches enforcement.
The California Consumer Protection Act, for example, prohibits a business from treating customers that opt out of data sharing any differently from those who don’t, which could have the unintended consequence of putting an end to loyalty programs, Jaffe said.
“I think the people in California are legitimately well intentioned, but we also have to set up a system that’s livable for businesses and consumers,” he said.
For the moment, that process includes lobbying, writing comment letters, more lobbying and a heck of a lot of meetings – and not just between members of the business community.
“If the consumer advocate and privacy community isn’t on board, this isn’t going to fly but we also don’t want to throw the baby out with the bathwater – and we acknowledge that there is bathwater here,” Jaffe said. “We all agree that there are problems and complexities, and that’s only become even more visible this year.”
