Policy making used to be about consensus and compromise. Once upon a time, if you convened a diverse group of participants, each with different interests and sensitivities, and came to an agreed upon understanding, you could declare victory. Imagine the group that came to this agreement consisted of entities ranging from civil liberties groups to industry trade associations. In 2013, that’s practically a unicorn.
And yet, it happened. In 2012, for the first time ever, the U.S. National Telecommunications and Information Administration (NTIA) convened a multi-stakeholder process on mobile privacy. After more than a year of work, privacy groups like Consumer Action, World Privacy Forum, FPF and the ACLU, and industry including the App Developers Alliance, Intuit, AT&T, Verizon, CTIA, SIIA and the Internet Commerce Coalition, came together in July to support a code of conduct for mobile app developer transparency.
Now, the NTIA multi-stakeholder process is taking a lot of criticism in the press. It didn’t go far enough. Or it went too far. It wasn’t focused. It was messy.
To that, we say, “Of course it was – this is how consensus is built.” The NTIA group may not have fundamentally altered the state of privacy in America. It wasn’t supposed to. Instead, it is one part of a broader strategy for incremental progress to develop flexible but enforceable privacy codes of conduct in the U.S. And yes, it was messy. Debate and compromise among stakeholders with divergent viewpoints will always be. The NTIA success is all the greater when one considers it came to a modest consensus in the absence of any immediate legislative or technical threat. This stands in stark contrast to the ongoing Do Not Track debate in the W3C. In the face of technical browser implementations and proposed legislation, the W3C group has yet to agree to anything, leaving the call for Do Not Track unanswered.
The NTIA multi-stakeholder process should be applauded because it demonstrates that we can compromise – something that is becoming far less common in today’s polarized policy making environment. It should be supported because instead of a stalemate, we moved forward – standardized mobile privacy notices are now being deployed and tested in the field. It should be encouraged and yes, improved upon, because although it was not perfect, it was and is a step in the right direction for American consumers.