REQUEST TO PARTICIPATE

Individuals and organizations may submit requests to participate as panelists and may recommend topics for inclusion on the agenda. The requests and recommendations should be submitted electronically to privacyroundtable@ftc.gov. Prospective panelists for the third roundtable should submit a statement detailing their expertise on the issues to be addressed and contact information, no later than February 12, 2010. Panelists will be selected based on expertise and the need to include a broad range of views.

RELATED FTC PUBLICATIONS

• Self-Regulatory Principles for Online Behavioral Advertising (2009)
  
• Protecting Consumers in the Next Tech-ade (2008)
• Privacy Online: Fair Information Practices in the Electronic Marketplace (2000)
• Privacy Online: A Report to Congress (1998)
  

FTC PRIVACY POLICY

For additional information, including routine uses permitted by the Privacy Act, see the Commission’s comprehensive Privacy Policy.

DISABILITY ACCOMODATIONS

Both roundtable venues are accessible to people with disabilities. For the second roundtable, interested parties may obtain additional information about campus access at http://dsp.berkeley.edu/access.html. If you need an accommodation related to a disability, please call Carrie McGlothin at 202-326-3388. Such requests should include a detailed description of the accommodations needed and a way to contact you if we need more information. Please provide advance notice.

COMMENTS

Interested parties are invited to submit written comments electronically or in paper form. Comments should refer to "Privacy Roundtables - Comment, Project No. P095416", to facilitate the organization of comments. Please note that your comment -- including your name and your state -- will be placed on the public record of this proceeding, including on the publicly accessible FTC website, at www.ftc.gov/os/publiccomments.shtm.  The comment period will remain open until April 14, 2010.  Commenters may address any of the issues raised at the three privacy roundtables.

Because your comment will be made public, it should not include any sensitive personal information, such as your or any other person’s Social Security Number; date of birth; driver’s license number or other state identification number, or foreign country equivalent; passport number; financial account number; or credit or debit card number. Your comment also should not include any sensitive health information, such as medical records or other individually identifiable health information. In addition, your comment should not include any "[t]rade secret or any commercial or financial information which is obtained from any person and which is privileged or confidential. . . .," as provided in Section 6(f) of the FTC Act, 15 U.S.C. 46(f), and Commission Rule 4.10(a)(2), 16 CFR 4.10(a)(2). Comments containing material for which confidential treatment is requested must be filed in paper form, must be clearly labeled "Confidential," and must comply with FTC Rule 4.9(c), 16 C.F.R. § 4.9(c).

Because paper mail addressed to the FTC is subject to delay due to heightened security screening, please consider submitting your comment in electronic form, by using the following weblink: public.commentworks.com/ftc/privacyroundtable2 (and following the instructions on the web-based form). To ensure that the Commission considers an electronic comment, you must file it on the web-based form at the weblink:  public.commentworks.com/ftc/privacyroundtable2 .

If you decide to file your comment in paper form, it should include the "Privacy Roundtables - Comment, Project No. P095416" reference both in the text and on the envelope, and should be mailed or delivered to the following address:

Federal Trade Commission
Office of the Secretary
Room H-135 (Annex P2)
600 Pennsylvania Avenue, NW
Washington, DC 20580.

The FTC is requesting that any comment filed in paper form be sent by courier or overnight service, if possible, because U.S. postal mail in the Washington area and at the Commission is subject to delay due to heightened security precautions.

The FTC Act and other laws the Commission administers permit the collection of public comments to consider and use in this proceeding as appropriate. The Commission will consider all timely and responsive public comments that it receives, whether filed in paper or electronic form. Comments received will be available to the public on the FTC website, to the extent practicable, at www.ftc.gov/os/publiccomments.shtm. As a matter of discretion, the Commission makes every effort to remove home contact information for individuals from the public comments it receives before placing those comments on the FTC website. More information, including routine uses permitted by the Privacy Act, may be found in the FTC’s privacy policy, at www.ftc.gov/ftc/privacy.shtm."

The questions for comment in conjunction with the third roundtable were:

1. How can we best achieve accountability for best practices or standards for commercial handling of consumer data?  Can consumer access to and correction of their data be made cost effective?  Are there specific accountability or enforcement regimes that are particularly effective? 
2. What potential benefits and concerns are raised by emerging business models built around the collection and use of consumer health information?  What, if any, legal protections do consumers expect apply to their personal health information when they conduct online searches, respond to surveys or quizzes, seek medical advice online, participate in chat groups or health networks, or otherwise?
3. Should “sensitive” information be treated or handled differently than other consumer information?  How do we determine what information is “sensitive”?  What standards should apply to the collection and uses of such information?  Should information about children and teenagers be subject to different standards and, if so, what should they be? 

The questions for comment in conjunction with the second roundtable were:

1. What role do privacy enhancing technologies play in addressing Internet-related privacy concerns? Consider the efficacy of technological innovations in areas such as identity management systems, new means of providing consumer notice and choice, and emerging methods of ensuring accountability in data usage. In framing comments, consider the costs and benefits of privacy-enhancing technologies in the following contexts: cloud computing services; social networking sites; online behavioral advertising; the mobile environment; services that collect sensitive data, such as location-based information; and any other contexts you wish to address. If privacy enhancing technologies do play a role in resolving privacy concerns, discuss whether and how to create incentives for the development and adoption of such technologies, and ways to ensure they are effective and useful to consumers.
2. What challenges do innovations in the digital environment pose for consumer privacy, and how can those challenges be addressed without stifling innovation or otherwise undermining benefits to consumers? For example, consider the technology and business practices that enable greater collection, use, and distribution of consumer data, including evolving methods of observation and tracking; techniques for correlating data, including the re-identification of anonymized data; the merging of data between on-line and off-line environments; and the emergence of third-party application developers in online platform environments.”
   

The initial questions for comment in conjunction with the first roundtable were:

1. What risks, concerns, and benefits arise from the collection, sharing, and use of consumer information?  For example, consider the risks and/or benefits of information practices in the following contexts: retail or other commercial environments involving a direct consumer-business relationship; data broker and other business-to-business environments involving no direct consumer relationship; platform environments involving information sharing with third party application developers; the mobile environment; social networking sites; behavioral advertising; cloud computing services; services that collect sensitive data, such as information about adolescents or children, financial or health information, or location data; and any other contexts you wish to address.
   
   
2. Are there commonly understood or recognized consumer expectations about how information concerning consumers is collected and used? Do consumers have certain general expectations about the collection and use of their information when they browse the Internet, participate in social networking services, obtain products from retailers both online and offline, or use mobile communications devices? Is there empirical data that allows us reliably to measure any such consumer expectations?  How determinative should consumer expectations be in developing policies about privacy?
   
   
3. Do the existing legal requirements and self-regulatory regimes in the United States today adequately protect consumer privacy interests? If not, what are the particular privacy interests that warrant increased protection? How have changes in technology, and in the way consumer data is collected, stored, and shared, affected consumer privacy? What are the costs, benefits, and feasibility of technological innovations, such as browser-based controls, that enable consumers to exercise control over information collection? How might increased privacy protections affect technological innovation?