Consumer Watchdog has joined eight other privacy advocates and quit the so-called “multi-stakeholder process” being run by the Commerce Department’s National Telecommunications Administration to develop a code of conduct for companies using facial recognition technology.
Frankly, the the process was doomed from the start. Companies had no incentive develop a code with any meaningful protections. The multi-stakeholder process was envisioned as part of the the White House Consumer Privacy Bill of Rights initiative. Key to implementation was to have been enactment of baseline privacy legislation, which has simply not happened. Without passage of privacy legislation, companies had even less reason to develop a code.
Consumer Watchdog joined the ACLU, Center for Democracy & Technology, Center for Digital Democracy, Consumer Action, Consumer Federation of America, Common Sense Media, Electronic Frontier Foundation and Alvaro M. Bedoya, the executive director of the Center on Privacy & Technology at Georgetown University Law Center in quitting the 16-month old process.
We walked out after last week’s meeting when it became clear that companies and their mouthpiece trade associations wouldn’t agree to even the most modest privacy protects.
Here are key points from the nine groups’ joint statement:
At a base minimum, people should be able to walk down a public street without fear that companies they’ve never heard of are tracking their every movement – and identifying them by name – using facial recognition technology. Unfortunately, we have been unable to obtain agreement even with that basic, specific premise. The position that companies never need to ask permission to use biometric identification is at odds with consumer expectations, current industry practices, as well as existing state law.
We have participated in this process in good faith for 16 months. We have joined working groups and offered constructive suggestions to build towards consensus. People deserve more protection than they are likely to get in this forum. Therefore, at this point, we choose to withdraw from further deliberations.
We hope that our withdrawal signals the need to reevaluate the effectiveness of multi-stakeholder processes in developing effective rules of the road that protect consumer privacy – and that companies will support and implement.
That need for reevaluation should be the key takeaway in my view. I think a multi-stakeholder process is fundamentally flawed. It’s at best a squishy, ill defined process. Privacy-protecting laws that establish formal rule-making authority are the way to go. Anything short of that is at best meaningless window dressing. Commerce’s multi-stakeholder process was nothing more than a justification for the department to tell Europeans its doing something to consumers’ protect privacy.