Internet companies need to build consumer privacy and data controls into their online services to protect their brands, gain trust from their users, avoid civil lawsuits and prevent government probes, according to two regulators from the U.S. and Canada.
For those reasons, privacy and data protection can't be an afterthought for businesses, even if they are small Web startups without an in-house legal department, the two officials said on Tuesday at Web 2.0 Summit.
"I'm the guy you don't want to see, and frankly I don't want to see you either," said David Vladeck, director of the U.S. Federal Trade Commission's Bureau of Consumer Protection, after jokingly comparing his role to that of a gym teacher at a high school prom.
"You need to be sensitive to privacy and data concerns," he added.
Among his tips: Businesses shouldn't collect data they don't need, and they shouldn't hold on to the data they do collect for longer than they need to. Both mistakes increase the company's vulnerability to data breaches that make them liable to legal and regulatory sanctions and that hurt their customers, he said.
"This is an issue you can't relegate to the back burner," he said.
The FTC is particularly concerned with Internet companies' collection of data from minors, which can be illegal in certain scenarios, and with the commercialization of face recognition software and tools, he said.
Ann Cavoukian, Information and Privacy Commissioner of Ontario, Canada, said that it's wrong to think that privacy controls and data protection diminish the capacity for a company to innovate. "That's a false dichotomy," she said.
The opposite is true, she said. "Privacy is an enabler of innovation." Companies that give consumers tools to manage and control the personally identifiable data collected on them will also get an edge over competitors who don't, she said.
Cavoukian recommended that conference attendees familiarize themselves with a series of best practices, methodology and principles in a website her agency has created called Privacy by Design.
Vladeck and Cavoukian answered questions on stage from Alexander Macgillivray, Twitter's general counsel, and from audience members.