Principles for Multi-Stakeholder Process NTIA World Privacy Forum Skip to Content Javascript must be enabled for the correct page display Home Connect With Us: twitter Vimeo email Main Navigation Hot Topics

Principles for Multi-Stakeholder Process NTIA

February 23 2012

Civil society groups believe that protecting the online privacy of consumers is crucial to ensuring the availability, utility, and vitality of the Internet. For any approach to privacy to be meaningful, it must reflect fair information practices, including mechanisms to assure accountability. The US Department of Commerce is proposing a multi-stakeholder process for developing better applications of privacy principles. For the multi-stakeholder process to succeed, it must be representative of all stakeholders and must operate under procedures that are fair, transparent, and credible. We believe the following baseline principles will provide the multi-stakeholder process the legitimacy it needs to succeed.

Principles

1. No multi-stakeholder process can succeed unless consumer representation is robust and reasonably balanced. Only consumer representatives can determine who speaks for consumers. 2. To the greatest extent practicable, the multi-stakeholder process should occur in the open with public sessions and public documents. All substantial decisions must be made in open sessions. 3. Any stakeholder may submit proposals and those proposals must be addressed and resolved within the consensus process. 4. Participants, but not necessarily observers, must specifically identify their employer and/or the group, industry, or organization whose interest they represent. 5. There must be a fair opportunity for public engagement at all levels of the stakeholder process. Stakeholders must be allowed to communicate with members of their communities about the multi-stakeholder process in any way that the stakeholders see fit, including use of electronic processes such as web sites, social media, and other methods. 6. The formal publication of any consensus document or decision must include dissenting views and statements. 7. Decisions must be based on a fair and broad consensus among stakeholders rather than a majority vote by participants. The process should seek to resolve issues through open discussion, balance, mutual respect for different interests, and consensus. 8. A multi-stakeholder process needs to be fully informed by stakeholders from civil society. As such, in person meetings may only be scheduled if adequate resources are made available to facilitate in person participation by civil society. Otherwise, meetings may only be conducted electronically to facilitate equal participation by all stakeholders. Meeting locations must be chosen with robust input from civil society stakeholders. 9. All stakeholders must receive a copy of a draft document at least ten days prior to consideration or presentation of the document at any level of the stakeholder process. 10. At the end of 12 months or at any other time, civil society participants may decide to reevaluate the multi-stakeholder process and make recommendations for changes in rules, procedures, or process.

Signatories

World Privacy Forum American Civil Liberties Union Center for Digital Democracy Consumer Action Consumer Federation of America Consumers Union Consumer Watchdog Electronic Frontier Foundation National Consumers League Privacy Rights Clearinghouse U.S. PIRG Document information: Publication date: February 23 2012
Authors: Signatory organizations
Permalink: http://www.worldprivacyforum.org/wp-content/uploads/2012/04/MultiStakeholderPrinciples2012fs.pdf Background: The principles were created in a general consensus process under Chatham House Rules in several meetings beginning December 2011, and concluding Feb. 23, 2012. WPF led the meetings. Posted February 23 2012 in Future of Privacy, Key Resource, NTIA Multistakeholder Process, Public Comments, Public Policy, Self-regulation, U.S. Department of Commerce Tags: Civil Society Joint Principles Next »Leading Civil Society Groups Agree on Key Principles the Commerce Privacy Process Must be Fair, Transparent, Credible « PreviousWPF Facebook Page WPF updates and news CALENDAR EVENTS

WHO Constituency Meeting WPF co-chair

6 October 2022, Virtual

OECD Roundtable WPF expert member and participant Cross-Border Cooperation in the Enforcement of Laws Protecting Privacy

4 October 2022, Paris, France and virtual

OECD Committee on Digital and Economic Policy fall meeting WPF participant

27-28 September 2022, Paris, France and virtual more Recent TweetsWorld Privacy Forum@privacyforum·7 OctExecutive Order On Enhancing Safeguards For United States Signals Intelligence Activities The White House https://www.whitehouse.gov/briefing-room/presidential-actions/2022/10/07/executive-order-on-enhancing-safeguards-for-united-states-signals-intelligence-activities/Reply on Twitter 1578431679592427526Retweet on Twitter 1578431679592427526Like on Twitter 1578431679592427526TOP REPORTS National IDs Around the World — Interactive map About this Data Visualization: This interactive map displays the presence... Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974 This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process. COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic The COVID-19 pandemic strained the U.S. health ecosystem in numerous ways, including putting pressure on the HIPAA privacy and security rules. The Department of Health and Human Services adjusted the privacy and security rules for the pandemic through the use of statutory and administrative HIPAA waivers. While some of the adjustments are appropriate for the emergency circumstances, there are also some meaningful and potentially unwelcome privacy and security consequences. At an appropriate time, the use of HIPAA waivers as a response to health care emergencies needs a thorough review. This report sets out the facts, identifies the issues, and proposes a roadmap for change.