CFA and Other Groups Issue Principles for Multi-Stakeholder Privacy Process


Washington, D.C. (February 23, 2011) – In the dynamic and diverse digital economy of the 21st century consumer protection requires the collaboration and full participation of all of the major stakeholders.  Consumers, civil society groups and producers must reach a general agreement on what is and is not acceptable behavior.  Technologists in academia must identify what is and is not technically feasible.  Governments must facilitate the development of those shared understandings and put the full force of law behind them.

Efforts to impose unilateral solutions by governments, companies or civil society groups, no matter how well intended, are doomed to fail. Either they will not work because it is impossible to control the flow of information without the widespread support of the important stakeholders, or they will be forced to impose such draconian conditions that they will undermine the flow of information and seriously diminish the value of the digital economy.

Policy must strike a balance between information flow and control.  The only way to find that balance in the digital economy is through participatory governance.   Online privacy protection is only one of many such issues that we confront as the Internet matures into the dominant means of communications and commerce in the 21st century.  Intellectual property rights, cyber security, and Internet governance are currently front burner issues that involve similar challenges.

The battle between advocates of “command and control regulation” and “self-regulation” in the privacy space has raged for over a decade with little to show in terms of meaningful consumer protection.  The three pronged effort launched by the Department of Commerce and the Federal Trade Commission (a Bill of Rights, a multi-stakeholder process, and a commitment to a single-click, opt-out choice for consumers) is an effort to break the log jam that heads in the right direction.  How far we travel down that road will be decided by the stakeholders, which is the only path that can lead to success in the digital economy.

CFA has joined with other civil society groups in applauding the effort to launch a meaningful multi-stakeholder process and to recommend principles that will ensure the multi-stakeholder process is transparent, representative, participatory and fair. The legitimacy of the results depends on the legitimacy of the process.  “We still need strong privacy legislation to set the ground rules for consumer privacy,” said Susan Grant, Director of Consumer Protection at Consumer Federation of America. “This multi-stakeholder process, if designed and operated along the lines of these core principles, can also be helpful by providing guidance to industry on how to address some of the complex privacy issues that we face.”

Principles for Multi-Stakeholder Process

February 23, 2012

Civil society groups believe that protecting the online privacy of consumers is crucial to ensuring the availability, utility, and vitality of the Internet. For any approach to privacy to be meaningful, it must reflect fair information practices, including mechanisms to assure accountability. The US Department of Commerce is proposing a multi-stakeholder process for developing better applications of privacy principles. For the multi-stakeholder process to succeed, it must be representative of all stakeholders and must operate under procedures that are fair, transparent, and credible.

We believe the following baseline principles will provide the multi-stakeholder process the legitimacy it needs to succeed.


1. No multi-stakeholder process can succeed unless consumer representation is robust and reasonably balanced. Only consumer representatives can determine who speaks for consumers.

2. To the greatest extent practicable, the multi-stakeholder process should occur in the open with public sessions and public documents. All substantial decisions must be made in open sessions.

3. Any stakeholder may submit proposals and those proposals must be addressed and resolved within the consensus process.

4. Participants, but not necessarily observers, must specifically identify their employer and/or the group, industry, or organization whose interest they represent.

5. There must be a fair opportunity for public engagement at all levels of the stakeholder process. Stakeholders must be allowed to communicate with

members of their communities about the multi-stakeholder process in any way that the stakeholders see fit, including use of electronic processes such as websites, social media, and other methods.

6. The formal publication of any consensus document or decision must include dissenting views and statements.

7. Decisions must be based on a fair and broad consensus among stakeholders rather than a majority vote by participants. The process should seek to resolve issues through open discussion, balance, mutual respect for different interests, and consensus.

8. A multi-stakeholder process needs to be fully informed by stakeholders from civil society. As such, in person meetings may only be scheduled if adequate resources are made available to facilitate in person participation by civil society. Otherwise, meetings may only be conducted electronically to facilitate equal participation by all stakeholders. Meeting locations must be chosen with robust input from civil society stakeholders.

9. All stakeholders must receive a copy of a draft document at least ten days prior to consideration or presentation of the document at any level of the stakeholder process.

10. At the end of 12 months or at any other time, civil society participants may decide to reevaluate the multi-stakeholder process and make recommendations for changes in rules, procedures, or process.


World Privacy Forum                        American Civil Liberties Union                       Center for Digital Democracy

Consumer Action                            Consumer Federation of America                  Consumers Union

Consumer Watchdog                       Electronic Frontier Foundation                     National Consumers League

Privacy Rights Clearinghouse             U.S. PIRG

Jack Gillis, 202-737-0766

Consumer Federation of America is an association of nearly 280 non-profit consumer organizations that was established in 1968 to advance the consumer interest through research, education and advocacy.