Google released their framework for privacy legislation, which highlights providing transparency, securing personal information, and giving people access to their personal information as key requirements of a data regulation framework.
“These principles help us evaluate new legislative proposals and advocate for responsible, interoperable, and adaptable data protection regulations,” said Keith Enright, chief privacy officer at Google, in a blog post.
Google’s framework calls for regulation to require responsible and transparent collection and use of personal data. “Regulators should encourage organizations to actively inform individuals about data use in the context of the services themselves,” the framework notes.
The company also highlighted the importance of keeping personal information secure and notifying individuals about data breaches. “Baseline precautions should apply to any collection of personal information, and additional measures should account for and be proportionate to the risk of harm,” said Google.
The framework includes calls to let people have some level of control over the data that companies collect. “Individuals must have access to personal information they have provided to an organization, and where practical, have that information corrected, deleted, and made available for export in a machine-readable format,” the framework notes.
In order to reach these goals, Google calls for regulation to hold organizations responsible for compliance, focus on the risk of harm, distinguish consumer and enterprise services, use a flexible definition of personal information, design rules to accommodate changes in technology, and avoid extra-territorial application, an issue present with the European Union’s General Data Protection Regulation. “Small businesses shouldn’t have to worry about running afoul of foreign regulators merely because a few people from another country navigate to their website or use their service,” the company notes.
The framework comes days before the company is scheduled to appear before the Senate Commerce committee on Wednesday to discuss data privacy. “I look forward to discussing these principles and Google’s work on privacy and security with the U.S. Senate later this week, and to working with policymakers and all stakeholders on regulation that protects consumers and enables innovation,” said Enright.