European Union officials have called for tighter data rules for U.S. Internet companies. | REUTERS W.H. pursues online privacy bill

Even as it defends the National Security Agency’s controversial Internet surveillance programs, the Obama administration has been working on legislation to boost online privacy safeguards for consumers.

The fact that the administration is trying to advance such a measure — amid reports that the government can access people’s online communications — speaks to growing tensions with Europe over privacy. Top European Union officials have called for tighter data rules for U.S. Internet companies, and a base-line privacy bill would strengthen the administration’s hand in negotiating with Europe.


“The revelations of NSA surveillance have kicked into high gear European pressure on the United States to move privacy legislation forward,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center.

The administration’s proposal builds on the Consumer Privacy Bill of Rights, a blueprint the White House released last year, sources familiar with the plan said. The bill would define privacy rights and convene Internet companies and consumer advocates to hammer out industry codes of conduct based on the principles. The FTC would have the authority to enforce the codes of conduct generated by those talks.

The administration hasn’t finalized the measure but is trying to build support for it on Capitol Hill, a source with direct knowledge of the effort said. It’s not clear what impact the government shutdown has had on the effort.

“The critical path to moving something forward is to work with people in Congress,” the source said. “Suffice it to say, if this were a matter of the administration producing a bill, it would be out there already.”

The White House referred questions to the Commerce Department, which is helping to draft the legislation. A Commerce Department spokesperson declined to comment.

While the administration has been actively working on the bill since early this year, Edward Snowden’s NSA leaks have complicated the effort. On one hand, the surveillance revelations have prompted European officials to raise new concerns about U.S. Internet companies, adding urgency to the White House push for a privacy bill. But it also has made such legislation a tougher political sell, given the backlash against the NSA’s own controversial data collection.

What’s more, there’s been little appetite in Congress for legislating consumer privacy in recent years. A bill to create an online Do Not Track system failed to advance this year, as did broader privacy legislation from then-Sen. John Kerry (D-Mass.) and Sen. John McCain (R-Ariz.) in 2011.

“We continue to favor industry self-regulation and agreements between Internet companies and their users as they are proven methods for safeguarding users’ privacy while maintaining flexibility for continued creativity and innovation online,” said Michael Beckerman, president of the Internet Association, whose members include Google, Facebook and Amazon.

Rep. Lee Terry (R-Neb.), chairman of the House Energy and Commerce subcommittee overseeing consumer protection issues, said the White House reached out to him on its privacy legislation. But he said lawmakers are still getting up to speed on the complex issues involved.

“It’s very complicated, and frankly, there’s only a handful of people in here that have immersed themselves enough on that particular issue,” said Terry, who has launched a House task force on privacy. “It is so complex and so delicate, and there are so many interests that it’s really hard for someone to get their mind around it if they don’t immerse themselves. … You don’t have people just rushing to that issue.”

A Senate Commerce Committee spokesman said the White House is still refining its ideas and hasn’t shared legislative language yet. The panel’s chairman, Sen. Jay Rockefeller (D-W.Va.), is a longtime privacy advocate who reintroduced the Do Not Track bill in February.

The code-of-conduct approach has become the administration’s preferred method for creating privacy standards.

The National Telecommunications and Information Administration has invited industry and consumer groups to develop a code of conduct for the way mobile apps explain their data practices to users. The administration has supported efforts by the World Wide Web Consortium to create an industrywide Do Not Track standard, though that effort has stumbled after a large advertiser coalition pulled out last month. And President Barack Obama’s February executive order calls on industry to help develop voluntary cybersecurity standards.

Still, some trade groups are sounding a warning about the impact privacy legislation could have on companies that rely on user data.

“In any instance, it is vital that legislation not undercut the business models that fuel the Internet economy,” said Rachel Thomas, vice president of government affairs at the Direct Marketing Association, whose organization has discussed the bill with administration officials. “We need to be cautious about going down any legislative path that would have a negative impact on jobs and economic growth.”