The report also calls for a review of the Electronic Communications Privacy Act (ECPA) to ensure adequate privacy protections in cloud-computing and location-based service environments. It alsorecommends the creation of a federal "baseline" privacy law, says a report in Telecom Reports Daily.
The TRDaily story is based on a leaked copy of the draft Commerce Department report, which the publication says it has obtained. The TRDaily Web site is password protected but a was posted on a blog maintained by the law firm Hogan Lovells International LLP.
The Commerce Department did not immediately respond to Computerworld's inquiry about the purported document.
The draft of the Commerce department report is already being reviewed by the White House as part of a broader effort by the Obama Administration to .
The White House has already established a special task force, led by Christopher Schroeder, assistant attorney general at the Department of Justice, and Cameron Kerry, general counsel of the Commerce Department and brother of Sen. John Kerry (D-Mass.) The task force will work on transforming the Commerce Department's recommendations into policy.
According to TRDaily, the 54-page Commerce department report, titled "Privacy and Information Innovation: A Dynamic Privacy Framework for the Internet Age," makes 10 specific recommendations for Internet privacy.
It also raises numerous questions on many of those recommendations. Of those questions, the one about the FTC's appropriate role in online privacy matters is perhaps the most important to address, said Amy Mushahwar, an attorney at Reed Smith LLP in Washington D.C.
The FTC currently only has the authority to suggest voluntary guidelines for companies to follow on Internet privacy matters. What it has been seeking for sometime is new rule-making authority, Mushahwar said.
"What the FTC is looking for is FCC-like rule-making authority where it can send out a notice of proposed rulemaking and where it can enact rules that can be enforced by a bureau of the FTC," Mushahwar said.
Whether it will be granted that authority in the new Congress, however, remains to be seen, she said.
The Commerce's department's recommendations regarding revisions to the ECPA and the need for a data breach law area also significant, she said. So too is its call to establish a baseline privacy law based on an expanded set of Fair Information Practice Principles (FIPP), she said.
According to the Commerce department report, the goal of any ECPA revisions should be to ensure a fair balance between individual privacy expectations and law enforcement needs in a changing technology environment. Similarly, any baseline privacy law that is enacted should work in concert with existing state laws and should not preempt them, the report notes.
It also calls for the creation of a privacy policy office to be housed either within the Executive Offices of the President or within Commerce. The office will have new enforcement authority and will serve only to guide industry-specific and multi-stakeholder privacy initiatives.
The Commerce department report was developed by its Internet Policy Task Force. The team includes members from the office of Commerce secretary Gary Locke, the National Telecommunications and Information Administration, the International Trade Administration, and the National Institute of Standards and Technology, the TRDaily noted.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at or subscribe to . His e-mail address is .
in Computerworld's Privacy Topic Center.