In a letter to the Commerce Department’s National Telecommunications and Information Administration (NTIA), Franken (pictured) said plans proposed by the Digital Advertising Alliance (DAA) contain “several limitations that may make it insufficient to fully protect web users’ privacy”.

He points out that the DAA plan might not work with existing browser-based do-not-track systems and that it “may not respect browser settings that block tracking by default”.

“Browsers need not be required to make do-not-track their default setting,” Franken said, “but all browsers should contain a do-not-track option that is clearly and conspicuously available to users [and] all entities that engage in tracking should be obligated to fully respect do-not-track systems, regardless of whether these systems are default settings.”

The DAA’s do-not-track proposal provides an exemption for data collected for market research and product development purposes. Franken doesn’t refer to this directly in his letter, however he acknowledges that context is “a critical principle when dealing with web tracking”.

“The same search data that allows a search engine to adapt its results to a specific person’s needs also allows that search engine to potentially provide an advertiser with a history of that person’s search habits,” said Franken. “Websites must maintain a clear boundary between internal uses and external uses [of data] and make sure that where data could used outside its original context, user transparency and control are enhanced.”

Franken’s comments follow the release in February of a consumer privacy bill of rights, produced by the White House, which called for the establishment of a “multi-stakeholder process” to develop privacy codes of conduct for US companies.

NTIA has been tasked with implementing that process and amassing comments from interested parties, including the Marketing Research Association (MRA).

In its submission, MRA says it has written to the Commerce Department before to express concern that “agencies and policymakers cannot design a one-size-fits-all approach to privacy, particularly since certain industries and processes, such as survey and opinion research, bear so little resemblance to more commonly understood processes like e-commerce and marketing”.

“MRA wishes to ensure that any codes of conduct developed by the multi-stakeholder process incorporate a broad range of potentially impacted stakeholders, rather than simply the usual suspects,” writes government affairs director Howard Fienberg.