The world needs independent, non-profit organizations to oversee a set of binding Internet privacy standards which would be more dynamic than laws, but stricter than the in-house rules of individual corporations, said HP's Vice President and Chief Privacy Officer Scott Taylor Thursday.
He told reporters that although congressional action is badly needed, laws and regulations alone will not be able to keep up with emerging technology and practices.
Taylor advocated a combination of overarching laws and a binding corporate code of conduct that would cross jurisdictions.
"We need a global set of trust agents who can provide objective evaluations of a company's compliance with privacy rules," he said. "A patchwork of laws across the country and around the world makes it very difficult to manage a global company."
Taylor said he envisions international non-profit organizations that would be certified by governments and give consumers recourse for privacy complaints.
He said he supports legislative action and is "encouraged" by provisions included in a yet-to-be introduced privacy bill from Sen. John Kerry, D-Mass.
He said any rules need to address how information is used, not necessarily how it is gathered.
"There are places where tracking is vital, like for fraud prevention," Taylor said. "But there are certainly places where people should have a choice. I think most concerns are about how information is used. We'll just have to accept that it's being gathered."
The traditional mode of "notice and choice," which often involves lengthy legal notices, is outdated, he said. A notice system should be more based on consumer-friendly labels like those for nutritional information on food, Taylor said.