The collapse of the government-led talks highlights the difficulty in crafting policies through voluntary negotiations with business groups instead of mandatory laws or regulations. And with consumer privacy legislation stalled in Congress, it seems unlikely that tech companies will face major new privacy restrictions anytime soon.
"I think we need to fundamentally rethink the ability of multi-stakeholder processes to produce good privacy rules," said Alvaro Bedoya, the executive director of the Center on Privacy & Technology at Georgetown University Law Center and one of the advocates who now is boycotting the discussions. "The American people need to wake up to what industry lobbying is doing to consumer privacy in Washington."
But the Commerce Department's National Telecommunications and Information Administration, which is convening the talks, isn't giving up yet. In a statement, a spokeswoman said the agency is "disappointed" in the boycott, but that that the meetings will continue with whatever groups want to participate.
"Up to this point, the process has made good progress as many stakeholders, including privacy advocates, have made substantial, constructive contributions to the group's work," the NTIA spokeswoman said. "The process is the strongest when all interested parties participate and are willing to engage on all issues."
And tech groups are vowing to forge ahead with writing a code of conduct for facial recognition software without input from the privacy groups. It is in the industry's own interest, they argue, to ensure that consumers trust their products.
"Regardless of who writes the code, I would hope that everyone could agree that it would improve consumer privacy protections," said Carl Szabo, policy counsel for NetChoice, an industry group that represents Google, Facebook, Yahoo, and other tech companies.
In early 2012, the White House unveiled a "Consumer Privacy Bill of Rights" and urged Congress to enact the protections into law. With the proposal facing long odds on Capitol Hill, President Obama directed NTIA to begin a series of "multi-stakeholder" meetings between industry groups and consumer advocates to develop privacy codes of conduct.
The codes would be voluntary, but companies that agreed to abide by them could brag to consumers about their strong privacy protections. Agreeing to a code and then violating it could result in federal enforcement for deceptive advertising.
The first area that the agency tackled was privacy on mobile apps. In 2013, consumer advocates and industry associations worked on a code for how apps should disclose the kinds of data they are collecting from users.
For the past year, the groups have been meeting to try to craft a code of conduct for facial recognition technology. But the privacy advocates became frustrated that the tech industry refused to agree that companies should have to ask permission in some cases to scan people's faces. Unnecessary restrictions could squelch promising new innovations that would ultimately be good for consumers, the industry lobbyists said.