My next line of questioning comes from just a little bit of personal experience I've had. Believe it or not, I had a life before politics. I was a database administrator, and I understand that corporate data is a company's greatest asset, outside of its human resources. Of course what we're talking about here is what we do with data that's collected wittingly or unwittingly, knowingly or unknowingly, and how it's utilized after the fact, whether it's identifying an individual personally or whether it's data that's simply collected and assembled into information to provide marketing research or whatever is prevalent today.
The informed consent question is one I think we need to flesh out. We've heard many witnesses here talk about the devil being in the default settings that apply. We've heard horror stories, with all due respect to the lawyers in the room, about 15 pages of legal jargon. Of course users have a choice to either accept or not accept all of it in its entirety, perhaps without even knowing exactly what it is they're agreeing to.
Would I get consensus from the three of you that there needs to be a more simple process by which end users can be engaged in this and have confidence in knowing what it is they're agreeing to when they choose to use a free app they've downloaded, when they choose to sign up on a Facebook site or anything else of that particular nature, which may or may not track their personal use and information while online?