Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
FBI unbolts Steve Jobs 1991 investigation file
Cisco boosted profit, sales in Q2 while cutting costs
Macs take on the enterprise
Four crazy tech ideas from Google's Solve for X project
Obama 2012 campaign playlist revealed courtesy of Spotify
Oracle buying Taleo for US$1.9 billion in direct hit at SAP
Amazon attacks Apple: You get 3 Kindle products for price of iPad 2
Pre-rendered pages highlight latest Google Chrome release
Microsoft exec: Lync-Skype integration a 'compelling opportunity'
The future of hypervisors
/

U.S., FTC and private sector offer remedies for online privacy

Today's breaking news
Send to a friendFeedback

By James Niccolai
IDG News Service, 7/22/98

The U.S. Federal Trade Commission and an alliance of businesses and associations yesterday presented two separate proposals for protecting consumers' privacy online, with the industry group arguing that the measures are sufficient to make further government regulation of the Internet unnecessary.

Along with the FTC, Christine Varney, a former FTC commissioner and adviser to industry body the Online Privacy Alliance, which includes Microsoft Corp. and America Online, Inc. among its members, presented the proposals this morning to a U.S. House Subcommittee holding hearings on electronic commerce and privacy.

FTC officials said that while they remain hopeful that government regulation can be avoided, the private sector must demonstrate that its program has been implemented and widely adopted by year-end. Otherwise, "additional government authority in this area would be appropriate and necessary," FTC officials told the committee, according to an agency statement.

At the center of the debate is the need to protect information submitted by consumers online -- be it credit card numbers, health information or a simple telephone number. Most observers agree that some form of additional measures needs to be taken to protect the public data from misuse; at issue is who should control what steps are taken.

The Online Privacy Alliance aims to keep regulation within the private sector. Its plan calls for the formation of "objective third parties" who would ensure that Web sites comply with certain principles of conduct laid down last month by the alliance. The third parties would also be required to ensure that a mechanism is in place that would allow consumers to file complaints when violations are found.

The third parties would award identifiable "seals" to Web sites, signifying to consumers that the operator of the site conforms to the alliance's privacy principles. Those guidelines include letting people know what will be done with the personal information they submit, and prohibiting Web sites from collecting information from children under 13 without parental consent.

At least two such seal programs exist today, operated by Truste and the Better Business Bureau (BBB Online), Online Privacy Alliance adviser Varney said. Many alliance members are already part of one of these two programs and others plan to use these or similar programs soon, Varney said in a teleconference discussing the proposal.

But critics say self-regulation has proven itself insufficient to protect the privacy needs of consumers. To protect consumers' rights, they say, the U.S. Congress should enact legislation enabling the FTC to craft baselines for protecting privacy during commercial interactions.

"We believe that, on its own, self-regulation will fail to provide meaningful privacy protections for individual privacy," Deirdre Mulligan, of the Center for Democracy and Technology, said in testimony before the committee, according to a CDT statement.

Just last month the FTC issued a report on Internet privacy that lambasted the online industry for failing to encourage voluntary adoption of even the most basic online fair information practices.

Acknowledging that there have been several promising self-regulatory initiatives in recent months, FTC Chairman Robert Pitofsky said considerable barriers must be surmounted for self-regulation to work.

The FTC presented the committee with a legislative model that it says should be enacted before year-end if the private sector's proposal does not prove successful. Under the proposal, all commercial Web sites that collect personal information online would be required to comply with four basic practices:

  • Inform consumers what types of information they collect and how they use it,
  • Offer consumers choices about how the site operators can use the information provided,
  • Offer consumers reasonable access to the information and the ability to correct inaccuracies,
  • Protect the security and integrity of personal information submitted.

    "The implementation of these practices will vary by industry and with technological developments," FTC officials told the committee. "For this reason, the Commission recommends that any legislation be phrased in general terms and be technologically neutral."

    The FTC's proposals are not that different from the principles proposed by the Online Privacy Alliance. The difference is that the FTC would force Web sites to comply, while the alliance hopes that Web site operators will comply based on their own self interest -- because doing so will earn them a recognizable "seal of approval" from one of the third-party validators.

    In addition to crafting federal laws to protect privacy, the CDT said the industry should look to technologies that protect privacy, such as anonymizers and P3P -- the Platform for Privacy Preferences. Such technologies may be effective across the global and decentralized environment of the Internet, where law or self-regulation may fail, CDT's Mulligan said.

    Development of such privacy enhancing programs will require the U.S. Congress to loosen its current encryption policy, which is "interfering with the availability of technical tools that protect privacy," Mulligan said.

    The Online Privacy Alliance's next step is to wage a public information campaign to inform consumers how the seal program works, and to encourage businesses and associations to comply with it, Varney said.

    The FTC, meanwhile, will be monitoring its progress.

    • RELATED LINKS

    The Online Privacy Alliance Web site

    Senators introduce E-privacy bill
    Network World Fusion, 5/12/98

    Consortium takes a shot at sorting out Web privacy and marketing interests
    Network World, 7/7/97

    P3P overview
    from the World Wide Web Consortium.

    Apply for your free subscription to Network World. Click here. Or get Network World delivered in PDF each week.

    Get Copyright Clearance
    Request a reprint or permission to use this article.


    NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
    Click here to sign up!
    New Event - WANs: Optimizing Your Network Now.
    Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
    Attend FREE
    Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.