- The Washington Times - Wednesday, February 28, 2001

A wave of bills to protect on-line privacy have been introduced in Congress this year as the number of identity-theft cases skyrockets and consumers continue to view the Internet as a Web of deceit.

Six bills already have been referred to the House Energy and Commerce Committee. Several others have been referred to separate House and Senate panels.

With consumers searching for safeguards to protect personal information from home addresses to credit-card numbers and Congress sensing it no longer can sit still, this could be the year significant privacy protections are enacted.

"There's a groundswell of pressure to pass legislation to protect Internet users' privacy. This is all well-intentioned, and some legislation is needed, but we must be extremely cautious that any legislation passed correctly balances privacy rights against overzealous regulations that cripple the burgeoning Internet economy," said Sen. John McCain, Arizona Republican and chairman of the Senate Commerce, Science and Transportation Committee, which many believe will drive the debate over privacy laws in the 107th Congress.

Technology companies and privacy advocates remain divided on the best solution for protecting personal data.

Most corporations want to rely on self-regulatory policies, but civil libertarians endorse strong new laws. The newly formed Privacy Coalition, comprising 30 groups, organized Feb. 12 to support strict standards for protecting privacy on the Internet.

Consumers have little reason to believe Internet companies can continue to police themselves. The number of complaints to the Federal Trade Commission about identity theft stealing another person's name, address, credit-card number or Social Security number to obtain credit cards, buy merchandise or borrow money has increased to 2,000 a week, the agency said, up from 1,700 a week in December.

Much of that theft occurs on line.

"You might look at 2000 as the year self-regulation lost the year the private debate was lost," said Richard Delaney, president of the Delaney Policy Group, a District of Columbia-based independent technology-policy analyst.

"There is a whole set of examples of businesses using personal information in ways that make consumers uneasy. So even if businesses could regulate themselves, I don't think it would be perceived as effective," Mr. Delaney said.

Toysmart.com assured customers that personal information would never be shared with a third party. But the company tried selling its database of customer information after going out of business in May. Internet-privacy activists said if that information were sold, it could encourage a wave of other failing on-line companies to abandon privacy assurances and try to sell lists for much-needed cash.

In a settlement with the FTC filed in January, a Walt Disney Co. subsidiary agreed to pay Toysmart $50,000 to destroy its records. Disney was the majority owner of Toysmart.com.

Last month, Seattle-based N2H2 Inc. acknowledged it gathers data on children as they surf the Web at 9,000 schools that use its filtering software. N2H2 sells the information it gathers to marketers and the Defense Department.

The Privacy Coalition supports turning the fair-information practices put forth last year by the FTC into law, and the privacy debate will include measures that:

• Require commercial Web sites to notify consumers what information is collected and how it will be used.

• Give consumers the option to choose whether information given to a Web site is shared with third parties.

• Give consumers access to information a Web site has collected about them so they can review it for accuracy.

• Ensure that personal information given by consumers is stored securely.

This year's privacy debate also will include discussion of opt-in and opt-out measures. Under opt-in, companies must ask permission from consumers before collecting and disclosing personal data. Under opt-out the common approach to data collection that companies use Web sites can collect data without a consumer's permission.

Sen. Ernest F. Hollings, South Carolina Democrat, introduced a pro-consumer opt-in bill last year. He is expected to reintroduce the measure this session.

The issue of "spam," or unsolicited commercial e-mail, also will be debated this year.

"I think most everyone believes there is a role for legislation. It's really not a question of whether we need an Internet-privacy law or not. It's a question of what kind of privacy law we need," said Andrew Shen, policy analyst for the Electronic Privacy Information Center, a public-interest research group and one of the founders of the Privacy Coalition.

Rep. Cliff Stearns, Florida Republican and chairman of the House Energy and Commerce commerce, trade and consumer protection subcommittee, which has jurisdiction over the FTC and on-line privacy, said he expects Congress to have an Internet-privacy bill by November. The panel's first privacy hearing is scheduled for tomorrow.

That doesn't mean there is consensus on what a privacy bill should look like.

"We've still got to flush this out," Mr. Stearns said.

Many technology companies still are not ready to embrace new legislation.

Some Web sites have gone only so far as posting privacy policies that state what information they collect from consumers and how they use data. But posting a privacy policy doesn't ensure the safety of personal data because there is no federal law outlining how companies treat the information.

Despite the imminent debate over privacy laws, technology companies haven't written off self-regulation as a means of improving privacy and increasing consumer confidence, said Jeff Richards, executive director of the Internet Alliance, a District-based trade group representing technology companies.

But in a recent change, one industry group decided to endorse federal privacy laws. On Jan. 18 the AeA, formerly the American Electronics Association, endorsed new federal privacy measures to prevent legal confusion that could result from the passage of multiple state laws.

The Internet Alliance says at least 14 bills dealing with identity theft have been introduced in state legislatures, and 51 bills dealing with financial privacy have been introduced.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide