Skip banner
HomeHow Do I?Site MapHelp
Return To Search FormFOCUS
Search Terms: personal w/5 information w/5 privacy, House or Senate or Joint

Document ListExpanded ListKWICFULL format currently displayed

Previous Document Document 63 of 261. Next Document

More Like This
Copyright 2000 Federal News Service, Inc.  
Federal News Service

 View Related Topics 

May 25, 2000, Thursday

SECTION: PREPARED TESTIMONY

LENGTH: 2880 words

HEADLINE: PREPARED TESTIMONY OF JILL A. LESSER VICE PRESIDENT, DOMESTIC PUBLIC POLICY AMERICA ONLINE, INC.
 
BEFORE THE SENATE COMMERCE COMMITTEE
 
SUBJECT - INTERNET PRIVACY

BODY:
 Chairman McCain, Senator Hollings, and Members of the Committee, I would like to thank you, on behalf of America Online, for the opportunity to discuss online privacy with you today. My name is Jill Lesser, and I am the Vice President for Domestic Policy at AOL.

The privacy report issued this week by the Federal Trade Commission shows that, in many ways, we have reached a crossroads in the development of the online medium. It is clear that the Internet is revolutionizing our society- dramatically changing the way we learn, communicate, and do business. People are migrating to the Internet to meet their commerce and communications needs at an extraordinary rate because it is convenient and fast, and offers an unprecedented selection of information, goods and services. AOL subscribers can sign on to our service and do research, shop for clothing, obtain health information, and buy airline tickets -- all in a matter of minutes.

And every day we are seeing new online opportunities arise, and new users flocking to take advantage of these opportunities. Yet despite the enormous growth that the Internet has enjoyed over the past few years - or maybe because of it - we have seen a heightened awareness of online privacy and security issues. Every day we are faced with new reports, studies, and statistics many of which seem to contradict each other- about how Internet users feel about the o medium and how online privacy is, or isn't, being protected. And even though the medium continues to grow at an incredible rate, online companies are realizing that they have to sit up and pay attention to privacy if they want to stay in business.

Of course, one of the most attractive benefits that this medium offers to users is the ability to customize and personalize their online experience. Consumers cancommunicate specific preferences online that will allow them to receive information tailored to their own interests. For instance, AOL members can set their online preferences to get sports scores or stock quotes, read news stories about their own hometown, or receive notices about special discounts on their favorite CDs. No other commercial or educational medium has ever afforded such tremendous potential for personalization, and we are seeing customers take advantage of these opportunities at an incredible rate - through our own services and through countless other business models for personalization, from online bookclubs to discount ticket agencies to special offers from the local supermarket.

But we know now that the power of the Internet can only be fully realized if consumers feel confident that their privacy is properly protected when they take advantage of these benefits. If consumers do not feel secure online, they will not engage in online commerce or communication -- and without this confidence, our business cannot continue grow. For AOL, therefore, protecting our members' privacy is essential to earning their trust, and this trust is, in turn, essential to building the online medium. That's why AOL and other companies have devoted so much time and energy to creating strong privacy policies that provide meaningful protection and are backed up by compliance and enforcement programs.

AOL's own commitment is based on the lessons we've learned over the years and the input we've received from our members. We've created privacy policies that clearly explain to our users what information we collect, why we collect it, and how they can exercise choice about the use and disclosure of that information. AOL's current privacy policy is organized around 8 core principles: We do not read your private online communications

-- We do not use any information about where you personally go on AOL or the Web, and we do not give it out to others.

-- We do not give out your telephone number, credit card information or screen names, unless you authorize us to do so. And we give you the opportunity to correct your personal contact and billing information at any time.

-- We may use information about the kinds of products you buy from AOL to make other marketing offers to you, unless you tell us not to. We do not give out this purchase data to others.

-- We give you choices about how AOL uses your personal information.

-- We take extra steps to protect the safety and privacy of children.

-- We use secure technology, privacy protection controls and restrictions on employee access in order to safeguard your personal information.

-- We will keep you informed, clearly and prominently, about what we do with your personal information, and we will advise you if we change our policy.

We give consumers clear choices - which are easy to find and easy to exercise -about how their personal information is used, and we make sure that our users are well informed about what those choices are. For instance, if an AOL subscriber decides that she does not want to receive any tailored marketing notices from us based on his personal information or preferences, she can simply check a box on our service that will let us know not to use her data for this purpose. Because we know this issue is so critically important to our members and users, we make every effort to ensure that our privacy policies are clearly communicated to our customers from the start of their online experience, and we notify our members whenever our policies are changed in any way.

We also make sure that our policies are well understood and properly implemented by our employees. We require all employees to sign and agree to abide by our privacy policy, and we provide our managers with training in how to ensure privacy compliance. We are committed to using state-of-the-art technology to ensure that thechoices individuals make about their data online are honored, and that such data is protected and secured.

And we try to keep users informed about the steps they can take to protect their own privacy online. For instance, we emphasize to our members that they must be careful not to give out their personal information unless they specifically know the entity or person with whom they are dealing, and we encourage them to check to see whether the sites they visit on the Web have posted privacy policies and to review those policies.

Furthermore, AOL takes extra steps to protect the safety and privacy of children online. One of our highest priorities has always been to ensure that the children who use our service can enjoy a safe and rewarding online experience, and we believe that privacy is a critical element of children's online safety.

We have created a special environment just for children -- our "Kids Only" area -where extra protections are in place to ensure that our children are in the safest possible environment.

In order to safeguard kids' privacy, AOL does not collect personal information from children without their parents' knowledge and consent, and we carefully monitor all of the Kids Only chat rooms and message boards to make sure that a child does not post personal information that could allow a stranger to contact the child offline. Furthermore, through AOL's "Parental Controls," parents are able to protect their children's privacy by setting strict limits on whom their children may send e-mail to and receive e-mail from online.

As you know, AOL supported legislation in the 105th Congress to set baseline standards for protecting kids' privacy online - precisely because of the unique concerns relating to child safety in the online environment. We worked with Senator Bryan,Senator McCain, the FTC, and key industry and public interest groups to help bring the Child Online Privacy Protection Act (COPPA) to fruition. We believe the enactment of this bill - which took effect last month -- was a major step in the ongoing effort to make the Internet safe for children.

In addition to adopting and implementing our own policies, AOL is committed to fostering best practices among our business partners and industry colleagues. One of the strongest examples of this effort is our "Certified Merchant" program, through which we work with our business partners to guarantee our members the highest standards of privacy and customer satisfaction when they are within the AOL environment. AOL carefully selects the merchants we allow in the program, and requires all participants to adhere to strict consumer protection standards and privacy policies. The Certified Merchant principles are posted clearly in all of our online shopping areas, thereby ensuring that both consumers and merchants have notice of the rules involved and the details of the enforcement mechanisms, which help to foster consumer trust and merchant responsiveness.

Through our Certified Merchant program, we commit to our members that they will be satisfied with their online experience, and we have developed a money-back guarantee program to dispel consumer concerns about shopping online and increase consumer trust in this powerful new medium. We believe that these high standards for consumer protection and fair information practices will help bolster consumer confidence and encourage our members to engage in electronic commerce.We at AOL are proud of the steps we've taken to create a privacy-friendly environment online for our members and encourage our industry colleagues to do the same. But we haven't done these things to prove a point or to discourage government regulation - we've done them because we must do them, because our business, more than ever, requires us to respond to consumer demands and take privacy seriously in order to build more consumer trust in the medium. And we know that many other online businesses feel exactly the same way. That's why AOL joined with other companies and associations two years ago to form the Online Privacy Alliance (OPA), about which you will hear more this morning from another witness. And that's why through NetCoalition, a group representing some of the largest and most active online companies, we recently sent a letter to 500 CEOs encouraging them to post good privacy policies on their websites that contain the key fair information principles, and to fully implement these policies within their companies. The progress that industry has made is real - one thing the FTC report clearly shows is that the proportion of commercial websites posting privacy policies has skyrocketed in less than three years from less than 14% to over 90% -- unbelievable progress for an industry that barely existed just a few years ago and which today is demonstrating the most rapid growth in the history of media.

So where are we now? The FTC report concludes that, despite this progress, industry hasn't done enough, and that broad privacy legislation is necessary in order to ensure that consumers are protected. Does this mean that self-regulation is a failure? What are we supposed to do next?As the Commerce Committee and other Congressional leaders begin to sift through the FTC's recommendation and face the issue of whether to take action in this area, I would like to offer just a few thoughts on how you might approach answering these difficult questions:

First, it is important that all of us in industry and government stop thinking about the privacy issue as a "zero sum game" - as self- regulation versus government regulation. Instead, we must remember that the crux of the issue is really consumer confidence, consumer protection, safety and security. And since all of us have the same end goal - to ensure that consumers trust the online medium - we do not need to set ourselves up as opponents in a privacy "battle." Clearly the industry has an enormous incentive to make consumer protection a fundamental part of doing business, but there is also an important role for government in protecting consumers. One way to approach this joint responsibility is to allow the market to lead the way in developing up-to-date and innovative initiatives for protecting privacy, but let the government step up its enforcement activities. Indeed, the government's existing enforcement powers are greatly expanded simply by the proliferation of privacy policies, now numbering 90 percent. This type of partnership allows for maximum flexibility and technological innovation, so that the "good guys" can set the stage for best practices while the "bad guys" pay the price for bad behavior.

Second, it is critical that neither the government nor industry view privacy as a simple issue with a simple answer. On the contrary, when we as businesses ask our consumers what it is they are most concerned about we get a variety of different answers:- For some consumers it is security rather than privacy that is the greatest concern. They care more about whether their credit cards can be safely "submitted" online than about whether their ISP will send them a tailored advertisement. In reality, the risks of identity theft may actually be greater in the offline world than in the online world, where fewer humans actually touch or handle an individual's credit card, for example. Yet the prospect of personal information being compromised through hacking and theft is likely keeping many consumers from going online. This is certainly an area where the industry has every incentive to do the right thing but the government must make clear that bad behavior is not acceptable. For other consumers, the primary concern relates to sensitive information like health and financial data. Individuals want to take advantage of online health-related services, for example, without worrying about embarrassing or compromising releases of their health information. For these types of information, industry and government will need to determine what privacy standards need to be in place for particular businesses to succeed, and indeed Congress has already addressed these issues through financial services legislation enacted last Congress and the Health Insurance Portability and Accountability Act of 1996, neither of which have yet been fully implemented. Still another group of consumers is concerned about whether their online behavior is being "tracked." Yet when the technologies behind such activity are explained and consumers are able to understand that there are both positive and negative uses of these types of tools, it may turn out that consumers simply want to know what a particular website is doing so they can make their own decisions about how to use these services.

Such examples underscore the intricacy of the privacy issue and the difficulty in pinpointing the actual problems that need to be addressed through industry or government action.

Unfortunately, the FTC's recommendation for a sweeping regulatory regime for online privacy does not take into account either the complex dimensions of this issue or the need for an industry- government partnership on privacy. The Commission purports to recognize the important role that industry leadership on self- regulation plays in any privacy solution; yet the report recommends broad legislation that would provide"flexibility to the implementing agency in promulgating its rules or regulations...(that could) define...fair information practices with greater specificity." Such expansive regulatory authority could actually discourage industry-led initiatives and market-driven solutions by outlawing consumer-oriented methods of privacy protection and personalization. Furthermore, such sweeping legislation would not take into account all of the more targeted proposals that have either been enacted or are pending - from the new children's privacy law, to rules for health and medical data, to financial privacy regulations. We at AOL would therefore ask the Members of this Committee to develop its policies in the privacy area with high regard for the benefits of personalization and the efficacy of industry action to date. You may find that there are gaps in industry enforcement where government must step in to ensure compliance. Nevertheless, it is clear that companies are responding to the increasing marketplace demand for online privacy, and that the tremendous growth of e-commerce reflects positive trends on a variety of consumer protection issues, including privacy. Sweeping regulatory action. could very likely curb such market innovation and competition and discourage creative and flexible approaches to privacy protection. * The challenges that lie ahead will give us the chance to prove that industry and government can work together to promote online privacy. But ultimately, it is the consumer who will be the judge of whether these efforts are adequate. Because no matter how extraordinary the opportunities for electronic commerce may be, the marketplacewill fail if we cannot meet consumers' demands for privacy protection and gain their

trust.

We at AOL are committed to doing our part to protecting personal privacy online. Our customers demand it, and our business requires it but most importantly, the growth and success of the online medium depend on it. We appreciate the opportunity to discuss these important issues before the Committee, and look forward to continuing to work with you on other matters relating to the Internet and electronic commerce.

END

LOAD-DATE: May 26, 2000



Previous Document Document 63 of 261. Next Document

FOCUS
Search Terms: personal w/5 information w/5 privacy, House or Senate or Joint
To narrow your search, please enter a word or phrase:
   
About LEXIS-NEXIS® Congressional Universe Terms and Conditions Top of Page
Copyright © 2002, LEXIS-NEXIS®, a division of Reed Elsevier Inc. All Rights Reserved.