Copyright 2000 Globe Newspaper Company
The Boston
Globe
View Related Topics
June 19, 2000, Monday ,THIRD EDITION
SECTION: NATIONAL/FOREIGN; Pg. A1
LENGTH: 1555 words
HEADLINE:
CYBERPRIVACY CATCHES EYE OF CONGRESS BILLS AIM TO PROTECT CONSUMERS
BYLINE: By Anne E. Kornblut, Globe Staff
BODY:
WASHINGTON - After years of piecemeal
proposals to safeguard personal information on the Internet, Congress is
beginning to seriously address the concept of "online privacy." It is
considering an array of legislation that could dramatically increase the rights
of consumers who release personal details into cyberspace.
About 300
privacy bills are pending in the House and Senate, and the idea of privacy,
registering in the polls as a top concern among Americans, is also making its
way into the presidential debate. Democrats and Republicans are touting the same
goal: Reassuring the public that private information, from CD purchases to
medical records, will not be misused.
Although few
expect any laws to pass this year - and skeptics view many of the current
efforts as part of an election-year ploy - the proposals have begun gaining
momentum in recent weeks, through congressional hearings, federal studies, and
informal political debates. Even some Republican champions of e-commerce,
including legislators who oppose a sales tax on the Internet, are contemplating
whether new laws are needed to control the trafficking of consumer information
online.
"I don't think there's any doubt that some of the practices on
the Internet are not what most Americans would want done with their private
information," said Senate Commerce Committee Chairman John S. McCain. The
Arizona Republican held privacy hearings last week and is shaping online privacy
legislation of his own.
The current political debate divides along
deceptively simple lines: Should consumers have to "opt out," informing
companies that they would rather not have their personal information divulged
elsewhere? Should online companies have to ask permission first, requiring
customers to "opt in" to a consent agreement that frees their information for
use in the public domain? Or should the current system, in which information
moves through cyberspace virtually unrestricted, remain intact?
In fact,
the political issue is broader and more complicated, affecting information
exchanges on and off the Internet. Also, it is fertile political ground,
touching on common anxieties among average Americans about what happens when
they share their names and interests.
Direct-marketing firms have always
kept dossiers on consumer habits in order to target people for specific
products. The Internet makes that process easier and more immediate. Consumers
who browse the Web now have their habits tracked, thanks to small files known as
"cookies" that are transferred from certain Web sites to the consumer's computer
hard drive while the user is online. The cookies create a roadmap of the user's
online browsing habits, allowing companies to compile information on what the
consumer is interested in looking at and buying. Although cookies can be removed
from a user's hard drive, people who intentionally disable their computer's
ability to accept cookies are often denied access to some Web sites.
The
information gathered by using cookies allows advertisers to know whom to pursue,
an efficient marketing device that industry leaders say is part of what keeps
the Internet free of charge.
As a result, a great deal is at stake for
online companies, some of which have based their success on the ability to
gather consumer information freely in cyberspace. Many leading online firms say
they are worried about consumer confidence enough to help them ensure their
privacy , and see political motivations behind the current flurry of privacy
discussions.
Even some companies that would be largely unhampered by
federal regulation are not convinced it would work. Daniel Jay, chief technology
officer of Engage, an Andover firm that has developed privacy software allowing
online marketers to track consumers anonymously, said it would be "preferable to
figure out how to do it ourselves."
"I'm a believer that a combination
of technology and self-regulation is the only practical solution," Jay said.
"How do we hire enough policemen to police the Net?"
That position
leaves many legislators in Washington pulled by opposing forces: consumers, who
say they favor greater protections, and Internet companies, which insist they
cannot flourish in a regulated environment and promise to eventually protect
consumer privacy themselves.
In theory, at least, most legislators say
they support privacy protections. The two leadiing presidential candidates have
come out in favor of the general idea of privacy in recent months.
George W. Bush, the presumptive Republican nominee, is a self-described
"privacy rights person," according to a spokesman. Vice President Al Gore has
been more explicit about his views. According to an account of his meeting with
the New York Times editorial board last week, Gore said consumers should be able
to expect that personal information "will remain private unless they
affirmatively give up that right," a strict interpretation of the current
privacy bills under consideration.
Earlier this month, Gore held a press
conference to announce that he would "protect personal privacy" by making the
sale of Social Security numbers illegal.
Bush plans to unveil a detailed
privacy platform by November.
But the political debate is often muddied
because all sides say they want privacy rights for consumers.
How to
achieve that is the dilemma for many legislators, especially because the answer
may involve technological advances on the Internet, a medium most politicians
have only begun to understand themselves.
"There is a lot of confusion,"
said Robert Ellis Smith, publisher of Privacy Journal, a Providence-based
newsletter that examines privacy issues.
"It's the biggest fear
politicians have. Politicians say, 'Oh my gosh, I don't understand the Internet,
I don't want to be charged with killing it,' " said Representative Edward J.
Markey, Democrat of Malden.
Some legislators, including Markey, have
advocated federal privacy regulation for years. Many also believe privacy rules
should vary, depending on what information is at stake. Release of financial and
medical records, for example, has drawn intense attention.
One financial
services bill in particular has come under scrutiny: The Gramm-Leach-Bliley bill
of 1999, which approved giant banking mergers, but also gave consumers the
option of opting out of information-sharing agreements. Under the bill, a bank
that merges with an insurance firm would be allowed to pool the checking account
information of its customers with the new subsidiary, unless individual
customers actively request the bank not disclose such details.
Consumer
advocates see that system as weak, placing too much burden on customers to read
confusing legal notifications and locate opt-out features on a Web site. To
toughen the standard, several bills, two of them sponsored by Markey, have been
introduced: bills requiring an opt-in model for banking and medical records.
In addition, several states, including Massachusetts, are considering
enacting privacy laws to safeguard consumers while Congress continues its
debate. But advocates of stricter privacy protections at the state level say
that a federal standard would be preferable to a hodge-podge of state laws.
"Boundaries, in our world, are sort of irrelevant lately, with the
global economy," said Massachusetts Lieutenant Governor Jane Swift, who supports
an opt-in model for the most sensitive records.
Swift, who prides
herself on being a champion of privacy rights, this year served on a Federal
Trade Commission panel that led to one of the most scathing congressional
reports on the lack of online privacy. Saying that only 20 percent of online
companies conform to four commonly accepted standards - notifying consumers of
how information will be used, giving consumers a choice in the matter, making
security practices clear, and allowing consumers access to their own records for
correction or deletion - the FTC recommended that Congress act on privacy
legislation. That report has added momentum to the political privacy debate.
The debate seems to be everywhere in Washington these days. Two hearings
were held in Congress last week. Dozens of privacy bills are expected to be
unveiled before the end of the year. Among them is a proposal by Senator John F.
Kerry, Democrat of Massachussetts, to require a minimal effort by companies:
disclosing privacy policies on Web sites. Kerry's proposal also calls for a
12-month privacy commission to study the issue.
In the meantime,
companies like Engage are continuing to develop software to keep consumer
identities separate from their marketing habits, a practice that allows targeted
advertising without compromising privacy. Nearly a dozen Web sites have sprung
up solely to provide privacy to consumers, allowing users to surf the Web
through a third-party site that shields their identities.
Many industry
leaders hope the delay in Washington will buy enough time for online companies
to solve the privacy issue themselves. But the growing political drumbeat is
unlikely to subside before November, and privacy advocates are hoping that will
draw support for legislation by next year. They also believe the concept of
privacy will become increasingly easy for Americans to understand, even if the
technology involved is not.
LOAD-DATE: June 19, 2000
