Public
Comment on Barriers to Electronic Commerce - Comment on behalf of
The National Association of Attorneys General -
3/20/2000
This respondent's comments to the questions posed in this inquiry
are shown below.
The undersigned Attorneys General appreciate this opportunity to
respond to your request for comments concerning laws or regulations
that may adversely affect electronic commerce. While we support
efforts to foster the growth of electronic commerce, we also wish to
ensure that our citizens' reasonable expectations of privacy are
protected from intrusion; that our citizens are protected from
fraud, unfair and deceptive acts and practices, and abuse; and that
the State Attorneys General continue to play their traditional role
in protecting consumers from such practices. We believe that
electronic commerce will continue to grow only to the extent that
consumers have confidence that, when they use the Internet, their
rights as consumers will be protected in the same ways as they are
protected in more traditional consumer settings. Protection of
Consumer Privacy Will Enhance Consumer Confidence in Online Commerce
We believe that one of the biggest threats to the long-term vitality
of electronic commerce is the lack of clear rules concerning how
personally–identifiable information about consumers will be treated
by Internet businesses. In order to build consumer confidence in
online commerce, we believe that consumers should be specifically
informed when data is being collected about them, and consumers
should be given a meaningful opportunity to decide whether or not
they want such data collected, especially if the information will be
personally identifiable. If consumers are fully informed about the
collection and use of information, and have a say in whether that
information can be collected or used, they will have the increased
confidence to engage more readily in electronic commerce. Recent
surveys detail how important privacy is to consumers, and how they
would interact with online businesses more frequently, and more
honestly, if they were assured that their personal information would
not be shared with third parties or otherwise inappropriately
handled. A telephone survey prepared by Dr. Alan F. Westin of
Columbia University and Louis Harris and Associates for the
publication "Privacy in American Business" illustrates the depth of
public concern regarding online privacy. According to the results of
this 1998 survey, more than 50% of Internet and online service users
say they are very or somewhat concerned that information about which
sites they visit will be linked to their e-mail address and
disclosed to some other person or organization without their
consent. A 1998 Business Week Harris Poll also examined whether
privacy concerns reduced the likelihood that computer users would go
online. The survey showed that 78% percent of people who go online
would do so more often if there wer e greater privacy protections in
place. Another survey demonstrated that Internet users are so
concerned about the privacy of information they supply that they
frequently lie. According to "10th WWW User Survey" conducted by
Georgia Tech's Graphics, Visualization & Usability Center, more
than half of respondents have provided false information when
visiting a website that required registration. This demonstrates
that by failing to give consumers the information they want about
data collection practices, online marketers undermine the validity
of the data they go to great lengths to collect. In this same
survey, when asked why they refuse to provide accurate information,
more than 35% of the respondents stated that it was because "the
terms and conditions of how the collected information is going to be
used is not clearly specified" or they did not trust whoever was
collecting the information. When one adds in those who objected to
the information being collected (name/address/email address), the
total climbs to nearly 70%. Over the past few years, a number of
major stories have illustrated the depth of consumer concern over
privacy matters. Within the past few months alone companies such as
DoubleClick, InfoBeat, and RealNetworks have faced allegations that
their information practices did not match their stated privacy
policies. They join the ranks of Geocities, Intel, Experian, AOL and
even the Social Securities Administration, all of which have faced
criticism over their online information practices in recent memory.
Most of these companies had voluntarily posted privacy policies on
their Web sites that were adopted in response to consumer concerns
about their online privacy. These incidents suggest that, in some
cases, companies are not taking sufficient steps to ascertain
whether their information practices match their privacy policies
until the matter is brought to light by either legal action or media
scrutiny. As the surveys discussed above demonstrate, unless
consumers have a sense that they can rely upon posted pr ivacy
policies, there is a real danger that confidence in online commerce
might be shattered by such breaches. If instead, we hope that
e-commerce will continue to be the driving force of our new economy,
we must ensure that violations of privacy policies, whether
voluntarily posted or mandated by law, will be treated as deceptive
business practices under our respective state laws. We believe the
most appropriate way to assuage consumers' concerns about the use of
their personal information is to ensure that online businesses
prominently post their data collection and dissemination policies,
and afford consumers a meaningful opportunity to consent to such
data collection and dissemination, especially if the information
will be maintained in a personally-identifiable format. Ensuring
Application of Traditional State Consumer Protections to Online
Commerce Will Further Enhance Consumer Confidence We believe that
while consumers enjoy the speed and flexibility of online commerce,
they want to be assured that traditional consumer protection laws
and rules will apply to their transactions. Furthermore, we believe
that states have a critical role to play in enforcing these
traditional consumer protection laws and rules. Consistent with
consumers' concerns, in a recent letter to the U.S. House and Senate
minority and majority leaders concerning two electronic bills, the
Attorneys General of 48 states, the District of Columbia, the Virgin
Islands, and the Northern Mariana Islands confirmed that consumer
protection laws apply to online transactions. Electronic Disclosures
and Notices Should Be Clear and Conspicuous, In Accordance with
State Consumer Protection Law Because the Internet is merely a
medium for communicating to consumers, traditional rules governing
disclosures and notices to consumers must apply. All electronic
notices and disclosures – whether relating to the business's data
collection and dissemination policies or any other issue – should
communicate to the consumer non-deceptively and in a clear and
conspicuous manner, in accordance with traditional consumer
protection principles. Ordinarily, a disclosure is clear and
conspicuous and is effectively communicated under consumer
protection law when it is displayed in a manner that is readily
noticeable, readable, and understandable to consumers. Factors that
are considered in evaluating the effectiveness of disclosures
include: prominence, proximity, absence of distracting elements, and
clarity and understanding of the text disclosure. The notice or
disclosure must be reviewed within the context of how it is
disclosed to determine its effectiveness. In the electronic commerce
context, the states have given online businesses direction on the
adequacy of electronic notices. When America Online settled with 45
states over its notification practices, America Online agreed to
give consumers notice of material contract modifications via one of
the following three methods: by electronic mail to each screen name
associated with an account; by a pop-up screen that can only be
dismissed by means of a click-on button; or by regular U.S. mail.
The Federal Trade Commission also explored the issue of online
disclosures in its Request For Comments and Workshop entitled,
Interpretation of Rules and Guides for Electronic Media, held last
year. In its Request For Comments, the FTC pointed out that the same
principles of law concerning clear and conspicuousness also applied
to the online medium; however, the FTC requested comment on whether
the following seven factors should be considered for online
disclosures: unavoidability, access to disclosures, proximity and
placement, prominence, non-distracting factors, repetition, and
audio and visual presentation. We believe that it is very important
that any online notices or disclosures be presented to consumers
clearly and conspicuously in accordance with traditional consumer
protection standards. These standards require that the notice must
be effective in actually communicating its message to the consumer.
This is particularly important in the online medium where consumers
can click through many screens, scroll down for further information,
and be distracted by flashing banner advertisements. Traditional
State Licensing Requirements Should Apply to Online Commerce The
states play a critical role ensuring that professionals are
appropriately licensed and answerable to the public for their
professional activities within a state. Each state has enacted and
enforces licensing laws that address specific health and safety
concerns. The particulars of each state's licensing laws may be
unique, as the specific concerns of the citizens of one state may
vary from the specific concerns of the citizens of another state.
This traditional and important state role must be applied to online
commerce involving professionals licensed by the states. With states
retaining this traditional licensing jurisdiction, they are better
able to physically monitor the activities of, and, if necessary,
discipline those companies and professionals that conduct business
with its citizens. By way of example, states currently license and
regulate physicians, pharmacists and pharmacies that operate within
their borders. In the past year, several states initiated
enforcement actions against out-of-state defendants involved in the
online prescribing and dispensing of drugs to residents within their
respective states. These online businesses delivered dangerous
prescription drugs to individuals without first performing any type
of physical examination of the patients. Some of the drugs dispensed
were controlled substances. In many instances, serious health
consequences could have resulted, as the drugs would have been
contraindicated had a physical examination been conducted. States
strongly believe that they should retain primary enforcement
authority over physicians and pharmacies. However, due to the
difficulties encountered in attempting to halt the unlawful
activities of out-of-state defendants, states would favor
legislation that would allow state attorneys general to proceed with
enforcement actions in federal court and grant states federal
injunctive relief. Ideally, states should retain primary enforcement
authority in licensing and regulating businesses and professions
that operate via the Internet, while having the additional mechanism
of federal injunctive relief afforded them in order to better
protect the health and safety of consumers in each state. Sincerely.
Bruce M. Botelho Attorney General of Alaska Mark Pryor Attorney
General of Arkansas Ken Salazar Attorney General of
Colorado
Richard Blumenthal Attorney General of
Connecticut
Robert A. Butterworth Attorney General of
Florida
Thurbert E. Baker Attorney General of
Georgia
Alan G. Lance Attorney General of Idaho
Jim
Ryan Attorney General of Illinois
Tom Miller Attorney
General of Iowa
J. Joseph Curran, Jr. Attorney General of
Maryland
Tom Reilly Attorney General of
Massachusetts
Jennifer Granholm Attorney General of
Michigan
Mike Hatch Attorney General of
Minnesota
Mike Moore Attorney General of
Mississippi
Frankie Sue Del Papa Attorney General of
Nevada
John J. Farmer, Jr. Attorney General of New
Jersey
Patricia Madrid Attorney General of New
Mexico
Eliot Spitzer Attorney General of New
York
Heidi Heitkamp Attorney General of North
Dakota
Nicole Forelli (Acting) Attorney General of N.
Mariana Isl.
Betty D. Montgomery Attorney General of
Ohio
W. A. Drew Edmondson Attorney General of
Oklahoma
Hardy Myers Attorney General of
Oregon
Sheldon Whitehouse Attorney General of Rhode
Island
Charlie Condon Attorney General of South
Carolina
Mark Barnett Attorney General of South
Dakota
Paul Summers Attorney General of
Tennessee
John Cornyn Attorney General of
Texas
William H. Sorrell Attorney General of
Vermont
Iver A. Stridiron Attorney General of Virgin
Islands
Christine O. Gregoire Attorney General of
Washington
Darrell V. McGraw Jr. Attorney General of West
Virginia
|