banner
toolbar
March 18, 1999

Business Group Unveils Plan for Online Privacy
By JERI CLAUSING Bio
 WASHINGTON -- The Better Business Bureau on Wednesday launched its new program for certifying and monitoring the collection of personal data online, a long-awaited self-regulatory effort that businesses hope will help appease concerns by the European Union, the Federal Trade Commission and lawmakers that American companies have failed to offer adequate consumer protections in cyberspace.


Related Article
Professor Joins Administration to Work on Privacy Issues
(March 5, 1999)

Forum
Join a Discussion on Online Privacy

The program, called BBBOnLine, gives qualified companies an electronic seal for their Web site verifying that they adhere to their stated practices about what information they collect from consumers and how it is used. It also requires them to submit to a dispute-resolution process when a customer complains and establishes a system of random audits for insuring that program participants remain in compliance.

The program has been a year in the making. And its launch, several months later than anticipated, comes at a crucial time for the Clinton Administration, which has resisted calls to enact new laws for protecting the privacy of consumers in cyberspace. The Administration has staunchly advocated a laissez-faire approach despite a tough new European Union privacy directive that threatens to disrupt electronic commerce between the United States and Europe.

A key provision of that directive prohibits any company doing business in the European Union from transmitting personal data to any country that does not guarantee comparable privacy protections.

The Better Business Bureau on Tuesday evening reviewed its new program for the European Union's John Mogg, a director general, who was in town for negotiations with David Aaron, the Under Secretary of International Trade in the Commerce Department. The two are discussing what type of self-regulatory model would be acceptable for certification by the European Union's member states.

Although both Mogg and Aaron said they had made significant progress and were encouraged by the program, they said they still had not reached agreement on two key areas: the amount of access customers should have to the data companies have collected about them, and mechanisms for enforcing privacy protections.

"We're making great progress," Aaron said. "The work is not finished, but we think it's going well."

He and Mogg plan to meet again the week after Easter, at which time they hope to finalize language for a draft agreement that could be submitted to the Administration and the EU for endorsement. The EU directive took effect last October, but the European Commission, the union's executive leadership, delayed sanctions against the United States for non-compliance until June 21 in hopes an agreement could be reached on an acceptable plan of self-regulation.

Although Mogg said he did not anticipate that this week's resignation of the entire European Commission, which has been accused of corruption, would affect that deadline, some privacy advocates said it could make Aaron's job of selling self-regulation tougher.

"That is significant because the member states have been pushing the commission to go further on privacy," said Marc Rotenberg, executive director of the Electronic Privacy Information Center, which has been seeking legislation to protect consumers against the resale and misuse of personal information collected electronically. "In other words, they have been more critical than the commission" of the U.S. policy against regulating companies in this area.

Rotenberg was also skeptical of the Better Business Bureau's seal program.

"I'm sort of the attitude right now that it's too little, too late," he said.

Others were less critical, but still reserved judgment.

"I think it is significant that the Federal Trade Commission and the BBB have both decided that these are critical consumer protection issues," said Deirdre Mulligan of the Center for Democracy and Technology. "I think that the BBB is saying to its members that privacy is something that we think is important... It sends a signal to the business community that privacy is something that they have to attend to."

The Federal Trade Commission, which after the threat of legislation last summer effectively pressured companies into an alliance that created the basis of the BBB plan, was also given a preview by the business bureau on Tuesday.

Vicki Streitfeld, a spokeswoman for the agency, said the program represents "good progress," but that a final judgment on whether self-regulation is working won't be made by the FTC until late this spring or early summer, when it expects to issue a new report to Congress.


Related Article
FTC Report on Online Privacy Draws Quick Criticism
(June 4, 1998)

In addition to monitoring how BBBOnLine is carried out and how many companies sign on, the FTC is awaiting results of an industry survey of privacy practices by Web sites. The survey is a follow-up to one conducted by the agency last year, which found that few Web sites had privacy practices clearly posted and that numerous sites aimed children were collecting personal information.

Characterizing the results of that survey as dismal, the FTC won Congressional approval of legislation to mandate that Web sites get parental permission before collecting any personally identifiable information from children under 13. At the same time, it vowed to seek a new law extending those protections to adults if significant progress in self-regulation and self-enforcement were not made by early this year.

In promoting its new program at a Wednesday morning news conference, the Better Business Bureau emphasized its more than 80 years of experience in resolving disputes between consumers and businesses. It also said that it has signed up 2,600 online businesses for a similar but separate program that certifies Internet merchants as reliable businesses.

Although just one company, Dell Computer Corp., displayed the BBB seal on Wednesday, Russell Bodoff, senior vice president and chief operating officer of BBBOnLine, said more than 300 other companies had already initiated the application process, which has just opened.

"We expect our program to grow quickly," he said.

There are two separate seal programs, one indicating companies adhere to strict guidelines to protect children, the other for adults.

Companies can go through the entire certification and application process online. Companies do not have to be Better Business Bureau members, and application fees vary with the size of the company, starting at $150.

"We want this to be an open process," Bodoff said. "We want the only reason that a company can't participate to be because they can't meet our standards."

The seal program is not the first such attempt at certifying sites in cyberspace, but is the most comprehensive, offering random audits of compliance, mandatory dispute resolution and published decisions of all decisions against companies. BBBOnline said it also would work closely with the FTC, referring any cases its finds of deceptive or other illegal practices.

Related Sites
These sites are not part of The New York Times on the Web, and The Times has no control over their content or availability.

Jeri Clausing at jeri@nytimes.com welcomes your comments and suggestions.

Home | Site Index | Site Search | Forums | Archives | Marketplace

Quick News | Page One Plus | International | National/N.Y. | Business | Technology | Science | Sports | Weather | Editorial | Op-Ed | Arts | Automobiles | Books | Diversions | Job Market | Real Estate | Travel

Help/Feedback | Classifieds | Services | New York Today

Copyright 1999 The New York Times Company