April 17, 1999

New Bill Keeps Online Privacy at Center Stage

WASHINGTON -- Two senators have filed legislation that would give consumers more control over how personal information is collected online, the latest sign that the issue of privacy in the digital age is fast becoming a key issue on Capitol Hill.

Related Articles
Hearing on Viruses Becomes Debate on Privacy
(April 16, 1999)

Peekaboo! Anonymity Is Not Always Secure
(April 15, 1999)

Lawmaker Plans Bill to Protect Consumer Privacy Online
(April 8, 1999)

Senators Conrad Burns, a Montana Republican, and Ron Wyden, an Oregon Democrat, on Thursday filed the Online Privacy Protection Act, which would require commercial Web sites to notify visitors if any information is collected. It would also require the Web sites to let users "opt out" of having their information collected. And it would give users access to records companies keep about them.

Representative Edward A. Markey, a Massachusetts Democrat, last week said he was preparing similar legislation in the House, setting the stage for a Congressional showdown with industry groups and the Clinton Administration, which has been leading the call to let companies police themselves in the online consumer protection arena.

"Consumers have the right to know who is collecting information about them and how that information is being used," Burns said in announcing his bill. "Many people are terrified that using the Internet will put their credit card numbers or even Social Security numbers into the hands of people who do not mean well, and that's not entirely unjustified. This bill is a good first step to securing Internet users' personal information."

"The Internet holds great promise as an international marketplace, but consumers won't use it to its full potential unless they feel safe," he said.

Although online industry groups immediately denounced the legislation as unnecessary, privacy advocates said they were encouraged by lawmakers' continued movement to their side in the contentious debate.

"I think that it is significant to have a bipartisan recognition of the need for legislation in this area," said David Sobel, a lawyer with the Electronic Privacy Information Center in Washington. "So in that way, I think it is a recognition of the fact that self-regulation has not worked and is not likely to work."

"We think industry self-regulation is moving forward very constructively."

Harris Miller, president of the Information Technology Association of America

Harris Miller, president of the Information Technology Association of America, on the other hand, said the proposed legislation overlooks the broad strides forward that the Internet community has made toward self-regulation. It also ignores technological and other tools that can empower consumers, he said, adding that instead it assumes that consumers cannot be trusted to make their own informed online choices.

"We think industry self-regulation is moving forward very constructively," Miller said. He pointed to the formation of the Online Privacy Alliance -- a coalition that has drafted guidelines for companies to follow on the Internet -- and programs like the Better Business Bureau Online and TrustE, which offer seals that certify if a Web site follows its posted policy.

"Any talk of legislative solutions is simply not helpful at this point in time," he said. "Obviously, the market demand is out there to put pressure on industry. If consumers are not comfortable, the market will speak and companies will respond."

The Senate Judiciary Committee has scheduled a hearing for next Wednesday on Internet privacy in general. And what direction the Congressional debate on this issue ultimately takes could depend largely on the Federal Trade Commission, which later this spring will report to Congress on whether it thinks new laws are needed to regulate how information collected online can be gathered and used.

The commission last year, with the backing of the Clinton Administration, recommended and won passage of a bill to prohibit Web sites from collecting information from children. And it said at the time that would push for legislation extending protections to adults if industry attempts at self-regulation had not dramatically improved early this year.

The Burns-Wyden bill would require online businesses to post clear explanations of how they use personal information and to let consumers choose not to have any of their information collected. Web sites would also have to provide consumers copies of the information they have collected about them, upon request. The Federal Trade Commission would be charged with establishing and enforcing the privacy policies for Web sites.

How Safe Is Your Privacy on the Web?
The bill is among 50 privacy proposals that have been filed this year dealing with everything from medical records to financial data. And concerns about the collision of privacy and technology are being voiced more and more frequently in the nation's capital.

For example, a hearing of the House Science Committee's technology subcommittee on the Melissa computer virus at one point turned into a debate on whether federal authorities had violated anyone's civil rights by using a software tracking number and America Online records to trace the computer programmer suspected of writing the virus.

And last week, online privacy became a presidential campaign issue when Vice President Al Gore previewed for the media a portion of his campaign Web site that collected information from children, a practice that will soon be outlawed for commercial Web sites.

Although the Administration has been one of industry's biggest supporters of self-regulation, a new survey released Friday said it has yet to get its online house in order.

A review by the Center for Democracy and Technology showed that only one-third of federal agency Web sites have "privacy notice" or "privacy policy" links from the agency home page, and only half had notices that could be found with only a few short links. This comes despite new guidelines issued by the federal Chief Information Officers and repeated past criticism of the federal government's failure to comply with the policy it is touting for businesses to follow.

"Many agencies are hiding privacy notices in legal disclaimers or burying them in the Web site," said Ari Schwartz, a policy analyst for the center. "If the government is serious about privacy, then as a first step privacy notices should be easy to find and understand."

Related Sites
These sites are not part of The New York Times on the Web, and The Times has no control over their content or availability.

Jeri Clausing at welcomes your comments and suggestions.

Home | Site Index | Site Search | Forums | Archives | Marketplace

Quick News | Page One Plus | International | National/N.Y. | Business | Technology | Science | Sports | Weather | Editorial | Op-Ed | Arts | Automobiles | Books | Diversions | Job Market | Real Estate | Travel

Help/Feedback | Classifieds | Services | New York Today

Copyright 1999 The New York Times Company