Source

Automatically imported from: http://commons.somewhere.com:80/rre/1997/FTC.privacy.report.html

Content

This web service brought to you by Somewhere.Com, LLC.

FTC privacy report

``` [http://www.epic.org/privacy/databases/ftc_letter_0797.html]

---

This message was forwarded through the Red Rock Eater News Service (RRE). Send any replies to the original author, listed in the From: field below. You are welcome to send the message along to others but please do not use the "redirect" command. For information on RRE, including instructions for (un)subscribing, send an empty message to rre-help@weber.ucsd.edu

---

August 1, 1997

The Honorable John McCain Chairman Committee on Commerce, Science and Transportation United States Senate SD-508 Dirksen Senate Office Building Washington, DC 20510-6125

Dear Mr. Chairman,

We are writing regarding the letter that was sent to you on July 31 1997 by the Federal Trade Commission concerning the Public Workshop on Consumer Privacy held on June 10-13, 1997. It is our view that the FTC preliminary assessment does not accurately reflect the substance of the hearings or the views of the consumer organizations that participated. We are both disappointed and troubled by the FTC report.

First, the Commission badly misrepresented the views of the American public when it stated in its letter to you that "consumer survey research presented at the Workshop indicates [that] they are looking for greater protection, preferably from voluntary efforts by industry, but if necessary from government." The survey research presented at the Workshop consistently clearly showed the opposite: consumers and Internet users favor legislation today to protect personal privacy. Indeed, the survey conducted by Prof. Alan Westin for American Laws and Business found that "58% of computer users wanted government to pass laws now on how personal information can be collected and used on the Net." (emphasis added). Professor Westin also found that "Only 24% say government should limit its role to recommending standards." The 7th GVU WWW survey, the most comprehensive survey of Internet users ever conducted, also presented at the FTC hearings "found that most people feel that the Internet needs new laws to protect privacy."

Instead of reporting the clear results of the survey research presented and the views expressed by groups representing consumers at the FTC hearing, the FTC chose instead to present the views of industry lobbyists as if they were the views of American consumers. Such a misrepresentation could be considered "fraudulent and deceptive," to borrow a phrase that should be well known to the FTC.

Second, the FTC letter goes to great length to applaud the efforts of a handful of companies to develop privacy policies. But nowhere in the letter is there any specific discussion of the specific threats to personal privacy by the on-line industry. Plenty of evidence was presented that the on-line industry has failed to develop adequate privacy safeguards for customers, and that even where standards are established they are often ignored. People have lost jobs. People have been stalked. Incorrect information is routinely disclosed. Personal information is sold to strangers but is unavailable to the person to whom it refers. None of this is reflected in the letter presented to you.

Third, the FTC endorses a series of vague proposals made by industry groups without any discussion of the adequacy, desirability, or consumer acceptance of these approaches. Virtually every industry recommendation put forward at the FTC workshop requires placing new burdens on consumers to protect their privacy. Many were roundly criticized by consumer groups. None of these problems were discussed in the letter to you.

Fourth, on the matter of children's privacy, where there is virtually unanimous support for legal safeguards, the FTC said instead that "there was strong support at the Workshop for the development of technological tools to protect children's privacy." In fact, according to the poll conducted by Prof. Westin, "96% of parents say that companies collecting information from children should be held legally liable for violations of their stated policies." (emphasis added). The FTC itself set out in the KidsCom decision possible guidelines for children's privacy. It clearly could have proposed in the letter to you that Congress consider a similar approach. Instead, it has effectively placed the burden for protecting childrens privacy back on parents instead of on the companies that are collecting and selling personal information about kids.

The FTC's assessment of consumer privacy issues, as expressed to you in the letter of July 31, contrasts sharply with the reality of the on-line world. Indeed, in between the FTC workshop and the letter sent to you, America On-line was widely cited for its failure to uphold basic privacy assurances provided in its own Terms of Service agreement with customers. That story, which was widely reported in newspapers across the country, makes clear that there is growing public concern about the inadequacy of current privacy safeguards.

We believe that there is a significant role for government in the protection of on-line privacy and we believe that a great many Americans, as users of on-line services sending personal and confidential information, share this view.

We think the report of the FTC sent on July 31 fails to adequately reflect both the hearing record and the concerns of the American public.

Sincerely yours,

Jeff Chester Center for Media Education www.cme.org

Beth Givens Privacy Rights Clearinghouse www.privacyrights.org

Evan Hendricks Privacy Times www.privacytimes.com

Lori Fena Electronic Frontier Foundation www.eff.org

Jeane Anne Fox Consumer Federation of America

Jon Lebkowsky EFF-Austin www.eff-austin.org

Jamie Love Consumer Project on Technology www.cptech.org

Marc Rotenberg Electronic Privacy Information Center www.epic.org

Robert Ellis Smith Privacy Journal

cc: Chairman Robert Pitofsky ```

This web service brought to you by Somewhere.Com, LLC.