White House Eyes Privacy Czar

P> The White House is cobbling together a new organization to review privacy-related issues, and it is mulling the creation of a privacy czar to help protect privacy rights in cyberspace.

The privacy czar would develop national and international rules to protect consumers' privacy in the information age, he said.

A privacy panel of the National Information Infrastructure Advisory Council, which is headed by Commerce Secretary Ron Brown, is creating plans for the privacy czar. The panel will complete its plan -- outlining the organization's role, status and place in the federal government -- in the next four weeks, said panel chairman Gerald Gates, administrative records program officer at the Commerce Department's Bureau of the Census.

Gates said the panel is sidestepping the heated controversy over encryption technology, which is viewed as a vital issue by many privacy advocates. Instead, the panel wants to create a government-backed privacy organization and develop rules for the "fair use of information" in an information-driven society, he said.

To ensure that companies don't unfairly collect and swap private data about consumers, such as what they buy, the state of their health and which groups they associate with, the panel is considering how consumers can learn how data about them is used, he said. Companies collect consumer data by tracking credit card purchases, medical procedures, on-line activities and magazine subscription lists to sharpen their marketing campaigns and better understand consumer preferences.

Gates' panel released a report late last year calling on industry to develop voluntary guidelines that protect consumers' privacy. The report is titled "Privacy and The NII: Safeguarding Telecommunications-Related Personal Information."

Also, the privacy czar will help U.S. officials negotiate international privacy protection measures with foreign countries, said Nelson. For example, the European Commission recently established a multinational policy that will hinder U.S. companies' efforts to collect and export data on European consumers.

Without international negotiations, any U.S. privacy rules could be undermined by other countries. But "the privacy problems are at home" not abroad, said Marc Rotenberg, a lawyer with the Washington-based Electronic Privacy Information Center. Citizens in Canada, Japan or in much of Europe already have much better privacy protection rules than U.S. citizens, he said.

To work, any U.S. privacy organization should investigate privacy abuses by companies, draw up a legally enforceable privacy code, and fight the government's plan for the widespread use of key-escrow encryption technology, said Rotenberg.

Government officials support key-escrow encryption technology, which allows the courts and the police to decipher encrypted messages or conversations among suspected criminals. But privacy advocates say the government policy compromises privacy, while industry officials say it hurts international sales of U.S. software.

The encryption battle reflects another problem for any government privacy scheme. Citizens "are worried about privacy from the government," said David Leach, a Democrat staff member working for the House Commerce Committee. A government organization intended to protect citizens' privacy would be seen by many citizens as "the fox guarding the chickens," he said.

"If the government has total and absolute responsibility, I see problems," acknowledged Gates. To prevent those problems, "there can be input from other sectors."

Industry officials, for their part, promote reliance on voluntary, industrywide guidelines. For example, the Interactive Services Association, based in Silver Spring, Md., is trying to develop a voluntary set of privacy rules for the on-line industry, which can track consumers' use of the World Wide Web and other on-line services to gather data about their subscribers' personal and spending preferences.

Privacy proponents are not waiting for the administration to complete its work. They hope to create a nationwide privacy law by amending a new medical privacy bill awaiting action in Congress. The bill, designed to help the medical industry pool and process consumers' health information, is sponsored by Sen. Robert Bennett, R-Utah, and Rep. Gary Condit, D-Calif. Advocates are trying to write an alternative bill that would meet the medical industry's needs, said Rotenberg.