On-Line Privacy Codes on Track

P> To avoid congressional action, the on-line industry has started writing a consumers' privacy protection code.

Industry's effort is being led by Robert Smith, director of the Interactive Services Association in Silver Spring, Md. The code will be voluntary, he said, and its details will be decided by summer, after negotiations with companies such as CompuServe Inc., Columbus, Ohio, and America Online Inc., Vienna, Va.

Only "if we get our act together early" can the industry avoid a repeat of its failure to limit on-line smut, which eventually helped Sen. James Exon, D-Neb., win widespread support for his on-line censorship measure, said Smith.

"This very young industry should be given an opportunity... to develop our rules," without government intervention, he said.

One source of pressure for Smith and the on-line industry is the Federal Trade Commission, which held two public hearings on on-line privacy and is developing voluntary guidelines for the industry. However, there are no plans to make the guidelines mandatory, said Becky Burr, a privacy specialist at the commission.

Also, a draft congressional privacy measure is being prepared by an ad-hoc group of privacy proponents who oppose the medical privacy bill being pushed by Sen. Robert Bennett, R-Utah, Sen. Patrick Leahy, D-Vt., and Rep. Gary Condit, D-Calif. A Senate committee will review the bill next month, and the House plans to schedule hearings on the legislation later this year.

"It is a terrible bill" because it is intended to ease the industry's nationwide collection and transfer of customers' medical data by preempting numerous state privacy laws, not to protect customers' privacy, said James Love, the director of the Washington-based Consumer Project on Technology. The group is an offshoot of Public Citizen, a Washington-based lobbying organization run by Ralph Nader.

The Bennett/Leahy bill could be changed to allow the health industry to share health-related data, while protecting consumers' privacy, Love said. For example, tighter restrictions should be imposed on who can store or examine consumers' health records, he said. "There should be more government regulation.... It is a do-able thing to win something in this area," Love said. "It is an issue that has legs."

But Love declined to cite congressional supporters of his draft legislation, and in fact, his coalition's proposal faces opposition from the on-line industry and from some privacy proponents. It is "focused not on privacy, but on opportunistic politics," said Janlori Goldman, deputy director of the Washington-based Center for Democracy and Technology. The medical-privacy bill will provide greater privacy protections than any federal or state law, and can be modified to further limit the rights of law enforcement and government officials, she said.

Goldman has set up a Privacy Forum to help privacy proponents, executives and government officials draw guidelines to allow people to shape how much of their personal data is stored or sold by companies. Without such protection, companies could monitor consumers' on-line transactions to learn their spending habits, health records, political beliefs and addresses, she said. Loss of on-line privacy "is an enormous issue for people," she said.