Time Is Running Out for Internet Self-Regulation

Infotech and the Law David Nadler

David Nadler

Time Is Running Out for Internet Self-Regulation

For several years, the Clinton administration has prodded private industry to seize the initiative and institute self-regulation to protect personal data on the Internet through voluntary guidelines as an alternative to federal regulation.

The administration has been reluctant to regulate out of fear of impeding the burgeoning growth of online commerce, which is expected to reach $54 billion by 2002.

The Federal Trade Commission and Department of Commerce have spearheaded efforts to encourage self-regulation by hosting workshops with the online industry to help develop standard privacy guidelines. To date, industry has made little progress in satisfying the administration's Internet privacy concerns.

Ira Magaziner, the president's Internet policy guru, has warned that time may be running out for industry self-regulation.

Already the FTC has concluded that industry efforts governing the online privacy of children are inadequate. The agency has called for legislation to give parents control of the online collection and use of personal information about their children by requiring actual notice to parents and explicit parental consent.

Myriad bills have been introduced in Congress to address this and other aspects of Internet privacy.

The European Union's Data Protection Directive may enhance pressure on the Clinton administration to abandon an industry-led solution for Internet privacy. The directive is slated to become effective Oct. 25 and requires any nation that trades personal information with EU member states to adopt similar privacy standards. The directive precludes the transfer of personal information about EU citizens to nations determined to have inadequate Internet privacy safeguards in place.

It is not likely that the United States will convince EU regulators that the online industry's existing voluntary privacy standards are sufficient, which could ignite an Internet trade war.

Effective privacy protection is necessary for the continued growth of electronic commerce. Surveys reveal that consumers are reluctant to purchase products over the Internet or divulge personal data out of fear their information will be compromised.

Indeed, a wide variety of personal information is systematically collected online. Personal data can be combined with transactional data to produce detailed consumer profiles. Consumers' personal information is collected through online registration, surveys, contest entry forms, order forms and public records, including court records, property records and motor vehicle records.

Web sites also use "cookies," a file saved to a consumer's computer, to track consumer preferences and offer products and advertisements tailored to an individual's tastes upon a return visit to the site. Consumers generally have no effective means to prevent companies from selling personal information compiled on them to others and have no means to correct errors.

Several highly touted industry self-regulation initiatives are widely considered failures. Industry has greeted the TRUSTe program, for example, with apathy. Only about 150 companies have joined this initiative, which establishes a standard logo for placement on Web sites to designate sites that have voluntarily adopted stringent TRUSTe-approved privacy practices.

Online consumers can click on the TRUSTe icon to obtain a copy of the privacy practices statement. TRUSTe licensees must agree to be audited by third parties to verify compliance with the posted privacy policies so the logo can function as a seal of approval.

Not only are online companies reluctant to adopt TRUSTe's strict privacy policies, according to a recent FTC report the vast majority of online companies are not even taking the rudimentary step of posting a statement that discloses their privacy policies.

The FTC surveyed 1,400 Web sites and found that while 92 percent of commercial Web sites collect personal information, a mere 14 percent provide any notice of their privacy policies and only 2 percent provide notice by means of a comprehensive privacy practices statement.

Other efforts at self-regulation are also unimpressive. In December 1997, 14 members of a trade group consisting of companies that provide database services used to locate, identify or verify the identity of individuals, released self-regulation guidelines for Internet privacy.

The guidelines prohibit distribution to the general public of sensitive, nonpublic information, such as Social Security number, mother's maiden name and date of birth, which can be used to gain access to personal financial data for fraudulent purposes.

This same information, however, can be sold to licensed businesses if gathered from a public record. The guide - lines are a modest first step designed to forestall com - prehensive federal regulation rather than an effective privacy shield.

Pressure is mounting on the Clinton administration to abandon its hands-off approach. Time may run out for self-regulation as the FTC is expected to unveil new Internet privacy recommendations this summer.

David Nadler is a partner in the Washington law firm of Dickstein Shapiro Morin & Oshinsky LLP. He may be contacted at NadlerD@dsmo.com. Edward Kirsch, an associate with the firm, contributed to this article.

Copyright 1998 Post-Newsweek Business Information, Inc. All rights reserved

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.