FTC Director Outlines Year in Privacy
Despite those benefits, said J. Howard Beales, director of the bureau of consumer protection at the FTC, "consumers are concerned about privacy."
He outlined what the commission has done to protect consumers over the past year under the FTC's new privacy agenda.
FTC chairman Timothy J. Muris set forth the new agenda Oct. 4, 2001. When announced, the focuses included increasing privacy resources and enforcing existing laws relating to privacy, such as the Fair Credit Reporting Act, Gramm Leach Bliley and the Children's Online Privacy Protection Act.
Specific actions the commission said it would explore included creating a national do-not-call list, cracking down on deceptive spam, controlling identity theft, stopping misuse of financial information, enforcing privacy policies, improving complaint handling and holding consumer workshops.
Beales cited several actions taken by the FTC over the past year that show its commitment to its privacy agenda.
He said that a national do-not-call registry would be in place by December as an "early Christmas present." More than 42,000 consumers weighed in favor of such a measure, he said, more than ever before for an issue.
In the past year, the FTC investigated many firms on privacy issues, such as Eli Lilly for accidentally releasing e-mail addresses of more than 600 customers, Microsoft for privacy concerns with its Passport data storage system and 14 spam incidents.
The FTC keeps a database of spam, dubbed the "refrigerator," which receives 70,000 spam messages per day, Beales said.
As for existing legislation, Beales said that the commission has seen good COPPA compliance. He also said the FTC was moving out of the education mode regarding Gramm Leach Bliley and moving into assessing compliance.
While admitting that the commission was still learning how the list industry works, Beales said that it was looking into list practices as well. One area he mentioned was the type of notice given at the point of data collection.
Collier Shannon Scott PLLC, a law firm specializing in advertising, marketing, e-commerce and privacy law among other areas, hosted the session. The event was co-sponsored by data privacy security and compliance solution provider Privastaff, San Jose, CA.