FTC Report Raises Serious Questions By Industry Groups
The report concluded that self-regulation has not adequately protected consumer's online privacy, and that legislation is needed to supplement self-regulatory efforts and guarantee basic consumer protections. It is based on the results of the FTC's 2000 Survey -- its third annual review of the most-visited sites on the Internet. The survey found that 20 percent of the sites implemented fair information practices.
The FTC recommended legislation that would require commercial Web sites to implement such principles as notifying consumers what information is collected and how it will be used; the option to choose whether information can be shared with third parties; access to review collected data and security of that information
The Direct Marketing Association said yesterday that the FTC is completely unjustified in calling for government regulation of the Internet.
After reviewing the facts, the DMA said it found that the FTC went beyond the normal and accepted standards of privacy notices when it concluded that specific Web sites do not provide adequate online privacy protections to consumers.
In fact, on the contrary, according to The DMA, the FTC's findings clearly support the industry's claim that self-regulation is working. The commission's report found that 90 percent of surveyed commercial Web sites post privacy policies, up from 14 percent just two years ago.
"Even with this extraordinary industry compliance, the FTC is pulling away from its previously defined self-regulatory benchmarks and is setting different standards," said Jerry Cerasale, senior vice president of government affairs, The DMA. "These new rules are related to access and security -- which are as yet undefined -- and then the FTC faults industry for not meeting these undefined standards."
Cerasale said the FTC's own Advisory Committee on Online Access and Security, comprised of 41 consumer and industry experts, "failed to reach clear consensus on how to address access issues. Therefore, when there is no agreement on the proper level of access that should be provided, how can the commission possibly assess the adequacy of Web sites to provide access to information? The FTC's actions are unwarranted and out of step with the Internet."
Cerasale went on to explain that providing access to information on individual consumers can actually cause, rather than solve, privacy concerns for consumers. As a practical matter, stringent security precautions can be undermined when access is provided to consumers, thus placing that data in potential jeopardy. "Nevertheless, industry is actively addressing how 'access' can be implemented in appropriate ways to strengthen customer relationships," said Cerasale.
Administration officials were also lukewarm about the FTC's proposal. They said that the government should continue to rely on the industry to police itself and that the White House had a deeper interest in promoting privacy laws in other areas, including health care and financial services.
In a statement, Commerce Secretary William M. Daley said "we continue to believe that private sector leadership is a critical component to high-quality privacy protection online….Legislation will not be sufficient on its own, given the pace of technological change; the emergence of privacy challenges that neither we nor Congress can anticipate today; and the innovative privacy solutions that only the private sector can develop."
In addition, Daley said some self-regulatory programs are providing monitoring and dispute resolution procedures that can produce greater protections for consumers.
Commission officials are planning to testify before the Senate Commerce Committee on Thursday.