Business leaders fear new legislation proposed last week by Reps. Tom Campbell, R-CA, and Tom Udall, D-NM, establishing a federally sanctioned Web privacy seal program could set the stage for increased government oversight of vast amounts of commercial online content if passed by Congress.
The bill calls for the Federal Trade Commission to establish and award online seals of approval for commercial Web sites that agree to adhere to a consumer privacy protection standard far stricter than those currently guaranteed by the two leading online seal programs, BBBOnline, New York, and TRUSTe, Washington.
However, at the lesser-known but more rigorous seal program WebTrust, spokesman Christopher Leach said his organization's standards already meet the guidelines in the Campbell-Udall bill. WebTrust is owned by the American Institute of Certified Public Accountants.
“When we were outlining the standards for the WebTrust seal, we looked at the European Union laws on privacy, which are the most stringent,” Leach said. “We also looked at what the Australian laws said and what was being proposed in Canada.”
Under the rules proposed by the lawmakers, Web sites could display a free, government-backed seal of approval that would be issued by the FTC in exchange for a voluntary but contractual and legally binding commitment to:
* Collect only personally identifying information that has been authorized in advance by the consumer.
* Keep the information up to date.
* Not use the data for any purpose other than what was specified at the time of collection.
* Give the individual access to the information to verify its accuracy.
According to guidelines the lawmakers want, the FTC seal could be revoked or presumably used as a means of establishing a prosecution case against the company if violated.
Officials at the Direct Marketing Association were not ready to take a position on the bill, said spokesman Stephen Altobelli. “We do have concerns about any government requirements for additional layers of regulation or bureaucracy that would be onerous to Web site operators,” he said.
Mark Uncapher, vice president and legal counsel for the Information Technology Association of America, said passage of the legislation — even though proposed as a voluntary compliance measure — could easily set the government traveling down a road toward more overarching rule-making.
“If this is passed, I think it could well become the standard for some kind of future action,” he said.
FTC chairman Robert Pitofsky said last year that the agency is not looking to extend its authority over the online world. But, Uncapher noted, “industry has responded quickly to issues, but the privacy standard has changed quickly as well.”
The sticky areas continue to surround issues of security and access, particularly in the healthcare setting. “You're dealing with a moving target,” he said. And legislators are starting to notice that U.S. privacy policy is running increasingly counter to those of other countries.
For instance, at ShopSCS.com, a Toronto-based online computer retailer that bears the WebTrust seal, chairman and CEO Dan Schneeweiss said the future of “our business is based on Internet transactions. We want our customer to know that when they buy on our site that everything is secret. We don't share information with anyone, and I'm very confident about the job that was done on behalf of [our WebTrust administrator].”
The plan being proposed by Campbell and Udall, if passed, would offer a much more powerful indicia with the name of the U.S. government behind it.
