May 2001 PPTE Feature -- Internet Privacy

MAY - JUNE 2001

Internet Privacy and the 107th Congress — the Issues at Stake on Capitol Hill

by Deborah K. Rudolph

Internet privacy issues have surfaced en masse as the worldwide web has become more and more developed. At the core of this issue is the fact that new technologies allow web site operators to collect, analyze and disseminate information about site visitors in ways that challenge — even threaten — the fundamental expectations most people have of personal privacy. Essentially, these technologies allow site operators to collect data and then use that information in ways that may or may not benefit the consumers, often without the consumers’ knowledge or consent.

Did you know…

Internet privacy is the number one concern of users

73 percent of Americans worry that criminals are using the Internet

70 percent of American Internet users want privacy protection

Is Legislation Necessary?

In determining whether legislation is necessary, we must take into account a plethora of considerations on the whole privacy issue. Most believe that consumer trust is a critical component of sustaining Internet development. In that light, 70 percent of consumers want privacy legislation. So the main issue may not so much be necessity, but rather what information should be covered by such legislation. What types of information should be collectable? How should site operators be able to collect the information? How should they be able to use it?

The list of questions and considerations goes on. Congress is looking at the privacy issue closely. In fact, more than 30 privacy bills have already been introduced in Congress this year alone, and the Chairs of both the House and Senate Commerce Committees have indicated that they will get privacy legislation passed during this 107^th Congress.

Key Principles

The current legislative interest is centered on key principles recommended by the Federal Trade Commission:

Notice – Web site operators should inform visitors of their privacy policies clearly and concisely, and should tell them how the information will be used

Choice – Operators should give visitors a choice to "opt in" or "opt out" of having their information used

Access – Consumers should be able to review their information and have an opportunity to correct errors or modify information

Preemption – Site operators should be guaranteed that they would not have to comply with individual state or other differing sets of local requirements. Right now, for example, 36 federal statutes related to disclosure requirements of sensitive information exist, and also 500 state laws related to using personal information in transactions. These existing statutes can apply differently in different states. Preemption would provide for one set of requirements across the board.

Where Does IEEE-USA Stand?

IEEE-USA issued its first position statement on Internet privacy in 1997 and continues to monitor the issue closely today. Specifically, IEEE-USA is urging policy makers to pass legislation that requires providers to inform visitors/users about what information is being obtained, stored, analyzed, sold or used in any way. Visitors should then have the right to audit or correct that information as well as choose to be included (opt in) or ask to be removed from the data compilation (opt out).

IEEE-USA will promote several principles for Internet privacy legislation as well. These principles include:

Data compilations should never be secret from the person who is the subject of the data

Individuals must be allowed to audit the data; they should be able find out what information is or will be stored about them

Individuals included in data compilations must be able to correct their information

Individuals should be able to find out how the information is being or will be used

"Opt in" should replace "opt out" as a means of maintaining a balance as information technology advances

These IEEE-USA positions will serve as the foundation of IEEE-USA activity:

Against Use of Universal Identifiers (Feb. 2001)

Internet Content Filtering (Feb. 2001)

Privacy On-Line (Nov. 1997)

Supporting Legislation to Control Unsolicited
E-Mail (SPAM) (Nov. 2000)

Privacy, Confidentiality and Security of Personal Health Information (Nov. 1998)

To review these positions, go to www.ieeeusa.org/forum/positions/

Make Your Voice Heard

You can speak out on this issue in several ways:

Write, call, fax or e-mail your Senators and Representatives. You can use IEEE-USA’s Legislative Action Center to do at: http://capwiz.com/ieeeusa/

Circulate this article and IEEE-USA’s Action Alert to friends and colleagues

Visit your Senators or Representatives in person. For guidance, go to: www.ieeeusa.org/forum/care

Join IEEE-USA’s Grassroots Privacy Network at: www.ieeeusa.org/forum/grassroots/privacy/

Participate in this month's reader poll Internet Privacy: Do We Have it Or Don't We?

Future issues of Policy Perspectives will cover such specific privacy issues as Internet Privacy: A Primer of the Policy Issues; Internet Security Versus Internet Privacy; and Balancing the Conflicting Needs Related to Internet Privacy.

Deborah K. Rudolph is Manager of IEEE-USA Technology Policy Activities.