Internet Privacy Watchdog Delayed
http://www.washingtonpost.com/wp-srv/digest/wtech001.htm
Robert O'Harrow Jr.
Washington Post Staff Writer
Development of an Internet privacy watchdog, to assess whether online
companies use personal information properly, is behind schedule and may
not be complete until the end of March.
The delay is the latest wrinkle in the Clinton administration's efforts to
promote industry self-regulation as an alternative to broad privacy
legislation, which administration officials and others worry might impede
growth of electronic commerce.
White House officials have repeatedly said independent oversight of
self-regulation is crucial. Last summer the administration dropped threats
to push for legislation after industry leaders and the Council of Better
Business Bureaus said it would create a system to assess privacy policies
and review complaints by the end of the year.
But now, as the council prepares to demonstrate its nascent program at a
White House event Monday, officials acknowledged that it's not operational
and that questions remain about how it will work and how many businesses
will use it.
"It just took more time than we originally thought," said Russell Bodoff,
chief operating officer of BBBOnline, which will run the program. "I think
there's a confidence level that we're on track . . . but there's no
evidence I can give to you that American business in general is going to
buy into this."
Under the council's plan, an electronic seal would be used at World Wide
Web sites operated by companies that meet a set of privacy guidelines.
Companies would have to spell out how they gather information and use it,
and give consumers a way to make sure the information is correct. They
also would have to agree to work with the council to resolve consumer
complaints or risk losing the right to use the seal.
Pressure is building on industry leaders and the White House to follow
through on pledges to prompt companies to issue privacy policies and then
to stand by them.
European officials have warned that U.S. companies – now subject to tough
new privacy rules that took effect in 15 European Union member countries
last month – could lose access to personal data in those countries unless
an effective system is put in place.
The Federal Trade Commission also is keeping a close watch. In July,
Chairman Robert Pitofsky told Congress his agency would support online
privacy legislation if industry fails to create a self-regulation system
by the end of the year.
David Medine, FTC director for financial practices, said in an interview
the agency first wants to see how many online companies have posted
privacy policies. Then it will turn its attention early next year to the
council's enforcement program. Medine said the FTC is "making the big
assumption they will be" ready.
Privacy advocates also want evidence of progress. Deirdre Mulligan, staff
counsel of the Center for Democracy and Technology, said she hopes a
credible self-regulation scheme will fly. But she said the White House has
to continue to press industry to come up with an enforcement program with
teeth.
Mulligan said of people pushing self-regulation, "they have a credibility
problem." She added, "they have to make a deadline, and they have to stick
to it."
Evan Hendricks, a privacy advocate and publisher of Privacy Times, said he
believes that the delay is another sign that self-regulation may not be
workable. "How much more evidence do we need," he said.
White House adviser Ira Magaziner played down the delay, saying he
believes that the council will deliver an effective system. He said the
group will demonstrate its progress at the White House event Monday.
"Do I wish it were up and running? Yes, of course," said Magaziner, senior
adviser to the president for policy development, who added that the
program is six to eight weeks behind schedule. "It's not alarming . . .
They're trying to do something different, something new."
A nonprofit group called TRUSTe already provides an oversight service,
including an electronic seal. But it was a fledgling operation at the
beginning of the year, and White House officials and others wanted an
organization with the reach of the Better Business Bureau and the
experience of resolving consumer complaints.
Meanwhile, TRUSTe has experienced huge growth this year and likely will
play a significant role in providing privacy oversight. The number of
companies licensed with TRUSTe has increased from 40 at the end of last
year to about 450 now. That includes Yahoo Inc., America Online Inc. and
Microsoft Corp.
Bodoff of BBBOnline said scores of companies, including some of the
largest in the nation, also seem enthusiastic about the council's
initiative. More than 120 companies volunteered to participate in a field
test of the group's privacy assessment, for example, even though only
about 40 were needed. The outcome of that test will be released in a few
weeks. The group also has received industry commitments for $2.3 million
to launch the initiative.
"We're trying to enhance the technology and ease of use for both business
and consumers, which is why we won't be launching until the first quarter
next year," Bodoff said. "You want it launched correctly."
Among the questions that remain unanswered is how to draw in large
companies that decline to join any seal program. Officials at McGraw-Hill
Cos. have indicated they won't participate, in part because they already
have a strong record for protecting customer privacy.
"We don't see it as a one-size-fits-all solution," McGraw-Hill spokesman
Neal Allen said. "We want our customers to come to us to resolve their
problems. . . . We have a system that works well for us."
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Tue Dec 8 08:59:04 1998