ICANN/DNSO
DNSO Mailling lists archives

[ga-sys]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga-sys] US Privacy Issue - Fair Information Practice Principles


Joanna and all,

  I am now, and have been convinced that "Self Regulation" with respect
to the ICANN BoD is not working and is not likely to work.  The Whois
privacy issue is just one of several examples where the old shell game
has been used on the Stakeholders and the public trust has been
abused by this ICANN BoD....

Joanna Lane wrote:

> http://www.ftc.gov/os/1998/9803/privacy.htm#N_24_
>
> PREPARED STATEMENT OF THE FEDERAL TRADE COMMISSION ON "INTERNET PRIVACY"
> Before the SUBCOMMITTEE ON COURTS AND INTELLECTUAL PROPERTY of the HOUSE
> COMMITTEE ON THE JUDICIARY, UNITED STATES HOUSE OF REPRESENTATIVES,
> Washington, D.C., dated March 26, 1998.
>
> <snip>
>
> Many consumers care deeply about the privacy and security of their personal
> information in the online environment and are looking for greater
> protections.(23) During the Commission's first privacy workshop, a consensus
> emerged among workshop participants regarding four important considerations
> that would assist in protecting online privacy. These considerations
> include:
>
> NOTICE concerning Web sites' information practices, i.e., how commercial Web
> sites will use personal information they collect from consumers;
>
> CHOICE in how Web sites will use consumers' personal information;
>
> ACCESS to consumers' own information collected, maintained, or used by Web
> sites;
>
> and SECURITY of consumers' personal information maintained by Web sites from
> improper or unauthorized use by third parties.(24)
>
> <snip>
> Commitment to Self-Regulation
>
> The Commission has also learned that members of the online industry are
> aware of the need to address consumers' concerns. Throughout the series of
> Commission workshops on these issues, the online industry has asserted that
> self-regulation is the most efficient and effective means of creating online
> privacy protections.
>
> ___________________________________________________________________
>
> (About 2 years later, the FTC posted its third report, claiming consensus
> for strikingly similar recommendations to those made earlier.)
> _____________________________________________________________________
>
> http://www.ftc.gov/reports/privacy2000/pitofskystmtonlineprivacy.htm
>
> STATEMENT OF CHAIRMAN PITOFSKY
> Privacy Online: Fair Information Practices in the Electronic Marketplace
> May 22, 2000
> ------------------------------------------------------------------------
>
> The Commission today issues its third report on the extent to which
> self-regulation is providing or is likely to provide protection for
> consumers against unjustified invasions of privacy in the online world.(1)
> There is now wide agreement on the required elements of privacy protection,
> referred to as the Fair Information Practice Principles. With respect to
> personally identifiable information, an adequate privacy program should
> include:
>
> 1. Notice -- clear and conspicuous -- of what information is collected from
> consumers, how it will be used by the collecting parties and whether it will
> be disclosed to other entities;
>
> 2. Choice which offers the opportunity for consumers to decide whether they
> want their personally identifiable information to be used for any purpose
> other than completion of the transaction. Choice encompasses both internal
> and external uses of such information.
>
> 3. Reasonable access by consumers to review the information collected on
> them and a reasonable opportunity to correct any errors or delete the
> information.
>
> 4. Adequate security within the company as to how information will be
> handled.
>
> <snip>
>
> Also, when we probe beneath the surface and assess compliance with the Fair
> Information Practice Principles, a less than encouraging picture emerges.
> For example, only 20 percent of the Web sites in the random sample implement
> each of the four principles.(7) The fact that only one in five of the
> busiest commercial Web sites provides basic privacy protections is
> disappointing. Also, in the most popular group, the percent of sites
> satisfying the four criteria is only 42.(8)
>
> Even if we use a less exacting analysis, recognizing in part the
> difficulties associated with satisfying Access and Security standards, which
> the Advisory Committee's report cogently highlighted, the numbers remain
> troubling. Taking Access and Security out of the picture, and looking solely
> at the data for sites that implement only the principles of Notice and
> Choice, we find, for the random sample, we have 41 percent compliance; 60
> percent in the most popular group.(9)
>
> Finally, the results of the seal program survey were particularly striking -
> 8 percent in the Random Sample; 45 percent in the most popular group display
> a seal.(10) These numbers speak for themselves. Efforts to monitor and
> enforce standards have barely scratched the surface.
>
> The question is not whether industry self-regulation has passed or failed a
> test. The question rather is whether the progress of online implementation
> of Fair Information Practice Principles continues to suggest that no
> legislation is warranted. Notwithstanding tangible gains, based on the
> overall data, a majority of the Commission finds that self-regulation alone,
> without some legislation, is unlikely to provide online consumers with the
> level of protection they seek and deserve. Accordingly, a majority of the
> Commission recommends that Congress consider legislation to complement
> self-regulation.
>
> Despite this conclusion, I want to emphasize that there will continue to be
> an important role for self-regulation in ensuring the protection of privacy.
> The private sector has every incentive to engage in effective
> self-regulation so that electronic commerce reaches its full potential. I
> continue to support self-regulatory initiatives and believe they are vitally
> needed to complement any legislation in this area.
>
> Also, it is imperative that any such legislation not be unduly burdensome or
> expensive. It must energize, rather than hamper, the important aspects of
> consumer welfare provided by a fully developed online commercial market
> place. In particular, many important issues remain that will need to be
> addressed by Congress and others. The Advisory Committee's report spotlights
> the complexities surrounding implementation of "Access." Substantial
> questions remain as to how much access is "reasonable," to what types of
> information access should be afforded, and at what cost to the business
> community and to consumers. The answers to these questions are not
> self-evident and will require careful consideration. Also, while issues
> surrounding "Adequate Security" may prove less daunting, they too present
> challenges.
>
> In addition, the Commission has become increasingly aware, as discussed in
> portions of the Advisory Committee report, that it is difficult to
> distinguish between consumers' privacy rights in the online universe, where
> consumers may provide personal identifying information in connection with
> purchase of a product on the Internet, and the offline world, where there
> are many arrangements whereby consumers provide personal information such as
> in connection with filling out warranty cards or applying for magazine
> subscriptions. Clearly, numerous offline commercial activities can also be
> accomplished online. We did not set out to study in detail the information
> practices in the offline area, and therefore will note only that there may
> be little reason to distinguish among consumer privacy rights online and
> offline in the future.
>
> In sum, consumers should not have to forfeit their privacy online in
> exchange for the rich benefits of e-commerce. A well-crafted approach, in
> fact, will benefit the growth of e-commerce and provide important
> protections to consumers. The Commission's legislative recommendation does
> not, in my view, signal a rejection or failure of self-regulatory
> initiatives. Rather, based on what I have seen to date, legislation is now
> needed to ensure consumers' online privacy is adequately protected. I
> strongly urge self-regulation to complement any legislative actions in this
> area.
>
> ___________________________________________________________________________
>
> Regards,
> Joanna
>
> --
> This message was passed to you via the ga-sys@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga-sys" in the body of the message).
> Archives at http://www.dnso.org/archives.html

Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 118k members strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number:  972-447-1800 x1894 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208


--
This message was passed to you via the ga-sys@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-sys" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>