Who Has the Right to Know:? The Battle Over Consumer Privacy

July 7, 2008 - 8:02 PM

(CNSNews.com) - With many private citizens and businesses concerned about the erosion of privacy and the way personal information is collected and distributed, privacy issues - and the technology that can compromise it -- are increasingly surfacing
in policy and legislative debates.

Corporate executives and policy experts are hoping to chime in on the issue this week as they gather in Washington, D.C. for a Global Privacy Summit, designed to lay out the terms of a technology and privacy agenda for both businesses and politicians alike.

With technology advancing by leaps and bounds, gathering information on people is easier than ever before. That's why consumer groups, legislators and businesses are calling for greater restrictions on what and who has the right to collect personal
information.

"Comprehensive privacy legislation [at the federal level] is needed," said Gary Clayton, president and CEO of the Privacy Council, a for-profit business that is developing privacy software and advocating federal legislation on privacy.

But corporate America isn't the only source of concern on the matter. Privacy will be "a big policy issue for years and years to come," said Dan Camprio, spokesman for Federal Trade Commissioner Orson Swindle. "Internet privacy is just one component," he said.

The privacy summit plans to address some of these issues, and it will be drawing on some high profile names in that effort. Vice President and Democratic presidential nominee Al Gore is tentatively slated as the summit's keynote speaker. Senator John McCain (R-AZ) is also scheduled to speak, along with business executives and other Members of Congress. Conference sponsors include US Airways and Price Waterhouse Coopers.

The conference will become part of the growing national debate over who has rightful access to the most personal and trivial information about our lives, and what should be done to restrict such access. But the complex web of technology and competing personal, corporate and government interests makes finding a solution no less complex.

Big Business or Big Government: Who Sets the Standards for Privacy?

Looming large over the summit will be the question of how and whether to devise a standard for privacy protection amid the myriad technologies and governments involved in the issue. "There shouldn't be as many standards [of privacy protection] as there are businesses" or state legislatures, said Clayton. "Consumers and employees shouldn't have to read through every company's policy" to figure out how their information will be handled, he said.

Clayton is calling for so-called "opt-in" legislation, which would require consumers to explicitly grant their consent whenever information about them is collected or distributed.

For example, according to Clayton, the government could require grocery stores offering shopper discount cards to tell consumers how the store is using the information they collect about the customer and their purchases by requiring signed permission.

But not everyone agrees that consumers and businesses want or need that kind of protection. Solveig Singleton, director of information studies for the Cato Institute, said consumers, the economy and personal freedom would suffer under the standards laid out by the council. According to Singleton, there's a big difference between the protections people need from business compared with safeguarding their privacy from the government.

"Because government has unique powers to arrest you, privacy restrictions on the government are very important," said Singleton. But she also said citizens should have greater freedom to collect information.

"As a matter of good business, you may want to make [your policies on privacy plain] to whoever you're dealing with so they come back and they're good customers," said Singleton.

But "there's enormous benefits to consumers that come out of the use of information by private sector companies in the economy," said Singleton.

Singleton cited credit reporting as an example of such benefits. Before there was credit reporting, "If you wanted to borrow money, you had to know the store-keeper personally or be on good terms with the local banker," she said. "Credit reporting [arose] to allow creditors to control their risk and, as a result, today even consumers with bad credit records can obtain some kind of credit."

The Impact of the Internet

Opt-in plans could change that. "You can't get people's permission to put [bad credit information] in the system, because then they would simply say, anytime they had a bad debt, 'no, thank you, I'd rather you not report that.' And so the whole system would break down," said Singleton.

The Internet has compounded many privacy concerns and in May, a majority of the FTC recommended Congress pass legislation to regulate on-line privacy. But at least one member of the presidentially-appointed commission, Orson Swindle, takes Singleton's view that opt-in legislation is not the solution to ensuring consumer privacy.

Instead, he favors "opt-out" legislation that would allow consumers to tell a company when they don't want their information collected or used a certain way.

"Here's the bottom-line problem with opt-in [legislation]: a certain number of consumers, 10 to 20 percent, really care about how their information is handled on-line," said Swindle spokesman Dan Camprio. "Commissioner Swindle says, 'give people the ability to opt-out.'"

"But the rest of the people who aren't as concerned should be able to barter and exchange information," said Camprio. "Opt-in puts everyone in the category of being highly concerned."

Instead, said Camprio, Swindle believes that "industry should be leading the charge to promote strong privacy protections because of their expertise and profit incentive."

"Regulation should be reserved for times when the market fails," said Camprio. "That's not the case here."

Standards are Only Step One

Even if the next Congress and president agree to a set of standards for consumer privacy, enforcement and compliance will present additional challenges. Clayton, who predicts Congress will pass comprehensive privacy legislation in the next two years, acknowledges that success at enforcing standards will be "iffy," especially over the Internet.

Singleton shared some of Clayton's concerns and pointed to the problems businesses might face complying with new laws. "All [privacy] legislation is way too vague and broad to do any good [for the consumer], and [its vagueness] exposes businesses to a lot of liability," said Singleton.