Collecting and Using User Information
Newspaper Web site data subpoenaed
The Ventura County Star was subpoenaed by defense attorneys in a murder
case for information about people who have used the newspaper's Web site.
The subpoena asks for unpublished email and demographics of people who
participated in an online survey about the case. The Web site detailed
the murder trial. The newspaper believes that the subpoena invades legally
protected discourse between the readers and the newspaper. (October 16,
1997)
CPAs to monitor electronic commerce
The American Institute of Certified Public Accountants and the Canadian
Institute of Chartered Accountants have developed a project to ease consumers'
fears about engaging in commerce online. CPA WebTrust is designed to monitor
electronic commerce practices and certify their integrity. The CPA groups
recognize the Internet's potential as a profitable marketplace but believe
that consumer fear is the main inhibitor. The program, among other things,
will make sure that consumer's information is protected by an adequate
level of encryption and verify that nothing more is done with that information
than what the company claims on their Web site. If a company meets the
criteria, WebTrust will issue a seal of approval that can be placed on
the site. (October 14, 1997)
Four banking groups agree on privacy guidelines
To demonstrate their commitment to address customer concerns about personal
privacy, four banking groups agreed on principles to protect information
about consumers. The banking groups represent nearly all the nation's commercial
banks. The banking groups adopted the following principles:
-
banks should recognize customers' expectations of privacy;
-
customer information should be used, collected, and retained only if the
bank believes the customer would benefit; and
-
bank employees' access to records should be limited. (September 20, 1997)
Bill calls for greater Net and cell phone privacy protection
A bill has been introduced to Congress that would bar companies from disclosing
or using people’s medical or financial records that are available online.
The bill would also require companies to adopt guidelines to protect user
privacy when personal information is collected from them online for marketing
purposes.
A separate bill would increase penalties against people who eavesdrop
on cellular telephone conversations and then pass the contents to another
party. The bill would also render illegal the modifying of a radio scanner
to pick up cellular phone calls. (September 3, 1997)
Hightech companies propose Web privacy solutions
In order to eliminate the need for federal regulation of Web privacy issues,
several companies are unveiling proposals for protecting personal information
on the Web. The proposals are intended to combat the ability of Web sites
to plant information-tracking data files on a user’s computer. Under one
proposal, called the P3 standard, Web-browsers would block sites whose
information policies do not match the user’s stated privacy preferences.
Another privacy proposal would have Web sites declare what information
they gather, and would audit the sites to make sure they adhere to their
standards. (September 3, 1997)
Internet commerce depends on consumer confidence in security
A consulting group has projected that consumer commerce on the Internet
will be about $6 billion by 2000 but that it could be about $12 billion
if consumers’ privacy concerns are addressed. Many consumers currently
feel uneasy about providing information on Web sites because they don’t
feel that their personal privacy will be respected. (September 3, 1997)
Database industry adopts guidelines for privacy online
Eight major providers of personal information online, including Lexis-Nexis
and two national credit agencies, have adopted the database industry’s
first voluntary privacy standard. Under the standard, information from
nonpublic sources (like social security numbers) will be displayed only
to certain subscribers, such as law enforcement officers. In addition,
each firm will disclose sources and uses of data upon request. (September
3, 1997)
Online publisher adopts privacy plan
McGraw-Hill, a major publisher of online information, announced that it
will collect personal information on its 60 Web sites only when it needs
the information for a legitimate business purpose. The company will not
sell sensitive data like salary or medical information. However, privacy
advocates remain concerned that without legislation that would impose penalites
on Internet companies that violate people’s privacy, a company will have
little incentive to adhere to any privacy standards. (September 3, 1997)
PC users want Net laws for privacy
According to a recent survey, 58% of computer users are so concerned about
privacy on the Internet that they want the government to pass laws about
how data can be collected and used.
(September 3, 1997)
Kids' privacy online feared
Children's advocates are contending that marketers are violating kids'
privacy online and that current industry guidelines and parental control
technologies are not enough to protect them. The Center for Media Education
is calling for enforceable regulations requiring that those who collect
personal data from kids disclose its use and obtain written parental consent.
Although parental control software exists, some question its adequacy.
(September 3, 1997)
Company audit covers Internet privacy
The audit of Firefly, a company that gathers personal information about
online users, included an examination of the company’s privacy policies
and procedures. Firefly promises that users email addresses will not be
shared for marketing purposes without users’ prior consent and that customer
profile information will be used only in aggregate form. To bolster their
promises Firefly underwent an independent audit of its internal policies
and controls. Follow-up audits will be conducted twice each year.
(September 2, 1997)
Smart card makers agree on privacy standards
Facing consumer worries about privacy, the Smart Card Forum, a group of
200 companies promoting the use of smart cards, adopted guidelines to restrict
the use of information contained in the cards. The guidelines also give
consumers the ability to choose how their personal information can be used.
Smart cards are plastic cards computer chips that have memory and can communicate
with other computers. They can be used on telephone calling cards, electronic
tokens for busses, and credit and debit cards. (September 2, 1997)
Personal data about Web users a valuable commodity
Information about Web users is highly valuable. In the past, businesses
were forced to buy it from marketing research companies. But on Web sites,
businesses uses sophisticated technology to collect user data themselves.
In many cases, users are not aware that their activities are being monitored.
(August 29, 1997)
Federal Web sites lack privacy rules
A study by a watchdog group concluded that there is no government-wide
policy regarding privacy concerns on federal Web sites. Although federal
Web sites frequently request information from visitors, many of the sites
fail to explain how a federal agency will use the information. By failing
to tell visitors why the information was collected and how it would be
used, the agencies violated the federal Privacy Act of 1974. The lack of
a federal policy on privacy could impede the development of governmental
sites that would give the public access to records. (August 28, 1997)