For Release
FTC Outlines Steps for Commission Action on Consumer Privacy Issues in Letter to Congress
In a letter to Senator John McCain, Chairman of the Senate Committee on Commerce, Science and Transportation, and Congressman Thomas Bliley, Chairman of the House Commerce Committee, the Federal Trade Commission summarized preliminary findings from the Commission's Public Workshop on Consumer Privacy held in June, and outlined several steps the Commission will undertake in the next year to address consumer privacy issues. The letter addresses the four major topics covered by the Workshop.
Computerized Databases
The Commission's letter notes that a number of major database companies that operate as "look-up" services began to address the widespread concerns raised by the collection, sale, and use of computerized databases that contain identifying information about consumers. During the workshop, the companies offered a "preliminary self-regulatory proposal to limit the availability of sensitive information, to ensure the accuracy and security of this information, and to educate consumers about their practices." The Commission's letter identifies some key issues that Workshop participants and Commission staff believe still need to be addressed: "preventing misuse of personal information; providing consumers with sufficient access to their own information to correct inaccuracies; avoiding undue chilling of the free flow of information for legitimate purposes; assessing the effectiveness of self-regulatory guidelines and enforcement mechanisms; and examining the extent to which government action, if any, may be needed."
These issues will be examined in detail in a report of an ongoing study of computerized databases that will be submitted to Congress by the end of this year.
Unsolicited Commercial E-mail
During the Workshop, research was presented that indicated that unsolicited commercial e-mail is disliked by almost all consumers who receive it. One clear result of the Workshop was that a "disparate group, including senders of unsolicited commercial e-mail, technology experts, and privacy advocates, has committed to develop a voluntary response to consumer and industry concerns and to report back to the Commission in 6 months," the letter states. Commission staff will monitor this effort. Commission staff also is monitoring unsolicited commercial e-mail to see if it involves the fraudulent offering of products or services or other practices that could be unfair or deceptive and therefore in violation of the Federal Trade Commission Act.
Consumer Online Privacy
Consumers are concerned about the security and confidentiality of their personal information in the online environment, and as the Commission letter points out "they are looking for greater protections, preferably from voluntary efforts by industry, but if necessary from government." The Workshop produced a great deal of interest and participation by industry members who demonstrated different approaches to protecting online privacy. However, as the Commission points out, "Self-regulatory approaches and emerging technological tools will be effective in protecting online privacy only to the extent that they are widely adopted by Web sites and, in the case of technology, are readily available to consumers and easy to use."
Commission staff is committed to assisting industry and consumer groups in educational efforts that will prove essential if consumers are to have confidence in the World Wide Web. Commission staff also will "monitor the [Web] . . . to determine the extent to which commercial Web sites are disclosing their information practices and offering consumers choice regarding the collection and use of their personal information online," the letter states. The letter notes the Commission's hope that by "March 1, 1998 . . . a substantial majority of commercial Web sites are clearly posting their information practices and privacy policies." The letter adds that Commission staff will be looking to see whether Web sites are honoring consumers' privacy preferences.
A follow-up report on these online consumer privacy issues will be submitted to Congress on or before June 1, 1998. "Our recommendations, if any, will take into account whether the initial efforts demonstrated at the Workshop are translated into broader industry progress toward effective self-regulation," the Commission said.
Children's Online Privacy
The Workshop revealed that online information collection from children poses unique problems. Discussion at the Workshop produced important information about: parents' attitudes about children's privacy concerns; Web sites' information collection practices; industry proposals and technological responses. The Commission's letter to Congress presents a summary of the survey data presented at the Workshop and concludes that "[i]nformation presented at the Workshop indicates that numerous Web sites are collecting a variety of personal information from children without providing effective notice to parents, although there was less information about how and in what form the data is used once collected." The testimony at the Workshop from the FBI and Justice Department also revealed that online activities that allow children to disclose personal information are "rapidly becoming one of the most prevalent sources used by predators to identify and contact children," the letter states.
Recently released self-regulatory guidelines are the beginning of an industry effort to educate Web sites on collection and use of children's information. The Commission points out in its letter, however, that while the guidelines do require notice and some choice over disclosure of personal information to third parties, "the guidelines do not make clear what specific steps would satisfy these obligations." In addition, the letter noted that the "extent and speed" of compliance are essential elements in analyzing whether the government should act. According to the letter, "the staff will continue to pursue a dialogue with industry about the desirability of FTC guidelines in the area of children's online privacy."
The Commission also reported on the importance and development of technological tools to protect children's privacy online noting that the effectiveness of these tools "will depend on their widespread adoption by industry and parents."
In order to address concerns about online information collection practices from children, the Commission said that its staff will continue to review these practices by commercial Web sites in order to ascertain if any are engaging in deceptive or unfair practices that would be illegal under the FTC Act. The FTC's Bureau of Consumer Protection's response to a petition from the Center for Media Education provided guidance to the industry with respect to what would constitute deceptive or unfair collection practices from children online. (See FTC News Release dated July 16.)
The letter also states that the Commission staff will continue to monitor and assess self-regulatory efforts, as well as technological responses to these concerns. The June 1998 report to Congress will analyze the "percentage of sites providing notice to parents, whether the notice meets the criteria set forth in the staff's response letter to CME, what information is being collected from children, and how Web sites are using this information."
Finally, the Commission pledged to work with all interested parties in developing education materials for parents and children regarding children's online privacy protections. The need to educate parents was deemed an important goal of the participants at the Workshop.
NOTE: The public record for the unsolicited commercial e-mail and online privacy sessions of the Workshop has closed but that the public record for computerized databases remains open. It is anticipated that a transcript of the Workshop and all comments received will be posted on the Commission's Web site at http://www.ftc.gov by the close of business today.
Copies of the agenda for the Public Workshop, the Federal Register notice and the written comments, the December 1996 FTC staff report and transcripts of the June 1996 workshop are available on the Internet at the FTC's World Wide Web site. FTC documents also are available from the FTC's Public Reference Branch, Room 130, 6th Street and Pennsylvania Avenue, N.W., Washington, D.C. 20580; 202-326-2222; TTY for the hearing impaired 1-866-653-4261. To find out the latest news as it is announced, call the FTC's NewsPhone recording at 202-326-3710.
Victoria Streitfeld or Claudia Bourne Farrell,
Office of Public Affairs
202-326-2718 or 202-326-2181
Staff Contact:
Bureau of Consumer Protection
Bureau of Consumer Protection
202-326-3090