Privacy Roundtables – Comment, Project No. P095416 #544506-00004

Submission Number:
Russ Smith
Initiative Name:
Privacy Roundtables – Comment, Project No. P095416
Millions of Comcast high-speed Internet subscribers will be losing the protection of the TRUSTe privacy policy verification program in a new Comcast privacy policy set to into effect Tuesday. This is being done as a federal lawsuit against Comcast, TRUSTe, Microsoft and Cisco winds it way through the courts. The new policy will remove the privacy protection of Internet subscribers from the website policy to the to the policy which is not covered by TRUSTe. The lawsuit accuses Comcast, Microsoft, and Cisco of eavesdropping on Internet communications and developing IP address “blacklists” that resulted the blocking of e-mail communications. The suit also alleges that the companies failed to adhere to their posted privacy policies that allow consumers to review the information collected about them so they may correct errors. The claims include allegations that TRUSTe failed to legitimately adjudicate the complaints filed against Comcast and Microsoft. Cisco maintains an “IP Reputation” list at and Microsoft maintains several lists called “blacklist.zap” via their FrontBridge service. Many Internet posting indicate Microsoft has been blacklisting many small mail servers such as those operated by law firms that need security and archiving. Cisco does not participate in the TRUSTe program and claims to have different privacy policies covering their different websites. The suit also alleges that Cisco’s IronPort service claim of operating a "credit reporting service for email” is false advertising because they do not allow users to review and correct information collected about them. The Plaintiff in the case is Russ Smith who operates privacy-related web sites such as and and had testified at the first Federal Trade Commission “spam summit” in 1999. According to Smith, both Microsoft and Cisco placed IP addresses used by Smith on “blacklists” and distributed the information to third parties causing his e-mail to be blocked. Comcast actually blocked communications between his home and a mail server he operates outside the Comcast network to avoid using Comcast’s e-mail services. According to Smith, the TRUSTe system is useless as it only covers specific web sites, and not a company’s overall privacy practices. When there is a potential problem companies just change their policies so TRUSTe no longer oversees their practices. Smith also filed a complaint at the FTC against Microsoft for claiming in official proceedings that the entire company is covered by TRUSTe when the licensing only covers some of their web sites. Smith has also lodged complaints at the Federal Trade Commission that accuses the agency of advising Internet companies to eavesdrop on Internet communications in the name of security while, at the same time, the FCC is advising companies not to eavesdrop. According to Smith the FTC is not providing a consistent message. He says the FTC never suggests the phone companies should listen to phone calls to decide when there is telemarketing fraud so they should not be doing it with Internet providers. He also says the FTC should coordinate their advice with other agencies such as the FCC. Smith also testified at the FTC’s do-not-call forum during the development of the National Do-Not-Call Registry.