FTC Committee To Tackle Online Privacy Issues

The Federal Trade Commission (FTC), a division of the U.S. Department of Commerce, has announced the members of its new Advisory Committee on Online Access and Security. The 40 representatives of various public and private sector companies and organizations will spend five months exploring the impact of privacy and security policies on both online consumers and businesses.

The FTC and its new advisors — 23 representatives of various Internet and hardware companies, eight representatives of consumer and business advocacy groups, one lieutenant governor, and a few attorneys and scholars — are slated to hold their first meeting February 4th to plan what to do at their next three meetings. The advisory committee was chartered January 5th to provide advice and recommendations to the FTC on the costs and benefits of implementing the fair information practices of access and security online.

Long Agenda, Short Term

The group will examine some of the core principles that the Commission described in its 1998 report, “Privacy Online: A Report to Congress.” In addition to “access” and “security,” the FTC considers issues of “notice,” “choice” and “enforcement” to be essential components of effective self-regulatory programs for Web companies.

Specifically, the group will explore whether the extent of access that is provided by Web sites should vary with the sensitivity of the personal information collected and/or the purpose for which such information is collected. The members will also ponder whether the difficulty and costs of retrieving consumer data should be considered, and whether consumers should be provided access to enhancements to the personal information obtained directly from them, such as inferences about their preferences or purchasing habits.

Finally, the group will consider how to define appropriate standards for evaluating the measures taken by Web sites to protect the security of personal information, what reasonable steps can ensure the accuracy of this information, and what measures should be undertaken to protect this information from unauthorized use or disclosure.

Done by May

The committee is required to finish its informal look into online security and privacy protection practices by May 31st. Before that date, the committee plans to meet four times to discuss these issues, by working in subcommittees that will be formed at the February 4th session at the FTC’s offices in Washington, D.C. Subsequent meetings are slated for February 25th, March 31st and April 28th, also at FTC headquarters.

A final report to the FTC will discuss options for the implementation of online access and security controls, as well as the costs and benefits of each option.

All of the committee meetings will be open to the public, which is invited to submit written comments that may be used as position pieces or background information during the meetings.

The 40 members of the committee were selected from a list of more than 180 nominees that were collected in December. Notables include eCustomers.com Vice President of Development and Operations James C. Allen, Fidelity Investments Assistant General Counsel Alexander Gavis, America Online, Inc. Vice President of Integrity Assurance Tatiana Gau, and Massachusetts Lieutenant Governor Jane Swift.