The Online Privacy Shell Game

The U.S. Commerce Department announced yesterday that U.S. and European Union negotiators have finally reached a formal agreement on a much-needed deal that would guarantee privacy protection for EU member consumers who do business with U.S.-based e-tailers.

Currently, relevant U.S. online privacy laws are far more liberal than those in Europe. For instance, European law prohibits companies from sharing any data without first getting permission from the consumer.

U.S. Must Abide by European Privacy Laws

This disparity is why some industry observers had feared that Europe would eventually bar U.S. e-tailers from selling to its consumers. However, under the terms of this new agreement, U.S. companies will be allowed to do business in Europe as long as they agree to abide by European privacy laws, or equivalent measures, when dealing with European consumers.

“This data-privacy success comes none too soon to support the growth of the almost $2 trillion (US$) United States-EU trade and investment relationship, particularly in the rapidly growing business-to-business (B2B) and retailing e-commerce sectors,” Commerce Secretary William Daley said in published reports.

Still, for now, the agreement does not include U.S. financial services firms because U.S. regulators are still writing new privacy rules for the industry.

Under the pending agreement, online merchants will have several options for obtaining “safe harbor” from litigation or prosecution in Europe. They can agree to formally subject themselves to oversight by EU regulators, sign up with an accepted self-regulatory organization subject to oversight by the U.S. Federal Trade Commission (FTC), or demonstrate that U.S. laws are comparable to those of Europe in the area in which they operate.

Good News for U.S. E-Commerce

My question is, where have these companies been all along?

Speaking at a forum held by the Aspen Institute in San Jose, California just two weeks ago, U.S. President Bill Clinton sternly warned high-tech industry leaders that they must quickly adopt minimum privacy standards in the U.S. or have the government do it for them.

“There are two [areas] which are absolutely vital to keep the information economy and all America growing strong,” Clinton reportedly said. “The first is Internet security and privacy and the second is closing the digital divide.”

Clinton continued, “I think we must ask ourselves, and everyone in this area, do you have privacy policies you can be proud of? Do you have a privacy policy you’d be glad to have reported in the media?”

Clinton’s hard line came just one day after controversial Internet advertising firm DoubleClick, Inc. reportedly caved in to pressure from consumer groups, U.S. states and advertisers to stop tracking individuals by name over the Internet.

Lip Service at Home

So, how is it that the same U.S. companies that cannot seem to come to a consensus about privacy issues at home had no trouble falling in line when it came to dealing with the European Union? In my view, nothing concrete has changed.

In the end, it doesn’t matter where the impulse comes from, or what forces ultimately deliver stiffer privacy practices to the American consumer. However, it appears that U.S. officials need only gaze across the Atlantic for answers to what has inexplicably vexed them for so long.