Online Privacy Will Be a Hot Issue in Congress This Year

Congress is just getting under way, but Hill watchers believe online privacy quickly will become one of the year's highest-profile IT-related issues.

Congress is just getting under way, but Hill watchers believe online privacy quickly will become one of the years highest-profile IT-related issues.

Last years privacy debate was inconclusive. Although several privacy bills surfaced and hearings commenced, the election-shortened Congressional session put privacy on hold. That situation is expected to change.

"I think youre going to see Internet taxation and privacy as the [issues] most quickly addressed in the Congress," says Tom Santaniello, public policy manager at the Computing Technology Industry Association (CompTIA).

Bills to extend the moratorium on new or discriminatory Internet taxes are up against a fixed deadline; the current tax ban expires this October. The privacy issue, however, has an urgency of its own. Gail Magnuson, director of privacy for Fiderus, a Cary, N.C., privacy and security consulting firm, sees the key drivers as consumer concern over the safety and privacy of the Internet, and industry concern over the increase in identity theft and fraud.

"I certainly do believe this year we will take the next step in privacy legislation," Magnuson says, noting existing laws covering health care, financial services and childrens privacy.

Against that backdrop, the IT industry has mobilized to influence the shape of online privacy legislation. CompTIA, for one, earlier this month outlined its principles for a national online privacy policy. Those principles include:

> the posting of clear and conspicuous notices of Web site privacy policies, which list the types of personally identifiable information collected and how that information will be used;

> straightforward "opt out" procedures that let consumers control the disclosure of personal information; and

> a requirement that Web site operators employ "verifiable assessment procedures" that assure the site conforms with the stated privacy policy.

The AeA (formerly the American Electronics Association) recently issued privacy guidelines, emphasizing the need for federal legislation to create a uniform national standard. AeA contends businesses "could face 50 conflicting sets of privacy rules."

The Privacy Leadership Initiative (PLI) believes theres more at stake than duplicative law. The industry group is completing a study on the economic impact of legislation that would restrict merchants use of consumer information. Preliminary results of the study, which looked at catalog-based apparel retailers, indicate that the elimination of "external" information—magazine subscription lists, etc.—would increase a merchants costs by up to 11 percent. Cut off the use of internally collected information—customer name, address, purchasing data, etc.—and retailers marketing costs could double, translating into higher price tags for consumers, the group says.

Not surprisingly, companies that have remained quiet in the privacy debate are becoming more vocal.

"The bottom line is, privacy and security are essential to continue to ensure confidence and trust in business and the Internet," Magnuson says.

As trust begets customer retention, privacy becomes a dollars-and-cents issue for businesses relying on the Web.