FTC sidelines the call for new privacy laws
Is data protected while investigators gather evidence?
By Daniel Sieberg
ATLANTA, Georgia (CNN) -- The chairman of the United States' Federal Trade Commission (FTC) said Thursday the best approach to protecting personal data is through better enforcement of existing laws -- not creating new ones.
That approach should be adopted, he said, despite acknowledging that people are "deeply concerned" about how on- or offline businesses may be using their personal information, he said.
"We will enforce current laws vigorously, using more of the FTC's resources," said Timothy J. Muris in comments to the 2001 Privacy Conference in Cleveland, Ohio. "We will stop those practices that harm consumers. We will use our full arsenal of tools … to pursue our strong pro-privacy agenda addressing real privacy concerns."
Muris' position runs counter to the Clinton-era philosophy that said consumer privacy laws were needed immediately to protect personal data on the Internet.
The FTC chief did not rule out calls for future legislation, saying there are "clearly good arguments" to be made. But, he maintained, "It is too soon to conclude that we can fashion workable legislation to accomplish these goals."
Muris paid tribute to the men and women lost during the September 11 tragedy during his speech, saying that those terrorist attacks have highlighted consumers' concerns about their security, as well as the fact that one of the "government's most important jobs is to protect its citizens."
He listed these points among the FTC initiatives to handle the issue within the scope of existing law:
Creating a national do-not-call list.
Beefing up enforcement against deceptive spam, or unwanted e-mail.
Helping victims of identity theft.
Tracking consumers' privacy complaints.
The response from online privacy advocates was mixed, but not one of surprise since this position has been expected from the FTC for several weeks.
"On the one hand, it's a really good start," said Sarah Andrews, research director at the Electronic Privacy Information Center (EPIC) in Washington. She also noted the suggestion of increased enforcement and improved handling of consumer complaints.
"We're just a bit disappointed on his stance with legislation. It does seem to be out-of-step with public opinion. It seems like a backwards step."
EPIC and other privacy groups have been consistently lobbying Congress and the FTC for laws that require companies to post clear policies on whether consumers want to "opt in" or "opt out" of sharing information.
Andrews said she doesn't believe that the FTC's decision was influenced in any way by the September 11 attacks in New York and Washington, but she said the terrorism debate gives the FTC and lawmakers other factors to consider, if and when legislation eventually is created.
"There will need to be clarification of a company's rights and responsibilities when sharing information," said Andrews. "I think companies would welcome recommendations on what they should do whenever a court order or subpoena is issued."
Protecting privacy during probe
As law enforcement agencies continue to gather evidence related to the September 11 attacks, privacy advocates say they want to ensure that the FBI and businesses aren't rushing to acquire and share data without adhering to privacy regulations.
A number of privacy and civil liberty groups have expressed concern over expanded wiretapping laws proposed by Attorney General John Ashcroft.
Law enforcement officials say they're taking all the necessary steps when approaching an Internet service provider (ISP) to get online data.
A government source told CNN Thursday that more than 4,400 subpoenas related to the September 11 attacks have been served to date, although the official didn't specify how many of those subpoenas are related to gaining Internet records.
A grand jury can issue a subpoena, while a judge must issue a court order, which often requires a higher level of evidence to obtain. The official didn't say how many court orders have been issued in relation to the attacks.
Dan Greenfield, vice president of corporate communications at Earthlink, an ISP based in Atlanta, Georgia, said the FBI has adhered to the necessary guidelines when requesting information -- and that his company has been providing only what was asked for.
"Our privacy policies have not been violated," said Greenfield. "We developed a system that complies with all of their requests," not just with respect to the September 11 situation.
Greenfield also said the FBI did not install its online-wiretapping system known as "Carnivore" or DCS1000 in this case since Earthlink has its own method of gathering data.
Ashcroft says lawmakers moving too slowly
October 2, 2001
FTC seeks input on new privacy guidelines
December 21, 2000
Electronic Privacy Information Center (EPIC)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
U.S. TOP STORIES:
Report: SUVs pose danger
Title IX minority pushes enforcement
Robert Blake goes to court
Judge orders man's mouth taped shut
Chicago Mayor Daley wins fifth term
|Back to the top|