The FTC doesn't want new regulations to enforce consumer privacy on the Net, but it does want businesses to step up to the plate with responsible practices.
Orson Swindle, a commissioner for the Federal Trade Commission, made clear Thursday that the agency isn't looking for more regulations to ensure consumer privacy on the Internet, but warned businesses that government will act if companies infringe on customers' rights to control what's done with their private information. Consumers will act, too, he said, by refusing to do business with those companies that fail to protect their privacy.
"I don't favor the regulatory model, because it doesn't offer the best answer," Swindle told attendees at a privacy seminar sponsored by Trust-e, a nonprofit privacy group working with businesses to protect consumers from spam and from having their personal data shared without permission. The seminar was held at the Redwood Shores, Calif., campus of Trust-e sponsor Oracle. Business must take the initiative to develop privacy practices that will satisfy customers and build trust. "If you don't get it done, politicians and regulators will attempt to get it done" for you, Swindle said.
Existing laws are sufficient to protect consumers, he said. Yet 5,000 new privacy laws are pending in state legislatures and Congress. "Imagine if all of them got passed," he said. "We'd have a very squirrelly world." In arguing against new laws, Swindle said the speed with which business is changing because of the Internet has made it nearly impossible to pass laws that don't become obsolete. "If laws are passed, they will probably be behind the train," Swindle said. "The train will be long gone." But, he said, the FTC has targeted areas in which to enforce existing laws against spamming, identity theft, fraud, chain letters, and misleading advertising.
Others agreed that businesses that abuse their customers' privacy are risking a lot. "A company's reputation, its brand, is built on trust," John Berard, senior VP of public relations firm Fitzgerald Communications, said in a panel discussion on Privacy and Brand Building. That could have a severe impact on a company, because its brand is worth more in terms of its impact on revenue than all of its factories or other assets. "Privacy and security is as much about the brand of Tide as the ingredients in the box," said John Kamp, counsel of law firm Wiley Rein & Fielding LLP.
In discussing the impact of the Sept. 11 terrorist attacks, Swindle said privacy versus security would be ongoing issue, with no final solution but always open for discussion in our free society. Laws to protect privacy versus laws to tighten national security create a tension that will never cease. Said Swindle, "This little cursor moves back and forth in our society."
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.