A dozen companies, including several major ones in high tech, launched on Tuesday an effort to convince Congress to pass a comprehensive federal consumer privacy law that would cover the handling of personal data.
In forming the Consumer Privacy Legislative Forum, the companies said they hoped to convince lawmakers to create a "simplified, uniform but flexible legal framework" that would protect consumers from inappropriate collection and misuse of personal information, while also enabling legitimate companies to use data on people in conducting business. Forum members included EBay Inc., Google Inc., Hewlett-Packard Co., Intel Corp., Microsoft Corp. and Oracle Corp.
"In principle, such legislation would address businesses collecting personal information from consumers in a transparent manner with appropriate notice; providing consumers with meaningful choice regarding the use and disclosure of that information; allowing consumers reasonable access to personal information they have provided; and protecting such information from misuse or unauthorized access," the group said in a statement.
Consumer concerns over privacy in the use of personal data has been heightened by several high-profile cases in which such information was lost or stolen. Among the latest incidents was the theft of 26.5 million identities from the Department of Veterans Affairs. Other major incidents involving the loss of personal information have involved Bank of America and information gatherers ChoicePoint Inc. and LexisNexis.
Companies are concerned that fear over identity theft and the mishandling of personal data would eventually hamper their ability to conduct business on the Internet. The Forum, for example, quoted a nationwide survey released in May by the Cyber Security Industry Alliance, which found that 94 percent of people polled listed identity theft as a serious problem. Only 24 percent of the respondents believed businesses were placing the right emphasis on protecting people's data.
Another concern of companies is the growing number of state privacy laws, and federal security laws covering specific industries, such as healthcare and financial services. In addition, separate privacy laws protecting children are also emerging on the state and federal level. Such a legal patchwork adds to organizations' legal costs, and provides uneven protection to U.S. consumers, companies argue.
"Because a national standard would preempt state laws, a robust framework is warranted," the Forum said.
Other members of the group included Eastman Kodak Co., Eli Lilly and Co., Hewitt and Associates, Procter & Gamble Co., Sun Microsystems Inc. and Symantec Corp.