The FTC doesn't want new regulations to enforce consumer privacy on the Net, but it does want businesses to step up to the plate with responsible practices.
Orson Swindle, a commissioner for the Federal Trade Commission, made clear Thursday that the agency isn't looking for more regulations to ensure consumer privacy on the Internet, but warned businesses that government will act if companies infringe on customers' rights to control what's done with their private information. Consumers will act, too, he said, by refusing to do business with those companies that fail to protect their privacy.
"I don't favor the regulatory model, because it doesn't offer the best answer," Swindle told attendees at a privacy seminar sponsored by Trust-e, a nonprofit privacy group working with businesses to protect consumers from spam and from having their personal data shared without permission. The seminar was held at the Redwood Shores, Calif., campus of Trust-e sponsor Oracle. Business must take the initiative to develop privacy practices that will satisfy customers and build trust. "If you don't get it done, politicians and regulators will attempt to get it done" for you, Swindle said.
Existing laws are sufficient to protect consumers, he said. Yet 5,000 new privacy laws are pending in state legislatures and Congress. "Imagine if all of them got passed," he said. "We'd have a very squirrelly world." In arguing against new laws, Swindle said the speed with which business is changing because of the Internet has made it nearly impossible to pass laws that don't become obsolete. "If laws are passed, they will probably be behind the train," Swindle said. "The train will be long gone." But, he said, the FTC has targeted areas in which to enforce existing laws against spamming, identity theft, fraud, chain letters, and misleading advertising.
Others agreed that businesses that abuse their customers' privacy are risking a lot. "A company's reputation, its brand, is built on trust," John Berard, senior VP of public relations firm Fitzgerald Communications, said in a panel discussion on Privacy and Brand Building. That could have a severe impact on a company, because its brand is worth more in terms of its impact on revenue than all of its factories or other assets. "Privacy and security is as much about the brand of Tide as the ingredients in the box," said John Kamp, counsel of law firm Wiley Rein & Fielding LLP.
In discussing the impact of the Sept. 11 terrorist attacks, Swindle said privacy versus security would be ongoing issue, with no final solution but always open for discussion in our free society. Laws to protect privacy versus laws to tighten national security create a tension that will never cease. Said Swindle, "This little cursor moves back and forth in our society."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.