400 North Capitol Street, NW
Washington, DC 20001
- Toll Free 1.888.564.6273
- Local 202.783.3870
Carly Fiorina made headlines when she became the first woman to head a multibillion-dollar, multinational, technology company. Speaking at a technology conference earlier this week, the CEO of Hewlett-Packard (HP) captured the spotlight again when she openly called for government-backed privacy standards. That the crowd she was speaking to – Members of Congress, administration officials, business executives and opinion leaders – gave her a standing ovation shows just how widespread support for this dangerous idea has become.
She’s not alone, however. Other technology leaders have also called for the government to regulate relationships between private individuals and private corporations. Some see regulation as a silver bullet that will increase consumer confidence on the Internet; others would simply prefer to deal with one set of federal rules than face a chaotic mess of regulation passed by the 50 state legislatures. They also see a threat from overzealous attorneys general looking to score points with the public.
Although its proponents may contend differently, privacy legislation will only serve to empower government at the expense of liberty.
Seeking refuge in government regulation has been tried before, with disastrous results. In the early part of the twentieth century, Theodore Vail, President of the Bell Telephone System, embraced regulation as a way to stave off a feared government takeover of his company. The hundreds of often-contradictory telecommunications regulations on the books today question whether Vail made the correct decision. Given that today’s technology CEOs have something Vail did not – namely, private sector alternatives – encouraging government regulation can only be considered a foolish, and perhaps fatal, attraction.
A recent Harvard Business Review article revealed that the economic benefits of trust and reputation are exaggerated on the Internet. Every small business owner knows that word-of-mouth is the best form of advertising. Likewise, one need look no further than Internet advertising company DoubleClick – whose attempt to link online browsing patterns to offline households sent trial lawyers to court, its share price into a nosedive, and attracted Federal Trade Commission (FTC) scrutiny – to see how a poor reputation can inflict harm upon a company. Online, trust is just as important as price.
Privacy seal programs help online companies gain the trust of Web surfers by certifying the personal information practices of a Web site. A number of different programs exist – Best Seal, PrivacyBot, Secure Assure, BBBOnLine, TRUSTe, and CPAWebTrust – each with a different set of standards. Small business owners may prefer the economical PrivacyBot, while consumers may not feel comfortable providing financial information to a Web site unless it meets the stringent conditions of the Webtrust seal. Furthermore, some of these programs already have an international scope. Webtrust was developed by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA), BBBOnLine has an agreement in place with the Japanese Privacy Seal Program (JIPDEC). As with any market-based solution, the seal programs that survive will be those that best meet the privacy needs of consumers.
But Web surfers do not need to rely on seal programs to protect their privacy. Companies such as ZeroKnowledge, Anonymizer, IDcide, and enonymous.com put consumers in control of their personal information by cloaking their identity, removing all identifying information, or giving them advanced control over "cookies" – the innocuous files used to customize sites and deliver targeted advertising. Marketing companies have banded together and formed the Network Advertising Initiative, in order to develop a set of principles for the collection and use of personal information. Other companies such as Encirq, deliver targeted advertising without compromising consumers' privacy. In addition to all this, Microsoft recently announced that advanced cookie management features will be built into the next version of Internet Explorer.
A recent report by the Pew Internet & American Life Project states, "The vast majority of American Internet users want the privacy playing field tilted towards them and away from online companies." However, the report also found, "most [users] don't exploit the privacy-protecting tools that already exist." Only 19 percent of people polled in the study thought government should have the most say over how Internet companies track peoples activities online and use personal information as opposed to 62 percent who favored leaving those decisions to the people who use Web sites.
To be fair, Ms. Fiorina's company has shown leadership in the privacy debate; it was a founding member of the BBBOnLine privacy seal program, and Ms. Fiorina recently announced that HP would help cover the costs of companies wishing to join the program. She should also be commended for her insistence that any new privacy regulations also apply to companies that operate in the offline world. Oftentimes, offline companies push for legislation in order to restrict their online competitors. However, she did not recommend that any new privacy regulations also be applied to government agencies, whose collection, and abuse of, of personal data dwarfs that of the private sector.
Ironically, government privacy legislation will most likely have a chilling effect on the development of new privacy-enhancing technology as regulation crowds out private products. As FTC commissioner Swindle has noted, "The market is working here: consumers are demanding tools to protect privacy and merchants are competing to provide them." There will be no incentive to innovate if the government is going to dictate what Web sites must do with information they collect. Although its proponents may contend differently, privacy legislation will only serve to empower government at the expense of liberty.