Related
Links
The Federal Trade Commission begins hearings today into the practice of computer online operators gathering and using personal information without user consent or knowledge. The hearings come just as a new survey shows how vulnerable computer users are to cyberspace spying and invasions of privacy. The Electronic Privacy Information Center, a nonprofit consumer advocacy and research group based in Washington, D.C., reported yesterday that about half of the internet’s 100 most popular websites collect personal information from users who click on their sites or through mailing lists. Joining us to talk about the survey and privacy on the net is Marc Rotenberg, the head of the Electronic Privacy Information Center. [includes rush transcript]
Transcript
AMY GOODMAN: The Federal Trade Commission begins hearings today into the practice of computer online operators gathering and using personal information without user consent or knowledge. The hearings come just as a new survey shows how vulnerable computer users are to cyberspace spying and invasions of privacy. The Electronic Privacy Information Center, known as EPIC, a nonprofit consumer advocacy and research group based in Washington, D.C., reported yesterday that about half the internet’s 100 most popular websites collect personal information from users who click on their sites or through mailing lists.
Joining us to talk about the survey and privacy on the net is Marc Rotenberg. He’s the head of EPIC. Why don’t we begin by you telling us about these unusual hearings that are taking place today and about your survey?
MARC ROTENBERG: Well, I think the first thing to say is that the FTC hearings come about in response to public concerns about privacy protection on the internet. It is clear, I think, both to the general public and to people who are using the internet that privacy is one of the key consumer issues. And looking around the internet today, there’s good reason to be concerned.
Now the survey that we did was based on essentially a snapshot we took last week of 100 of the top websites, and we visited each site and tried to see what type of privacy policies they had and how they collected personal information, whether or not they were using such techniques as cookies to gather data.
AMY GOODMAN: What do you mean by “cookies”?
MARC ROTENBERG: Well, cookies is a way of placing information on a user’s system, so that that person can be followed as he or she surfs around the net. It’s done sometimes for sensible reasons in the commercial context, like if you want to buy a product at a website, but other times it can be used just to see what your personal preferences are. And we wanted to see how many of the websites that we looked at had enabled cookies.
AMY GOODMAN: So, ultimately, what did you find?
MARC ROTENBERG: Well, what we found is that very few websites today actually have privacy policies. A lot of them are collecting personal information—about half of them, in fact—and there are really very few privacy safeguards in place. And we think these are problems, because, you know, as people use the internet increasingly for personal information, they’re going to be more concerned about how that information is collected and used.
At the same time, we also found a high level of anonymity, which is basically being able sort of to walk into a store, look at things that interest you, and walk out, without having to disclose who you are, provide any personal information. We think that’s a good thing. Anonymity is one of the keys to protecting privacy, and as long as websites allow people to remain anonymous, we think a lot of the privacy issues will not get out of hand. Of course, once anonymity is lost, once people have to give up their identity, then problems begin.
AMY GOODMAN: Do you recommend that people not put their credit card over the internet?
MARC ROTENBERG: Well, that’s actually a somewhat different issue. We didn’t look at that one too closely. That’s really a security problem. Many of the websites today are using certain security features to try to protect your credit card against misuse, and that, of course, is a good thing. But generally speaking, when you’re providing personal information online, you have to be careful, because too few companies are giving you information about what their privacy practices are.
AMY GOODMAN: What about—what about Amazon.com, which is the major online seller of books? I think it’s the largest virtual bookstore. Can you talk about what you found with this website?
MARC ROTENBERG: It’s an interesting example. We actually thought they had a pretty good privacy policy. They said that they did not rent or sell their personal information that they collect, and we thought that was pretty good. On the other hand, they also said that they wanted people to send them a note, so that they would never rent or sell the information. We thought that was unnecessarily ambiguous. We think, for most people, just a pretty simple and straightforward statement would be most useful.
AMY GOODMAN: So what do you recommend?
MARC ROTENBERG: We recommend, first of all, people should be a little careful about giving out personal information online, and particularly kids, who have a tendency to like to fill forms out. A lot of these forms that are being put online are very detailed. This is much more detailed than some of the old cereal box promotions that people might be familiar with. So that’s a big issue.
The second thing is that, to the website operators, we think that anonymity is important and that people should have the right to continue to surf the internet without disclosing their identity.
Finally, to the FTC, who is holding the hearings this week, we really want them to take a close look. We think privacy is one of the top issues on the internet today. There’s obviously a problem, and we need to find some solutions.
AMY GOODMAN: In which camp does the FTC, the Federal Trade Commission, which is holding today’s hearings—where do they sit?
MARC ROTENBERG: Well, the Federal Trade Commission said a year ago, when they held similar hearings, that they wanted to see if self-regulation could be made to work. We went out on the internet to see if self-regulation was working, and we concluded that it wasn’t. So we think the ball is back in the court of the FTC to try to establish why there shouldn’t be good privacy standards enforced in law. We think that’s, you know, a critical part of protecting online privacy.
AMY GOODMAN: We’re talking to Marc Rotenberg, head of the Electronic Privacy Information Center based in Washington, D.C. Marc, who sits on the Federal Trade Commission?
MARC ROTENBERG: Well, there are five commissioners. The chairman is Robert Pitofsky. Christine Varney, who’s one of the five, has expressed the most interest in privacy issues, and she’s the person who helped coordinate the hearings this week.
AMY GOODMAN: And what do you expect today’s hearings to look like? Who will testify?
MARC ROTENBERG: Well, this is going to be very extensive. It’s an unusual hearing, because there are many participants, and there will be a lot of public participation. If you go to the FTC website, which is ftc.gov, I think you’ll see that today there are probably more than 30 or 40 witnesses who have been scheduled to testify on a range of issues. We start today with lookup services. Those are the online databases that allow people to get information on others. There’s going to be a discussion tomorrow on privacy on the internet. And the third day looks at kids’ privacy and how children’s data has been collected and sold.
AMY GOODMAN: What do you mean, “lookup services”?
MARC ROTENBERG: Well, a lookup service, for example, is being offered by the LexisNexis company this past year called P-TRAK. You could—if you’re a subscriber to that database, you could go to the database, enter a person’s Social Security number, if you happen to know it, and you can get their name and address, mother’s maiden name, former address, an unlisted phone number, if it was available. That information has actually been compiled from credit reports, credit records, the TransUnion company, and sold to LexisNexis. And the database is being used by everybody from, you know, lawyers and private investigators on down the line.
AMY GOODMAN: And what will they argue for?
MARC ROTENBERG: Well, they will say that the government really doesn’t need to regulate. That’s the—you know, that’s line this week. The problems will take care of themselves. The industry can fix the problems. They’re aware that the public is concerned. There are going to be some new industry policies announced this week. They will say that that’s enough and that we really don’t need any new laws. But as I said, I mean, we’ve waited a year now. The clock is ticking. We don’t see self-regulation working. We think people should have some rights to protect their personal information.
AMY GOODMAN: But considering the direction Congress is going in, which is total deregulation, from the telecommunications bill to many other areas of life, what makes you think that they would start instituting laws here?
MARC ROTENBERG: Well, I know that the conventional wisdom is that, you know, Congress and others don’t have much interest these days in regulating, but privacy has always been a little bit unusual. It tends to have support from across the political spectrum. It’s an issue that a lot of people feel fairly deeply about, and I think it’s also an area where Congress and the courts have been prepared to draw some lines to protect personal rights. We’re seeing, you know, in Congress now more than two dozen privacy bills that have been introduced. The FTC is certainly aware that there are a lot of people who would like to see some legislation adopted. I think the burden is really on—you know, is on the industry to try to establish whether they can make the current system work. Based on our survey, we think the current system is not working.
AMY GOODMAN: Who are the greatest friends in Congress of privacy, and who are the greatest opponents?
MARC ROTENBERG: Well, that’s never an easy question to answer, because, of course, it depends a little bit on which issue you’re talking about. You know, we work on civil liberties issues, where one group of people look very good, and we work on consumer issues, where another group of people can look—you know, can look very good. I know, you know, certainly in the state of California, Senator Feinstein and Senator Boxer have both been very active in privacy issues, and we expect them to be doing—you know, continuing to do some work on these issues.
AMY GOODMAN: Who’s opposed?
MARC ROTENBERG: Well, typically people sort of quietly who get support from the Direct Marketing Association. The DMA is a very powerful lobby here in Washington. They really don’t want any regulation of the marketing industry. They think they’re doing quite well, and they’re happy to share some of their success with people up on the Hill through substantial PAC contributions. And they generally find a way, when privacy legislation is moving, to find some folks who will side with them and stop bills. But I think the truth is that as the public concern about these issues has increased, it’s become increasingly difficult for the DMA to proceed with that strategy. And I wouldn’t be surprised this week if they show a little bit more willingness to begin to support some of these privacy efforts.
AMY GOODMAN: I have a sort of bigger question, and that is, who owns the internet or the world wide web? And is it possible to not only count—you know, for a website to count how many times someone hits on that, but for, I don’t know, some overall body or entity that oversees the world wide web to follow how many times you hit on every website, to have an overall database about where everyone goes on the internet?
MARC ROTENBERG: Yeah, well, I mean, there’s—you know, if you’re talking about a political matter, an administrative matter, there really is no one who could, or I would say, or should, you know, coordinate all the activities on the internet. You know, it doesn’t make sense for any number of reasons. One of the great strengths of the internet is precisely the fact that it’s decentralized, that there is no central control, and we’d like to see that continue. But the internet technologies for tracking really don’t require centralized authority. There are a lot of different ways to follow someone as he or she moves around the net, and advertisers are getting particularly adept at doing this by using such techniques as cookies, which can be used to track some of your preferences as you move around the network.
AMY GOODMAN: How did you end up getting interested in the issue of privacy on the internet?
MARC ROTENBERG: I don’t know. I’ve always found, you know, privacy issues interesting. It’s one of the areas where technology and law have kind of had an unhappy marriage, I guess, because, you know, technology creates all of these new social issues, and the law has tried, with, I guess some would say, mixed success to preserve certain basic freedoms, one of those key freedoms being the right of privacy. And we’re, you know, following in that tradition, trying to understand how to protect our right as we enter to the 21st century.
AMY GOODMAN: Since the internet is a public space that was set up by the military, right, by the Defense Department, wouldn’t it make sense that people who use it for commercial profit would have to abide by certain rules, since it was developed with all of our money? It was a government project.
MARC ROTENBERG: Yeah, well, we definitely feel that the companies today that are commercializing the internet really do have that responsibility to protect privacy. One of the—you know, as I said, the great beauty of the internet is that it’s decentralized. There’s a lot of freedom. We don’t think that it’s just about, you know, business opportunity. And to the extent that businesses are operating on the net, we think they should respect the privacy rights of people who are using the net.
AMY GOODMAN: How can people find EPIC?
MARC ROTENBERG: Well, we’re on the web. We’re at EPIC.org. We have a pretty good website with a lot of privacy information and some tips and tools we have up today, practical privacy tools for people who want to get some ways to safeguard their privacy online.
AMY GOODMAN: Because these are broad-ranging hearings that begin today held by the Federal Trade Commission, and you said that the Federal Trade Commission’s website is ftc.gov, is there a place there for people who can’t, you know, be in Washington or who are not on the list to testify to present their testimony?
MARC ROTENBERG: Yeah, I think there is. I think the FTC has set up a way for people to submit statements. I’d certainly encourage listeners who are interested in privacy issues to visit the FTC site at ftc.gov and submit comments. And I think they definitely need to hear from people outside of Washington about what to do with privacy.
AMY GOODMAN: Well, thank you very much for joining us.
MARC ROTENBERG: Thank you for your call.
AMY GOODMAN: Marc Rotenberg is head of the Electronic Privacy Information Center, a nonprofit consumer advocacy group based in Washington, D.C.
Media Options