 | |
| |
TechnologyDaily Mobile
The Shifting Sands Of The Privacy Debate
By Drew Clark
Although technology industry observers following the privacy debate sense a palpable waning of interest in regulating Web-site privacy policies — a trend some attribute to the collapse of the dot-com economy and the Nasdaq stock exchange — privacy legislation in the 107th Congress could emerge through an unconventional route: the House and Senate Judiciary committees.
Last year, the debate over online privacy centered on the Senate Commerce Committee, and thus far this year, the House Commerce Committee and two of its subcommittees have shown a pronounced interest in the subject by holding hearings and reviewing the Health and Human Services Department's pending medical privacy rules. Both the House and Senate Commerce committees also have been aided by the Federal Trade Commission's high profile on the subject.
That profile may diminish with President Bush's nomination of Timothy Muris as FTC chairman, however. The change in the administration already has delayed a decision on whether the FTC will survey commercial Web-site privacy policies this year, as it has the past three years, and Muris also could prove a crucial third vote for reversing the FTC's recommendation last year that Congress to pass broad privacy legislation.
But increasingly, many of the emerging hot-button issues in online privacy — bankruptcy records, e-mail surveillance and wireless location-tracking devices — may lend themselves more to the jurisdiction of the Judiciary committees.
Closing The Toysmart Loophole
Thus far this year, the Senate Judiciary Committee already is responsible for that body's passage of privacy language in the bankruptcy reform bill. The language was spurred by revelations last year that bankrupt retailer Toysmart had put personal consumer information up for sale in spite of the Web business' announced privacy policy.
Judiciary Committee ranking Democrat Patrick Leahy, Vt., with the support of Chairman Orrin Hatch, R-Utah, successfully added an amendment to the measure that would create a consumer privacy ombudsman who would appear before a bankruptcy court. Under the amendment, adopted unanimously, a bankruptcy court would have to either enforce a policy "prohibiting the transfer of personally identifiable information" to third parties or hold a public hearing where the ombudsman would have to represent the privacy interests of consumers.
The House-passed bankruptcy bill does not include any new privacy requirements, and the bill itself is in jeopardy because of internal political dynamics in the split Senate. But spokesmen for Leahy said they considered the privacy provision a victory because it created the first privacy ombudsman in federal law, and because the ombudsman would aid privacy protection even when a financially shaky company tries to skirt its own policy upon bankruptcy.
Poised For Bipartisan Action
Both Leahy and Hatch also appear to be poised to consider broader privacy issues.
In a floor colloquy before passage of the Leahy-Hatch amendment, Leahy said he had planned to offer "an amendment to this bankruptcy bill to protect financial privacy and prevent identity theft in electronic bankruptcy court records." That issue currently is being addressed as the Judicial Conference, the administrative body of the judiciary, considers a plan to put almost all federal court records on the Internet.
"The manner in which all three branches of the federal government — the federal agencies, the Congress and the Judiciary — protect the privacy of personal information that Americans are required to divulge to the government is an important area that needs our attention," Leahy said.
"The issue of privacy, both online and offline, is something that we have discussed together," Hatch said in reply, "and [we] both agree that the committee should examine, and will be examining, the current legal framework for privacy protection and determine where improvements can and should be made."
New Faces In House Judiciary
On the House side, the naming of new Judiciary Committee chairmen promises an increased committee role on privacy issues. James Sensenbrenner, R-Wis., is the new full committee chairman, while Bob Barr, R-Ga., is heading the Commercial and Administrative Law Subcommittee and Lamar Smith, R-Texas, is heading the Crime Subcommittee.
In an interview last month with National Journal's Technology Daily, Sensenbrenner said he charged Barr and his subcommittee with taking the lead on privacy. Sensenbrenner said he expected the full committee to once against pass legislation raising the privacy standards before law enforcement officials could conduct surveillance of e-mail or telephone calls, and before they could obtain cell-phone location information. The committee passed such a bill on a 20-1 vote in the 106th Congress, but the House never voted on the issue.
Barr, who last week met with a coalition of privacy groups including the American Civil Liberties Union, outlined his thinking on the subject in a recent speech to the North Carolina Bankers Association.
"Where is this attack on the privacy of American citizens coming from?" he said. "I have concluded unequivocally that the government engages in numerous practices [that] invade the privacy of Americans in ways totally inappropriate in a free and democratic society such as ours."
Barr specifically targeted "Carnivore," the former name for the FBI's e-mail surveillance system, and a doomed effort by federal banking regulators in 1999 to require banks to profile their account holders under "Know Your Customer" requirements.
"Many of my colleagues in Congress would have the public believe that invasions of privacy are rampant in the private sector — and there certainly are problems there — but it is the government that poses the far greater threat," Barr said.
E-mail Surveillance And Network-Stored Information
Network privacy is among the issues that Leahy sought to address in introducing the Electronic Rights for the 21st Century Act nearly two years ago. The issue, which has become remarkably salient in light of Microsoft's "Hailstorm" initiative to get consumers to put personal information on computer servers, demonstrates the crucial difference between the way the Judiciary and Commerce committees approach online privacy.
One of the titles of the bill would have required law enforcement to give subscribers notice of a subpoena or warrant before seizing electronic information stored on a network service — the same notice citizens would get if the police attempted to duplicate information from a computer they themselves own and control.
"You lose your privacy rights in records held by third parties," said Alan Davidson, staff counsel at the Center for Democracy and Technology, which has assembled a detailed chart spelling out the different privacy protections for paper documents versus electronic and voice communications. "That, of course, is the wellspring from which all of these concerns flow."
Davidson added that a string of poor court decisions have exacerbated the low protections in law by ruling that consumers have no "expectation of privacy" in information held by third parties such as banks and telephone companies.
Leahy's e-rights measure also would have addressed consumers' privacy rights. It would have eliminated an exemption for Internet service providers (ISPs) on the disclosure of personal information, requiring ISPs to give their subscribers an opportunity to prohibit such a disclosure.
Leahy officials, who hope to include similar provisions in privacy legislation to be introduced with Hatch, said such an approach would provide a direct fix to online privacy questions instead of punting the issue to a regulatory agency like the Federal Trade Commission. Referring to several privacy bills introduced by members of the Senate Commerce Committee, a Leahy staffer said online businesses should be reluctant to enmesh themselves in the kind of regulation-based approach that is sure to follow from delegating broad powers to the FTC.
NEW FEATURE
-Advertisement-
-Advertisement-
-Advertisement-
