FOR FOUR YEARS NOW, the Federal Trade Commission (FTC) has accommodated the Internet industry's request that it, not the government, regulate the collection and use of consumer information. In late May, the FTC decided that enough was enough.
Basing its decision on federal report findings that only 20 percent of a random sample of websites adhered to the four tenets of what the FTC considers fair privacy practice -- notice, choice, access and security -- the agency recommended legislation that would make privacy practices mandatory and enforceable.
The Internet industry, predictably, is up in arms. Lobbying groups like the Online Privacy Alliance and the Information Technology Association of America insist that such regulations are unwarranted and will do little more than open the floodgates on government regulation, which, in turn, will slow a booming economy. But if federal regulation is so abhorrent to the Internet industry, why won't e-commerce companies do what it takes to keep the government off their backs?
If e-commerce companies were to implement full-scale privacy practices, not only would they forestall federal involvement, they would actually encourage more online commerce. A recent Arthur Andersen survey found that 94 percent of 365 Internet users expressed some level of concern for their privacy, and a 1999 survey by Forrester Research found that 90 percent of consumers want to control how their personal information is collected and used. In response to a Sound Off column posted last year that asked "Do your customers really care about privacy?" nearly all readers argued vociferously that their customers do.
At a time when even well-financed retail e-commerce sites are dropping like flies, companies can't afford to play fast and loose with customer desires or with the legislative leanings of the FTC.
So why are e-commerce companies so unwilling to offer their customers privacy protections? Are the financial benefits of unfettered collection of personal data so great? Apparently not. A May article in The New York Times argued that while websites are certainly collecting data about their customers, they aren't making particularly good use of that data. "Many companies are trying to peer back through the glowing screens at Internet users," reporter Saul Hansell wrote, "but so far no one has been able to make a big business out of being Big Brother." If the unbridled collection of personal data isn't doing much for the bottom line but is discouraging consumer activity and inviting government involvement, why won't websites get serious about customer privacy?
IF CUSTOMER SERVICE IS THE DIFFERENTIATOR in the new millennium and consumers are telling us in no uncertain terms what they want, it is suicide not to listen. Get your sites up to snuff on privacy, notice and protection for your own survival!
Director of IT
IT IS INTERESTING TO ME how libertarian the views of most technical people are, yet how much everyone agrees that the government should step in. It is truly an indictment of the maliciously bad practices of unscrupulous marketers who are quickly ruining the Web for everyone.
Libertarian or not, one of the few legitimate purposes of government is to set the rules of the game and ensure that they are enforced. I cannot have freedom without responsibillity, and there is little responsibility being taken for actions that would be offensive and over-the-line in any other form.
Regulation is not only needed, it is overdue, and I hope retroactive. I also hope that in enacting legislation, our government does not overreact, but rather exercises restraint.
Director, e-Business Strategy
AS A CONSUMER, I want those privacy protections. as a company, we want unlimited access to our customers as long as it is ethical. Ethicality cannot be legislated, but many people and companies do not know what ethical behavior means. Therefore, government intervention seems inevitable.
Director of Electronic Commerce
Sewell Automotive Companies
THERE ARE CIRCUMSTANCES THAT EXTEND well beyond e-commerce and credit card information. Working for a consumer and professional health-care information website, we not only see the value in maintaining an individual's privacy, we ensure its implementation. Privacy shouldn't be a leap of faith for every website visitor; it should be considered standard practice.
We see the government instituting regulations to guard the privacy of individuals' health-care information. This regulation is better known as the Health Insurance Portability and Accountability Act (HIPAA), and by association this act ties indirectly to health-information sites to guard and protect confidential information. E-commerce credit card information should be no different, as it is ultimately the responsibility of the website to maintain and ensure visitor privacy. Give the control back to the people who are entrusting you with their information, and we can continue to bring value and credibility to this new economic medium.
Director of Technology
ALL THE COMPANIES THAT WANT to drive the "average consumer" to their sites and have them actually buy something need to better address the privacy issue.
There are too many average consumers who don't yet have enough of a sense of privacy to complete transactions online. The e-commerce industry must adopt standards and enforce them as an industry, before Al Gore takes credit for inventing Internet privacy.
Let's not give the government the ammunition it needs to step in. When consumers are confident their privacy is safe, they will come.
Director, Business Development
SVI America Corp.
This story, "Customer Privacy on the Web -- SOUND OFF" was originally published by CIO.