Computer World –
The race is on in both the U.S. Congress and in the legislatures of individual states to introduce online privacy legislation that could affect e-commerce activities and regulate the dissemination of personal financial data.
In Washington, U.S. Reps. Chris Cannon (R-Utah) and Anna G. Eshoo (D-Calif.) this week introduced a privacy bill that would set some baseline data protection standards for companies doing business online. Their bill is modeled after one that was introduced in the U.S. Senate last year and is likely to be proposed again in the new Congressional session.
That measure, which is expected to be re-introduced by Sens. John McCain (R-Ariz.) and John Kerry (D-Mass.), would give Internet users the ability to limit the use and disclosure of personal information through an "opt-out" mechanism. It would also require companies to post notices about the kind of data they collect and how the information is used.
A number of states are also expected to consider online privacy bills this year. State legislatures are just beginning to convene, but a total of 14 bills related to online identity theft, fraud and children's issues have already been introduced in Arizona, Massachusetts, New Jersey and Missouri, according to research sponsored by the Internet Alliance, a Washington-based trade group.
Moreover, the Internet Alliance said, 53 bills dealing with financial privacy have been introduced in 21 states, mostly in response to the Gramm-Leach-Bliley Act -- a sweeping financial deregulation bill that was approved by Congress two years ago. That legislation didn't preempt state law, and most of the bills being introduced at the state level are going beyond the privacy requirements it spelled out.
For example, some would require companies to get the consent of users before they could share some or all types of data with other businesses. "The big question is, how does a state government that has been rooted in geography deal with a medium that knows no boundaries?" said Emily Hackett, the Internet Alliance's state policy director.
Two key lawmakers, U.S. Sen. Ron Wyden (D-Ore.) and U.S. Rep. Billy Tauzin (R-La.), chairman of the powerful House Commerce Committee, both predicted last Friday that Congress will approve some form of online privacy legislation this year. Their comments came as rival groups of technology vendors and privacy advocates began separate lobbying pushes aimed at influencing the provisions of any new laws.
But Jeff Hartley, a spokesman for Cannon, said he and Eshoo don't plan to rush their proposed legislation through Congress and want to allow ample time for industry and privacy groups to weigh in on the bill. "We want all sides at the table in this," said Hartley, adding that all aspects of the proposal are open for discussion.
That includes the possibility of requiring "opt-in" consent mechanisms for collecting and sharing data, a tougher standard that has been sought by privacy advocates in place of the "opt-out" provision now included in the bill. It's all but certain that the bill will be revised, Hartley acknowledged. But Cannon and Eshoo "don't want to do anything to inhibit growth of the e-marketplace," he said. "We want to keep the ground fertile."