DMA-FTC At Odds Over Internet Privacy Rules
Blasting the e-commerce industry for inadequate self-regulation of online privacy protection, the Federal Trade Commission has demanded Congress enact regulatory legislation.
The recommendation was the result of an FTC study of 426 commercial Web sites conducted in February and March. The results were released late yesterday; the recommendations last Friday.
The Direct Marketing Association (DMA) opposes the move, preferring industry self-regulation. It also released the results of its own survey on Saturday, beating the FTC by two days. DMA officials commenting its own the survey, said the results were a clear indication that industry self-regulation both working and preferable to government regulation.
The FTC study, conducted in February and March of this year, found that while almost all the Web sites studied collected an e-mail address or some other type of personal identifying information, most sites did not implement all four of the FTC’s fair information practice principles, Notice, choice, Access, and Security.
The survey looked at two groups of Web sites: a random sample of 335 sites and 91 of the 100 busiest sites on the Internet. The results showed intriguing differences between the two groups studied.
According to the FTC, 97% of the random sites and 99% of the popular sites collected personal data. However, only 885 of the random sites posted a privacy disclosure as compared to 100% of the busiest.
As for implementing the four fair information practice principles, only one-fifth of the random sample was in compliance. The popular sites just about doubled that at 42%. Furthermore, the data showed that only 41% of the random sites and 60% of the popular sites meet the basic Notice and Choice standards.
The survey also noted that while privacy seal programs have proliferated over the past year, only 8% of the random sites and 45% of the popular sites displayed such seals.
The results lead the FTC to conclude that industry efforts, while improving, are not sufficient to provide adequate protection of consumer online privacy.
The DMA released the results of its own privacy survey of the 100 most popular Internet shopping sites conducted between April 18 and May 12.
Overall, the DMA said it found 93% of those sites post their privacy policies. Of those sites, 95% describe what data they collect and how they use it; 91% indicate that they share the information they collect with third parties; 74% offer consumers the chance to opt-out from having their personal information shared with others; 73% describe their data security procedures, and 47% provide consumers access to their information for correction purposes.
Also yesterday the Online Privacy Alliance, a group of more than 100 companies and associations interested in Internet privacy, took issue with the FTC survey, saying it was “flawed because it attempted to measure whether sites provided consumers with adequate access despite the fact that no standard of data access has been established.”
The group also said that new laws and rules governing Internet privacy were not needed because “consumers already have significant privacy protections.”
In addition, the American Advertising Federation (AAF) weighed in, commenting that “the survey is proof that advertisers are moving aggressively to meet consumers’ demands for privacy protections.”
