Politech mailing list archives
FC: Republicans ask FTC to investigate .gov privacy practices
From: Declan McCullagh <declan () well com>
Date: Sat, 17 Jun 2000 01:19:48 -0400
******** http://www.uspsoig.gov/warning.htm YOU HAVE NO EXPECTATION OF PRIVACY USING THIS SYSTEM. In order to ensure compliance with applicable federal law and Postal Service policies, all uses of this system, and all data contained or transferred through this system may be monitored, read, captured, recorded or copied in any manner and disclosed in any manner, by authorized personnel. There is no right to privacy on this system. ********* Date: Fri, 16 Jun 2000 11:50:14 -0400 From: "Diamond, Richard" <Richard.Diamond () MAIL HOUSE GOV> Subject: Congressional Letter on FTC Privacy Regs Forgive the length of this... Congressional members today sent a letter (below) to the President and Vice President about the FTC's privacy recommendations. In sum the letter asks, "shouldn't the government have its own house in order on privacy before suggesting rules be imposed on the private sector?" A second letter was sent initiating a GAO study of whether the federal government meets the FTC's criteria. If you want a good example of an "interesting" government privacy notice, take a look at the USPS Office of the Inspector General website. You just have to read it for yourself. It's at the bottom of the page. http://www.uspsoig.gov/ http://www.uspsoig.gov/warning.htm June 16, 2000 The Honorable William Jefferson Clinton 1600 Pennsylvania Avenue, NW Washington, DC 20500 The Honorable Albert Gore Old Executive Office Building Washington, DC 20501 Dear President Clinton and Vice President Gore: The Federal Trade Commission (FTC) recently voted 3-2 to make a legislative recommendation to Congress regarding online privacy. Protecting personal privacy is obviously an important priority that deserves significant attention and thoughtful consideration. The 3-2 recommendation by the FTC called for legislation requiring commercial Web sites that collect personal identifying information from or about consumers online to comply with what they call "four widely-accepted fair information practices." According to the FTC report, these requirements would include: 1) Notice - Web sites would be required to provide consumers clear and conspicuous notice of their information practices, including what information they collect, how they collect it (e.g., directly or through non-obvious means such as cookies), how they use it, how they provide Choice, Access, and Security to consumers, whether they disclose information collected to other entities, and whether other entities are collecting information through the site. 2) Choice - Web sites would be required to offer consumers choices as to how their personal identifying information is used beyond the use for which the information was provided (e.g., to consummate a transaction). Such choice would encompass both internal secondary uses (such as marketing back to consumers) and external secondary uses (such as disclosing data to other entities). 3) Access - Web sites would be required to offer consumers reasonable access to the information a Web site has collected about them, including a reasonable opportunity to review information and to correct inaccuracies or delete information. 4) Security - Web sites would be required to take reasonable steps to protect the security of the information they collect from consumers. Congress will be carefully reviewing both the supporting and dissenting opinions of the Commissioners on this recommendation. As we do, it would be helpful to have some information about how the Federal government meets the criteria outlined by this recommendation. It would be hypocritical for the Federal government to mandate a standard on the private sector that it cannot itself meet. As you know, the Federal government collects and stores far more personal information than the private sector. There is much more personal financial data stored on IRS databases than will ever be collected by Amazon.com - and I'm not sure that the federal government has as good a record at protecting personal privacy. In fact, the IRS recently had to issue apologies to 1300 families for improperly disclosing personal financial information - offering checks of $1000 per family for the error. I'd be much more concerned about the IRS disclosing my personal financial information that about the GAP.com knowing how many pairs of jeans I've bought this year. Therefore, I would appreciate hearing from you both on the following questions: * What percentage of Web sites maintained by federal departments and agencies currently meet the privacy criteria outlined by the FTC's legislative recommendation? * Do you support having those criteria apply to the federal government? * * Will you commit to having the Federal government lead by example by meeting (or even exceeding) these standards before advocating their imposition on commercial sites? As we promised in the Contract with America, this Congress is committed to making the federal government live under the same laws it imposes on everyone else. As we consider this legislative recommendation from the FTC, it will be helpful to have a thorough understanding of how well the federal government currently complies with the standards it is asking us to impose on commercial Web sites. Sincerely, DICK ARMEY House Majority Leader Chairman, W.J. TAUZIN Subcommittee on Telecommunications, Trade and Consumer Protection ROBERT GOODLATTE Co-Chairman, House Internet Caucus CC: The Honorable Robert Pitofsky, Chairman, Federal Trade Commission Commissioner Sheila Anthony Commissioner Mozelle Thompson Commissioner Tom Leary Commissioner Orson Swindle -------------------------------------------------------------------------- POLITECH -- the moderated mailing list of politics and technology To subscribe, visit http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ --------------------------------------------------------------------------
Current thread:
- FC: Republicans ask FTC to investigate .gov privacy practices Declan McCullagh (Jun 16)