FC: Should the Feds regulate online privacy? Debate in DC 3/20

[Declan McCullagh <declan () well com>]

***********

From: "Wayne Crews" <wcrews () cato org>
To: "Declan McCullagh" <declan () well com>
Subject:  Declan-- note on Cato Policy Forum on Privacy -wayne
Date: Wed, 14 Mar 2001 16:17:04 -0500

  Hi Declan, thought you'd like to know about the panel debate on privacy 
we're hosting here at Cato, Tuesday the 20th.  We'd of course be delighted 
if you would spead the word on the politech list.
Best,
Wayne

-----------
Wayne Crews
Director of Technology Studies
Cato Institute
1000 Massachusetts Avenue, NW
Washington, DC 20001

ph: 202.218.4602
fax: 202.842.3490
wcrews () cato org
The Cato Institute

invites you to a Policy Forum



Should the Government
Regulate Online Privacy?
A Tech Industry Debate



featuring



John Palafoutas

American Electronics Association



Mark Unacapher

Information Technology Association of America



James W. Harper

PolicyCounsel.com and Privacilla.org



            Numerous bills have been introduced to address online privacy, 
but they raise a host of questions about freedom of speech and impacts on 
e-commerce.  Will online privacy be treated differently from offline 
privacy?  Should federal rules preempt state rules?  Opt-in or opt-out 
?  Is government s role one of enforcing privacy contracts or of helping to 
set their terms?  What would legislation s impact be on the development of 
anonymizing software and browser policing functions and are such tools 
enough?






Tuesday, March 20, 2001

11:00 a.m.

(Luncheon to follow)



To register, call Megan Brumleve by 11:00 p.m., Monday, March 19, at (202) 
789-5229, fax her at (202) 371-0841, or e-mail to mbrumleve () cato org



The event will be held at the Cato Institute, 1000 Massachusetts Ave. NW in 
Washington, D.C.  The event will be broadcast live on Cato s 
website  (www.cato.org) in the event you are unable to attend.
***********

Date: Thu, 15 Mar 2001 01:01:57 -0500
From: " Scully () cipherwar com" <Scully () cipherwar com>
To: <Declan () well com>
Subject: Policymakers Should "Opt Out" of Privacy Legislation

http://www.cato.org/dailys/03-13-01.html

March 13, 2001
Policymakers Should "Opt Out" of Privacy Legislation
by Wayne Crews

Wayne Crews is director of technology policy studies at the Cato Institute.

Q: What belongs to you, but others use it more than you do?
A: Your name.

That old riddle captures the paradox of Internet privacy. People view 
personal information as "theirs," yet they realize others must know that 
information to deal with them. With the Internet, the problem is who should 
know what and when.

Today, a legislative push for federal privacy regulation is mounting. Much 
of the business community, including Hewlett-Packard, Intel and eBay, 
endorses legislation to require prominent notice of a Web site's privacy 
policy and a check box to opt out of information collection. President Bush 
has embraced such "notice and consent" policies.

But special policies for the Internet and not the off-line world (like 
supermarket discount card programs) are discriminatory and unfair. 
Moreover, any federal bill pre-empting states from setting their own 
policies will be contested. Most important, Congress' exploitation of fears 
of an Internet "eye in the sky" to gain new regulatory powers hurts 
consumers and e-commerce. Businesses don't seek information because they 
want to harm people. While sometimes irritating, they just want to sell 
stuff. Many people enjoy and are amazed that Amazon.com can anticipate the 
next book they may want to buy.

The notice and choice allegedly sought in privacy legislation exists now. 
Most Web sites feature privacy policies -- and those that don't should be 
avoided. Users can set their Web browser to reject information gathering 
(by turning off so-called "cookies"). Barring that, free software tools 
that warn when information is being collected can further empower 
consumers. For anonymous surfing, the market provides tools from Anonymizer 
to Zero Knowledge. The notion of "privacy" encompasses varying 
relationships between consumers and businesses. There is no one level of 
privacy appropriate for all that can be configured in legislation. And an 
individual may want to present different faces in the online world.

Government's role is not to dictate the terms of privacy contracts, but to 
enforce privacy contracts -- as when it halted Toysmart's sale of consumer 
data in violation of its stated privacy policy. Where sites post privacy 
policies, the data consumers make available will have been granted 
conditionally. As lawyer-author Jonathan Bick told GigaLaw, "[B]ad privacy 
agreements are deceptive trade practices."

The forgotten good side of the Internet's information customization is the 
improved relevance of offers and advertisements -- fewer pitches are 
"junk." However annoying, advertisements are welcome when offering 
something you need.

Information customization benefits individuals and society as a whole by 
lowering the costs of services like credit and insurance, and boosting 
their availability. The family that had to settle for a secured credit card 
may benefit from probability tables that find them a good credit risk 
because of job history or other facts. Information sharing expands options 
and gives people second chances. A reputation that could exclude an 
individual from service in one setting may be irrelevant in another, or 
when viewed in context with other Internet-gleaned facts.

Information also expands Internet access itself. While some pay monthly 
access fees, others who don't mind supplying information and suffering 
through a few banner ads can have free Internet access.

As businesses respond to consumer preferences, more stringent privacy 
protections will emerge when desired. Sites will develop policies knowing 
that ever-more-efficient browser cops will report to surfers on the level 
of security. Mistakes will be made. But restrictive policies can hinder 
evolving privacy technologies before they mature, weakening consumers 
against malicious spies and hackers who take advantage of a false sense of 
security.

And let's not forget that those same governments allegedly eager to protect 
privacy can be the leading offenders. It was they who mandated the creation 
and distribution of the most sensitive information in the first place, such 
as driver's license and Social Security numbers. Nothing can rival the 
Internal Revenue Service and a proposed Internet tax collection scheme in 
terms of invasion of privacy.

The distinction between information disclosure forced by governments and 
Web commerce is critical, so any law limiting information collection should 
target government first.

In the final analysis, restrictions on information collection have 
overwhelming free speech ramifications. As UCLA law professor Eugene Volokh 
has noted, we know things about any individual we run across. We may write 
down what we know or tell others. There are no rights to stop people from 
talking about you, he says, just as we talk about others -- and about the 
companies we deal with.

Policymakers should "opt out" of privacy legislation and avoid damage to 
e-commerce, consumers and the First Amendment.

This essay originally appeared on TechCentralStation.com.

***********




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if it remains intact.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------