IP: When Will We Have to Opt Out Daily?

[Dave Farber <farber () cis upenn edu>]

> Date: Fri, 03 Dec 1999 14:35:18 -0500
> To: David Farber <farber () cis upenn edu>
> From: "Lance J. Hoffman" <hoffman () seas gwu edu>
> Subject: When Will We Have to Opt Out Daily?
>
> Dave,
> The story below depicts, pretty accurately, a time-based privacy breach by
> AOL (who should know better).  I checked it out with someone in a position
> at AOL, and the story is essentially accurate.  It appears that with AOL,
> "no" does not mean "no" (and they even tell you that in the fine print).
> It's a pretty outrageous practice that brings the bad old practices of the
> pre-Internet age to today.  IP-ers might be intersted in it.
>
> Lance
>
>
> AOL To Users: Opt Out Again
> By Doug Brown, >By Doug Brown, Inter@ctive Week
> November 29, 1999 9:28 AM ET
>
> An America Online policy is again putting privacy issues on the front
> burner. The nation's leading access provider recently started sending
> e-mails to customers informing them that the privacy preferences they signed
> up for a year ago - the ones telling the company not to collect or
> distribute information about their accounts or online habits - have
> "expired."
>
> AOL said that if subscribers want their preferences to remain in place, they
> must again fill out what is known as an "opt out" form. If they do nothing,
> information about their accounts and Web habits may be distributed to
> marketers and other interested parties.
>
> The preferences' one-year life span is part of a much-publicized privacy
> policy that AOL put in place a year ago, said Andrew Weinstein, a spokesman
> at AOL. He defended the policy, saying that the company explained "to
> consumers in detail exactly how [the preferences] will work. They work on a
> one-year basis. If they want to receive materials after that, they are given
> the ability to do that."
>
> But privacy advocates evaluate the new policy differently. They said most
> AOL users are surprised to learn they have to redo their opt-out
> preferences.
>
> David Sobel, general counsel at privacy advocacy group Electronic Privacy
> Information Cente, said AOL's new approach to privacy is appalling, but not
> surprising. It also could mark a step backward for the industry's attempts
> to anoint "opting out" the only privacy solution in the online world.
>
> "I think that if we get to the point of having a serious congressional
> examination of this issue, it will be shown that 'opt out' is not adequate,"
> Sobel said. "I would show as exhibit 'A' the kind of thing that AOL is
> sending out. Not only will they bother you once, but it will become a
> constant job to keep saying 'no.' "
>
> Sobel favors legislation to deal with the collection and sale of personal
> online information. Industry, on the other hand, promotes self-regulation as
> the only way to protect privacy without setting up e-commerce roadblocks.
>
> For consumers, opting out means, generally, filling out a form - either
> online or on paper - stating an unwillingness to have personal information
> distributed. Users can opt out of lists used for sending spam e-mail, having
> logs of their online travels sold to marketers or having information about
> what they buy online disseminated.
>
> The concept has gathered momentum in Washington, D.C. The Federal Trade
> Commission recently sponsored a daylong conference that explored the
> practice of harvesting and selling data about users' online habits and ways
> to deal with it, including opting out. There are also several House bills
> pushing opting out as a way to help ensure consumer privacy.
>
> But privacy advocates generally oppose opting out, saying the practice is a
> smokescreen for businesses more than anything else. Consumers must remain
> constantly vigilant to keep their online activities out of the marketing
> loop when the burden, they argue, should instead be placed upon industry.
>
> "You're in the world, not your living room," said Sydney Rubin, a
> spokeswoman at the Online Privacy Alliance, an industry coalition that
> promotes privacy standards from an industry perspective. "You have to read
> the privacy policies and then choose whether or not to shop at a site."
>
>
>
>
> Lance J. Hoffman, Director, Cyberspace Policy Institute
> and Professor, Dept. of Computer Science, The George Washington University,
> Washington DC 20052.  Phone (202) 994-5513 Fax (202) 994-5505.
> http://www.seas.gwu.edu/seas/institutes/cpi/