FTC'S SWINDLE ENCOURAGES WIRELESS SELF-REGULATION ON PRIVACY
LAS VEGAS -- FTC Comr. Orson Swindle urged wireless industry at CTIA Wireless 2001 show here to focus on self-regulation for protecting consumers’ location-based information, saying that could stave off congressional action. “If you're going to wait around and not deal with a critical issue, then government is probably going to turn around and do something and I don’t think that’s the best solution,” said Swindle, who lauded CTIA petition to FCC that proposed principles for protecting privacy of location-based information. He warned of “incredible harm if we do it the wrong way, especially if we rush into it screaming ‘Oh, my God, Henny Penny, the sky is falling’ before we even understand the business models we are dealing with.”
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
While FTC has heightened consumer awareness of online privacy issues, “we have also contributed to the emotionalism of it,” Swindle said. He reiterated criticism of FTC recommendation last year, from which he dissented, for congressional action on Internet privacy that would cover every commercially available Web site. “This thing is elevated up to a rather high pitch,” he said, referring to influx of state and federal bills on Internet privacy. In Congress, members have been “dropping bills like pecans falling off trees,” Swindle said. Self-regulation message on Internet privacy issues is one that he also has advocated to other industry sectors.
Like others on consumer privacy panel Wed., Swindle touched on concerns about location and other online information collected in real-time as well as how long such data are stored. “There is an incredible deficit in understanding in why we do things the way we do that we have been doing for decades,” he said. “Industry has got to make its case better.” He also urged feedback, including on report that FTC will release soon on Dec. wireless Internet privacy workshop, for which agency may seek comment, Swindle said. “We have no great schemes for any assault on industry that I'm aware of, but we are in the learning process,” he said. “These are matters that are ever present. They are on our plate. And there is an FTC in your future, one way or another,” he said. “If you're not concerned about personal privacy, your head’s not screwed on right.”
James Dempsey, deputy dir.-Center for Democracy & Technology (CDT), asked: “Why haven’t we been able to get this across the goal line? People are deeply concerned about this issue. This should be the year to try to move to a resolution of the privacy issue, at least with respect to location information in the wireless industry.”
While wireless industry appears to be ahead of its wireline counterparts on online privacy, Dempsey said, he would prefer to see broader range of principles covered in CTIA’s proposal for location-based information, which CDT has supported. CTIA Senior Vp-Policy & Administration Michael Altschul said that FCC last week opened comment period on CTIA petition that asked Commission to begin rulemaking to implement parts of Sec. 222 of Communications Act to adopt proposed location information privacy principles (CD March 19 p5). Proposal would cover notice, consent, security and integrity of wireless location information. Petition also seeks to ensure that principles are technology neutral so subscribers could have same security expectations regardless of what device they were using, Altschul said.
Dempsey said limits also should be placed on information that could be collected so that it would be limited to only what’s needed to process transaction at hand. “Collection limitation is a critical element,” he said, and limits also should be placed on reuse, disclosure and retention of information. “This is the principle that information should be used only for the purpose for which it was collected” unless consumer specifically gives consent otherwise, Dempsey said. He gave example of wireless subscriber disclosing GPS coordinates to find nearby restaurant, for which use should terminate after information is provided unless customer determines otherwise. Information should be retained for “no longer than is necessary,” he said.
Dempsey stressed, however, that self-regulation didn’t solve issue of govt. access to location-based information from wireless networks. “You cannot self-regulate yourself out of this problem -- only courts and the Congress can set the standard for when the government can insist upon getting location information,” he said. “This information is going to be sitting in so many different places, stored to be accessible in real time. The government is going to come calling.”
Diversinet Vp-Sales & Mktg. Verne Meredith said service providers also should sign arrangements with customers in line with digital service level agreements so that each would have understanding of how information would be used and protected. “Here is the information I want from you and here is what you are allowed to have,” he said. Meredith referred to “glee” among service providers at how increasing amounts of location-specific user information could be used to track and reach consumers. “It’s really not being looked at in a balanced way and it’s important that industry do that.” He also cited need for rules on how information accumulated at back end of operations was handled, including whether it could be sold.