Privacy Benefits vs. Privacy Costs

by William Gillis

To regulate or not to regulate? Whether the government should institute privacy legislation to protect Internet users has become an increasingly acrimonious issue among lawmakers and lobbyists from both the pro- and anti-regulation camps. The battle reflects the public’s growing concern that their personal information is being indiscriminately tossed around on the Internet.

In May, a study commissioned by the Association for Competitive Technology (ACT), an organization formed by technology companies in 1998, concluded that federal privacy legislation might deal a $36 billion blow to e-commerce. The ACT study estimates that Web businesses might be forced to spend roughly $100,000 each in order to comply with the consumer-access provisions stipulated by many of the proposed privacy bills in the House and Senate. The study’s conclusions are based on estimates from more than a dozen software-consulting firms asked how much it would cost to design a Web site infrastructure that would allow users access toprivate information collected about them.

According to Steve DelBianco, ACT’s vice president, most sites lack the financial resources to comply. “We estimate that only 10 percent of sites would make the investment on consumer access. The rest would have to stop sharing information, or close down. And it’s impossible to say how much businesses would lose by not sharing lists.”

Not everyone is buying the study’s findings. A paper written by Peter W. Swire, a professor of law at Ohio State University and former chief counselor for privacy under President Clinton, argues that ACT’s study is seriously flawed. He believes that one-size-fits-all compliance software packages will be made available to Web sites that will cost far less than $100,000. “Small, medium, and many larger sites will buy software packages,” Swire wrote. “It is unrealistic to treat small sites as though they will pay the same compliance fees as large sites.”

One of the most thorough privacy bills introduced in Congress, and one cited in the ACT study, is the Consumer Privacy Protection Act (S. 2606), introduced in May 2000 by Sen. Ernest Hollings, D-S.C. The bill requires Web sites to provide users access to personal information that the site has collected about them, and to allow users to “correct, delete, or supplement” that information.

DelBianco claims that the consumer benefits of such bills have not been proven. “Consumers don’t need laws whose benefits are questionable, but [whose] costs are certain,” DelBianco says. “And the costs will mostly be borne by small businesses.”

Chris Hoofnagle, staff counsel with the Electronic Privacy Information Center in Washington, D.C., asserts that legal privacy protection will assure the public that doing business on line is as safe as doing it off line. “We’re going to need a statutory framework to protect privacy rights,” he says. “It’s the standard in most of the world. The U.S. is the world’s privacy dinosaur.”

The non-profit Internet security site announced in May that it will no longer track and archive the defacement of Web sites by hackers. Its volunteer staff could no longer keep up with the increasing numbers of defacement incidents. Over three days in April, more than 100 sites were defaced by online vandals — three times as many incidents as occurred during 1995 and 1996 combined.

In May, the Federal Trade Commission said that probably deceived customers when the online bookseller changed its privacy policy late last year. Amazon now considers customer information a company asset, and could sell customer information such as addresses, credit card numbers, and e-mail addresses, if it went out of business or sold a division. The FTC decided not to pursue enforcement.

Your state might be next. N.Y. Gov. George Pataki has signed an executive order banning state employees from using state-issued handheld cellular phones while driving state vehicles. Pataki also proposed legislation to institute a statewide ban on the use of handheld cell phones on all public highways, except in cases of emergency.

Small Business Computing Staff
Small Business Computing Staff
Small Business Computing addresses the technology needs of small businesses, which are defined as businesses with fewer than 500 employees and/or less than $7 million in annual sales.
Previous article
Next article

Must Read

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.