ad info  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  




Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent



More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections


4:30pm ET, 4/16










CNN Websites
Networks image

Three necessary principles behind privacy laws

Network World Fusion

June 7, 2000
Web posted at: 10:56 a.m. EDT (1456 GMT)

(IDG) -- I have pushed quite hard for the U.S. government to pass some meaningful laws to protect the privacy of Internet users. Some readers have challenged me to describe any laws that could do anything useful. I'll give it a try.

I think there are three principles:

  • Tell me clearly what you are going to do with my data.

  • Don't change your mind.

  • Don't use data from other sources without my consent.

There are certainly problems with a local government, such as that of the U.S., defining laws to regulate the very international Internet, but the U.S. government can regulate how U.S. companies obtain and use information.

The government can do both of these things, but I'm not sure it should do the latter. I don't think it's productive for any government to say what information can be used in what ways because of the speed of change in the Internet landscape. But I do think that some basic laws would help a lot.

  10 awesome security utilities
  The future of online-privacy organizations
  Know your company's monitoring policy
  Privacy policies spread, but privacy doesn't
  Reviews & in-depth info at
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for network experts
  Search in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

Law No. 1: Every Web site that collects any information about visitors must have an easy-to-locate privacy policy that must say in plain English what data is collected and what purposes the data is going to be used for. This policy must cover any third party (such as DoubleClick or Akamai) that is in a position to collect information about Internet visitors.

Law No. 2: The Web site's policies cannot be changed to invade privacy in any additional way without clear notice and without discarding all information obtained under the previous policy. A site should have the option to ask individual users for their permission to retain the information about them, but must not retain information without specific individual approvals.

Law No. 3: No company doing business in the U.S. may use any data from Web sites that was not collected following the restrictions in the above laws.

Basically, individuals should be able to decide for themselves what level of privacy they are willing to give up. And they should be able to be sure that the companies, at least the U.S. ones that they are dealing with, will not lie to them. The European sites are already under far stricter rules than I ever expect to see here. The penalties for companies violating these laws should be significant.

For example, failing to post a privacy policy or posting a false one should mean a fine of $1,000 or 10 days revenue of the Web site, whichever is higher, for every day of violation. Making use of improperly collected data should be a felony for anyone making the decision to do so and result in a very large fine for the company.

Some observers claim the Federal Communications Commission already has the needed laws, but empirical evidence shows this not to be the case. Let's get this problem behind us once and for all.

Online records becoming too public, Clinton official suggests
June 5, 2000
How to fight privacy looters
May 31, 2000
Senate Democrats to introduce bill mandating Web privacy standards
May 24, 2000
Privacy fears prompt study, delay
May 22, 2000
Net privacy law costs a bundle
May 16, 2000
Rewriting the fourth amendment
May 12, 2000
More cops on the Net beat? Privacy groups say not so fast
April 10, 2000
Take Net privacy into your own hands
April 9, 1999
Internet crime report irks privacy groups
March 13, 2000

Know your company's monitoring policy
(Network World Fusion)
10 awesome security utilities
(PC World)
Privacy advocates alarmed over radio 'sniffers'
Cookie data others can reach
The future of online-privacy organizations
Privacy policies spread, but privacy doesn't
(PC World)
10 handy Net counter-espionage utilities
(PC World)
How to guard your online privacy
(PC World)

Electronic Privacy Information Center
The Coalition Against Unsolicited Commercial Email
American Civil Liberties Union

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.