A bill was quietly introduced in the House last week to protect the privacy of online services' customers.
The bill would make it illegal for online service providers to give out subscriber information without their consent.
Rep. Bruce Vento (D-Minnesota) introduced the Consumer Internet Privacy Protection Act of 1997, which requires online service providers to get prior written consent before releasing subscribers' "personal identifiable" information to a third party. The bill was introduced for the first time last August, but was tabled when the House session ended.
The bill is the latest Congressional effort to protect consumer privacy in cyberspace, an environment where sensitive information can travel quickly and where few safeguards protect information once it's provided. Experts say if electronic commerce is to hold, then consumers must feel secure about providing that sensitive information online.
Companies such as America Online, however, say the bill is unfair to online services. They argue that the bill in fact imposes more stringent restrictions on them than on their counterparts in the paper-based publishing world, pointing out for instance that catalog companies can sell mailing lists without prior written permission from consumers.
Privacy advocates counter that the additional regulation is necessary as online services have access to more information than the names and addresses that appear on mailing lists.
"These companies want to suck every little bit of money out of consumers that they can," said Dave Banisar, an attorney for the Electronic Privacy Information Center. "Who knows what AOL is collecting about us? I've talked to their lawyers and their technical people--I get a different answer every time."
AOL scoffs at such remarks; the company says it discloses the type of information it collects when users sign up for the service and that its members can have their name removed from the lists it sells, at any time.
"When people register for AOL, they're told what information we give out," said AOL spokeswoman Wendy Goldberg. "We don't give out members' telephone numbers, credit card numbers, or checking account numbers."
Online services say the bill would make their customers anonymous and harder to prosecute if they commit crimes online. But privacy groups say consumers are at the mercy of online service providers, who could give up a wealth of unauthorized personal information after being subpoenaed.
Rep. Veno's office remained confident that such issues can be worked out as the bill winds its way through Congress. His office has asked for online feedback from companies who would be affected by the bill.
"The online services haven't responded yet," said a representative. "They said they'd like to work with us and express their concerns. It's not easy to find common ground. We don't want to hamper growth, but we have to protect consumers."
If the bill is passed, the Federal Trade Commission would be charged with enforcing it. The bill does not specify any penalties for violators.
The FTC released its own report about online privacy January 6, the day before the bill was introduced. It said that online companies would have to do more to regulate themselves and protect privacy online, if they hoped to advance acceptance of electronic commerce.
The report offered specific suggestions on what kind of information Web sites should collect and how they should collect it. It also addressed the question of whether Internet companies should inform consumers about the information they are collecting, and described the types of technology that exist to protect information.