Thirteen years later, there can be no doubt that the United States needs a Data Protection Board. There is no mechanism to assess the new uses of transactional data. Current privacy safeguards are simply inadequate. First, individuals now carry the burden for identifying improper data collection practices and making corrections in personal records. When information is shared across the federal government or between public and private organization, it becomes increasingly difficult to identify problems and resolve complaints. Second, the Office of Management and Budget has failed to fulfill the role of privacy ombudsman, a stop-gap result of the failure to include the Board in the original Privacy Act of 1974. As David Flaherty notes, OMB has exercised weak leadership. When privacy requirements conflict with other federal agency goals, there is little guarantee that individual rights will prevail absent oversight from an independent board. Third, the United State lags behind other countries in protecting the privacy rights of its citizens. As participants in the emerging global economy, American companies are directly affected by data protection laws in other countries. The lack of a data protection agency in the United States leaves U.S. firms unrepresented when decisions are made about the transborder exchange of personal information. Finally, sector by sector protection or personal information in the private sector has left significant gaps in federal privacy law. Certain records are covered by federal statutes; other records receive no protection at all. Some have said that it is inappropriate to regulate private sector privacy. However, I believe that this view ignores the record of privacy legislation in the United States during the last ten years. For if one lesson is clear, it is that the United States Congress has shown itself willing to establish privacy safeguards in the private sector to ensure privacy protection, particularly where new technologies are involved. For example, as the cable industry took off in the early 1980's concern about the privacy of subscribers information also grew. Congress responded. The Cable Communications Policy Act of 1984 prohibited a cable service from disclosing The Data Protection Act 6 Summary Statement of CPSR information about a subscriber's cable viewing habits without the individuals consent. Electronic mail, a great boon to communication, also raised concern about the security of the content of electronic messages. The Electronic Communication Privacy Act of 1986 responded to the need for privacy protection for this new form of communication. And, when a nominee to the Supreme Court found that his choice of videos that he watched with his family in their home had become the subject of an article in a local newspaper, Congress enacted legislation to protect the rental list of video users. So, too, it should be with the sale of personal data, aggregated from separate lists, that is gathered and sold without adequate privacy safeguards or the knowledge and consent of the people involved. We believe that the Code of Fair Information Practices should be codified into law to provide this protection. The establishment of a data protection board is a modest first step that would shine some light on the privacy problems facing this country, and begin to propose solutions that could be adopted. This need not be an adversarial process that pits the federal government against the private sector, but it must be a determined process, conducted with dedication and a commitment to individual liberty. This is not about restricting technology; it is about the responsible application of technology so that risks to personal privacy are reduced. We should expect that the intimate details of our private lives enjoy the same protection whether big business or big government is the custodian. Absent clear privacy safeguards, we are left at the mercy of a rapidly evolving technology and an industry that can say little more than, "trust us." CPSR believes that the Data Protection Act is an important first step toward protecting the right of privacy for all Americans. The computer science profession is prepared to work with you and the other members of Congress to carry forward our long-standing commitment to privacy protection. The Data Protection Act 7 Summary Statement of CPSR Mr. WISE. Mr. Saltzgaber, the disclosure of Judge Bork's video rental records can illustrate how the release of routine transactional information can be prejudicial or offensive or harmful. In that case I am not sure it was harmful. We found out that he watched a lot of John Wayne movies, which put him right up there with the overwhelming majority of American citizens, I think. Suppose in the case of one of your supermarkets that a reporter gets the grocery list from a political figure and we learn that person buys no meat and mainly purchases three packs of beer a day. Can this not be troublesome? Is that not something that you would be concerned about? Mr. SALTZGABER. I guess, first off, the availability of that information doesn't exist at the grocery level. All of that data is brought back into a very secure and centralized facility. Citicorp has been operating with sensitive information in all of our existence. We handle the financial information of ourselves and institutional customers. So that data really is not available. We never release that kind of information to anybody, period. Mr. WISE. So you are saying you could not get that from the individual supermarket itself? Mr. SALTZGABER. That's right. Not through our system. They would have to follow you down the aisle and see you pick up the three six packs. Mr. WISE. I really think that Citicorp is aware of the privacy implications and you seem to have taken a lot of precautions and steps to protect consumer privacy. I am delighted to see that. Please correct me if I am wrong. What I understand from your testimony is that before a consumer is entered into this system they are given a card and they understand that this material may be used, at least to some extent. Am I correct that there is a quid pro quo here, that the consumer gets some benefits in exchange for which they permit themselves to be used in your system? Is that a fair statement? Mr. SALTZGABER. Yes, sir. Let me explain. Let's say the supermarket that you are shopping in is Ukrops and has electronic coupons. You can sign up for the program and do one of two things. You can sign up and be a part of that program and opt not to let us use your information, or you can say we will let you use the information, and then you will get coupons or offers not only from the retailer, but from other manufacturers. So you really have two choices. You can join the program and just be in the coupon program in that store and say to us not to use the information, or you can say you can use my information, and then as a part of that you will then get other offers from manufacturers or other marketers. Mr. WISE. So by signing up and permitting my name to be used I get more? Mr. SALTZGABER. That's exactly right. You can be in the program without letting us use the information, but there is a quid pro quo. If you let us use the information, then you can get additional offers from reputable manufacturers. Mr. WISE. When a consumer is told that information collected in the frequent buyer program is used for marketing purposes, do you believe that the customer fully understands that everything they purchase will be on record, liquor, records, magazines, bread, whatever it is? Mr. SALTZGABER. We have done a lot of focus group work with consumers. I think that most of us don't give them credit. They know what goes on in that supermarket. They are pretty sharp in many instances. Yes, I do believe that they do understand. However, I must also tell you that we are constantly checking. Anytime we do market research we are always asking questions in the privacy arena. Our program has evolved. When we started out I said, I think this is what the statement ought to say. As we have moved through the program, every time the consumer tells us more, we will evolve that, the way we tell them and what we tell them to make sure that they in fact do understand it. Mr. WISE. Do you feel that the consumer understands that the program extends beyond the supermarket? Mr. SALTZGABER. Yes, definitely. Mr. WISE. And furthermore, that that information may be maintained for years, or the profile of that consumer, and that it could be shared with many other companies over a period of years? Mr. SALTZGABER. Yes. Mr. WISE. Is there a written form that they sign? Mr. SALTZGABER. Yes, there is. Mr. WISE. Would you mind supplying that to the subcommittee? Mr. SALTZGABER. I would be happy to. [The information follows:] Number of people in your household, including yourself: Are you an employee of this store? Yes No If yes, Employee I.D. # So that we may serve you better, please provide the following optional information: Complete the following to get a card for another household member: As a member of the Reward America program, all your purchases will be automatically recorded. By signing this application, I ask that the Reward America card(s) be issued as I bave requested. I fully understand that the Reward America card is valid only at participating stores. Since your purchases will be automatically recorded, this allows us to provide you with other special offers and information about items that may be of interest to you-both from our stores and from other carefully screened companies. you do not wish to receive coupons, offers or other information, please check the box below. |