Electronic Privacy Information Center
666 Pennsylvania Ave., SE, Suite 301
Washington, DC 20003 USA
1 202 544 9240 (tel) 1 202 547 5482 (fax)
info@epic.org HTTP://www.epic.org
December 14, 1995
Commissioner Christine Varney
Federal Trade Commission
Pennsylvania Ave. at Sixth St., NW
Washington, DC 20580
Dear Commissioner Varney,
I am writing to you to urge the Federal Trade Commission to investigate the misuse of personal information by the direct marketing industry and to begin a serious and substantive inquiry into the development of appropriate privacy safeguards for consumers in the information age. I am particularly concerned about recent reports which suggest that R.R. Donnelley is making available to the public the names, addresses, ages and telephone numbers of young children. Is the FTC aware of this practice? If so, what steps have you taken to curb this activity?
The FTC must move aggressively to address these and other growing threats to personal privacy. At the hearings last month, the Commission identified privacy as one of the leading consumer issues for on-line services. Unfortunately, the Commission's only proposal thus far to protect the privacy of Americans and users of new telecommunication services are non-enforceable guidelines that are far weaker than a similar set of principles developed twenty years ago.
It is time for the FTC to set aside the belief that voluntary standards will protect consumers. This approach has never worked.
- In 1991 the Direct Marketing Association refused to oppose the release of the Lotus Marketplace even though the product violated the Association's own guidelines. Consumer protest killed the product.
- More recently, the Marketry company of Bellvue, Washington proposed to sell email addresses gathered up from the network. This practice stopped after a similar protest, but many other companies are gearing up to sell this, and more personal data gathered from the Internet.
As you may be aware, other countries that have addressed this issue have found that enforceable legal standards are a necessary way to protect both consumer interests and those businesses that respect consumer privacy. When the Canadian Direct Marketing Association announced earlier this year that it would support a national privacy law it made clear that without such a law companies that were trying to protect consumer privacy would not be able to compete fairly with companies that did not. America On-Line effectively made a similar admission last year when it explained the sale of its consumer database by saying that it could not otherwise compete with other on-line service providers.
You should also be aware that public opinion polls favor a much stronger approach to consumer privacy than some representatives of the direct marketing industry may have lead you to believe.
- A 1991 Time/CNN poll found that 93% of American consumers believe "companies that sell information to others should be required by law to ask permission from individuals before making the information available."
- In the same poll, 90% said that "companies that collect and sell personal information should be prohibited by law from selling information about household income," and 68% said that companies "should be prohibited by law from selling information about product purchases."
I urge the FTC to investigate fully the circumstances surrounding the Donnelley company and more generally the ongoing misuse of personal data by the direct marketing industry. You should address the following issues:
- How is personal information collected and sold within the industry? What is the extent of data aggregation on particular individuals? Do current collection and trade practices violate federal or state law?
- Has the Mail Preference Service actually protected the privacy interests of consumers? Are there better and simpler methods for consumers to control personal data?
- What are the implications of the sale of direct marketing lists to federal and state investigative agencies? Does this practice violate privacy rights of American citizens? Should it be regulated or prohibited?
- Could new technologies for anonymous and pseudo-anonymous payment schemes coupled with enforceable legal rights ensure the development of on-line commerce that promotes business opportunity and protects personal privacy? What steps should be taken to pursue these new opportunities?
Now is the right time to ensure that appropriate practices and standards are developed. Many people today are looking to the FTC to provide leadership on this critical issue. We hope you will begin to demonstrate your concern by investigating the Donnelley matter.
Sincerely yours,
/sig/
Marc Rotenberg, director
EPIC