Feeds

US Congress sits on hands while Web whizzes by

'Bookend' legislators hope industry will fix privacy so they won't have to

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Don't look to the US government for online privacy protection. It's all too confusing. The Congressional Commerce Committee were scratching their heads while Federal Trade Commission reps testified on Internet privacy legislation earlier this week, contradicting each other, and at times even themselves. FTC commissioner Sheila Anthony claimed to be "concerned" that the continuing absence of online privacy would "undermine consumer confidence and hinder the advancement of electronic commerce and trade, specifically of trade with the European Union and its 320 million consumers." Fair enough, but her colleague, FTC commissioner Orson Swindle, scoffed at any such need, pointing to a new, 14-page FTC report flattering industry's efforts to regulate Web privacy by itself. "I do not believe [our] Report accurately reflects reality," he declared, drawing more than a few double takes. But he quickly made it right: "First, the dated and unfavorable results of the 1998 FTC Study are prominently described in the first seven pages of the Report, while the current and favorable results of the [industry-sponsored] 1999 Georgetown survey are relegated to a brief discussion in the middle," Swindle explained. The point here apparently is that industry-sponsored surveys are a good deal more reliable than those cobbled up by his own office, and deserve greater attention. Go figure. The Commerce Committee, for its part, is indeed puzzled, and the jury is very much out. The Register has learned that any decision is likely to be delayed until after current US/EU policy harmonisation talks on Web privacy give some indication of which way the hot air is blowing. If national regulation appears inevitable, Congress is sure to climb on the legislative bandwagon lest the US Commerce Department gets the jump on them. But for now things are a bit quiet on Capitol Hill. That's because the Committee fears producing a slapdash bill that will require continual and publicly-embarrassing switchbacks and tweaks to get it into a reasonable form, as few members have the background in Internet computing needed to make a first-round knockout bill likely. Numerous members are "like bookends" in the discussions, a Committee spokesperson joked to us. "They're not up to speed on the issues, or the technology." In that case perhaps it's best that they don't try anything too strenuous - like drafting an Internet privacy statute, say. The core message here is that Web users had better look after their own privacy: the legislative momentum is drifting towards diffusion and forfeiture of responsibility - all of which may be a good thing, actually. And Zero-Knowledge Systems president Austin Hill couldn't agree more. His Canadian firm makes a software package combining strong crypto, proxy servers, remailing, and several other tricks to ensure not just privacy, but anonymity, on line. "Why should you trust the laws?" Hill asks, then answers: "Laws can change." Trust cryptography; trust the math, he urges. "Users," he says, "shouldn't have to trust me, or anyone else, for their privacy." A fair observation, and in it a hint of the boost companies like his may get from US Congressmen scratching their heads as the Internet whizzes by. Oh, and as for the Clinton Administration's position on Web privacy, Internet inventor Al Gore declined to take The Register's call. Perhaps he's now occupied with inventing the World Wide Web. We'll let you know if we ever get through. ®

Combat fraud and increase customer satisfaction

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.