Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Privacy battle seen as a 'gathering storm'

September 25, 2002 12:00 PM ET

Computerworld - CLEVELAND -- When corporate privacy officers and legal experts get together for privacy conferences they typically worry and warn about how legislative actions by Congress, the states and local municipalities will affect systems and bottom lines. There's never a shortage of dire, worst-case predictions.
But at this year's Privacy 2002 Conference, they're really worried.
Things are lining up for real legislative battles next year in Congress and in the states, triggered by the impending expiration of a provision of the Fair Credit Reporting Act (FCRA) that blocks states from imposing their own data privacy rules.
Once that exemption expires in early 2004, states will be free to set privacy rules that exceed federal standards. The states, for instance, could limit affiliate sharing of customer data -- a serious threat to financial services firms that often set different lines of businesses as affiliates, entities that exist only on paper. Systems that now freely exchange information could be in for a major redesign.
"There is a gathering storm," said Michael Beresik, who heads PricewaterhouseCoopers' national privacy practice. He sees the expiration of the FRCA preemption provision as the vehicle leading to much larger debate on financial privacy, including a revisiting of the privacy provisions in the Gramm-Leach-Bliley Act.
And the threat that states could impose their own more stringent rules is a real fear. According to the National Business Coalition on E-Commerce and Privacy, a Washington-based group that represents large financial services firms and retailers, 548 privacy bills were introduced in state legislatures this year. Some have already been enacted: San Mateo County in California recently set restrictions on data sharing and is now facing a court battle with the state's large banks, and North Dakota residents recently voted for restrictions.
"State legislatures are becoming more and more aggressive every year in terms of going their own way on privacy," Beresik said at the conference, sponsored by Ohio State University's Technology Policy Group.
To survive and keep the federal preemption in place, Kirk Hearth, chief privacy officer at Nationwide Financial Services Inc. in Columbus, Ohio, said he believes "financial services industries are going to be forced to compromise very strongly" in Congress.
Financial service firms aren't the only ones facing trouble.
While Congress isn't expected to pass a broad, commercial privacy bill this year, next year has potential. "A lot of the developments this session will be the launching point for what happens next session," said Stuart Ingis, an attorney at Piper Rudnick LLP in Washington.
Bills in the U.S. House and Senate could impose a number of requirements on companies regarding the use of data and customer consent. Both would restrict a state's ability to adopt its own rules to some extent.
These bills could impose a number of practices on IT. The leading privacy bill in the House, the Consumer Privacy Protection Act, a bill sponsored by Clifford Stearns (R-Fla.), stands a good chance of winning backing by the House Committee on Energy and Commerce. It would require companies to participate in some kind of threat-warning service and to have a written security policy that has the knowledge of a company's top executive.
The Bush administration has generally opposed requiring companies to take specific action, although it is seeking comment during the next months on its cybersecurity protection draft proposal, which examines some of those issues.
Andy Purdy, senior adviser on the president's Critical Infrastructure Protection Board, said that his personal reaction "is that it is probably not too much to ask that CEOs and boards and directors are aware" of their company's security or privacy policies.
But while the White House would also recommend independent audits on a periodic basis, "I'm not suggesting that we require it," said Purdy.






Jump to comments

Privacy

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Forrester Consulting - Optimizing Users and Applications in a Mobile World
Learn how to successfully deploy a WAN optimization solution that is specifically tuned for a mobile environment!  

Faster, Cheaper and Easier to Maintain
Can you afford not to upgrade your servers to today's advanced, energy-efficient technologies?  

Effectively Implementing Datacenter Automation
Effectively select and deploy the best datacenter automation solution today!

Aligning IT to Business: The Rising Importance of Application Delivery Networks
Application Delivery Networking (ADN) will play a vital role in helping enterprises incorporate strategic technologies to achieve business initiatives.