[Infowarrior] - Will AOL Goof Trigger New U.S. Law?

Sat Aug 12 00:13:00 EDT 2006

Will AOL Goof Trigger New U.S. Law?

Will AOL Goof Trigger New U.S. Law? By Frederick Lane
August 10, 2006 11:04AM
http://www.sci-tech-today.com/story.xhtml?story_id=02300000MCAG

The bill would require Internet companies to destroy obsolete electronic
data, and particularly data that could be used to individually identify
consumers. The bill would also instruct the Federal Trade Commission to set
up standards for the maintenance and destruction of data, and enforce the
provisions of the law.

New browsers are coming that could make or break your online sales. Read
³SSL in High-Security Browsers² to discover the latest best practices for
keeping your customers and sales secure.
The news that AOL released the search histories of 658,000 of its users is
renewing calls for federal legislation to protect consumer privacy online.

In the wake of the disclosure, Representative Edward Markey (D-Mass.) urged
his colleagues to take action on privacy legislation he proposed in February
of this year.

"Technology is the engine which will drive our economy into the next
century, but the success of this technology balances on the public trust,"
Markey said. "If 2005 was the year of the data breach, I want to make sure
that 2006 is the year of safeguarding the privacy of American citizens by
introducing legislation to prevent the stockpiling of private citizens
personal data."

Mandatory Deletion

Markey's bill is H.R. 4731, the Eliminate Warehousing of Consumer Internet
Data Act (EWOCID). The bill would require Internet companies to destroy
obsolete electronic data, and particularly data that could be used to
individually identify consumers. The bill would also instruct the Federal
Trade Commission to set up standards for the maintenance and destruction of
data, and enforce the provisions of the law.

The language of the bill does not define when data should be declared
"obsolete," and does allow companies to retain data for "legitimate business
purposes" or to satisfy court orders.

"In this digital information age, the personal data we hand over to dozens
of Web sites are the keys which unlock the personal lives and valuable
possessions of millions of Americans," Representative Markey said. "This
stored-up data about consumers' Internet use should not be needlessly kept
in perpetuity, inviting data thieves or fraudsters, or disclosure through
judicial fishing expeditions."

Markey's bill has languished in committee since it was introduced, and there
is no indication from the Republican leadership in the House as to when any
action will be taken on the bill.

"It's worth having a debate about what type of protections [those
corporations] should have," said Dave McGuire, director of communications
for the Center for Democracy and Technology. "It is also reasonable to ask
companies about what they're doing and what their plans are for data.
Companies should disclose if there are procedures in place to prevent
misuse." McGuire also added that there is no government standard regarding
data collection and storage.

Previous Federal Privacy Laws

Congress has typically taken a hands-off approach to privacy, but it has
responded in the past to high-profile privacy invasions. During the Senate
hearings on Judge Robert Bork's nomination to the Supreme Court, for
instance, reporters obtained lists of the movies he had rented (none were
particularly salacious). Congress responded by passing the Video Privacy
Protection Act, which bars the release of such information.

Some years earlier, a stalker obtained the address of actress Rebecca
Schaeffer from the California Department of Motor Vehicles and shot her when
she answered his knock at the door. That tragic event spurred passage of the
federal Drivers Privacy Protection Act.