Privacy Guide: Reports

overview

issues

Aust law

EU law

N America

agencies

advocacy

reports

primers

other writing

technologies

     reports by government and advocacy groups

This page highlights some of the more significant online documents about privacy, in particular government reports and studies by industry/interest groups.

A useful overview of recent US developments is provided in the online briefing by the bipartisan Congressional Internet Caucus.

There's a thoughtful discussion of the Canadian legislation in relation to international developments in a report by Colin Bennett, co-editor of Visions of Privacy: Policy Choices for the Digital Age (Toronto, Uni of Toronto Press 99).

The Advisory Committee on Online Access & Security (ACOAS) of the US Federal Trade Commission (FTC) recently released its 220 page Privacy Online: Fair Information Practices in the Electronic Marketplace report on consumer access to information collected by commercial websites and the security of that information.

Coming after a spate of privacy breaches by bodies such as CDNow, DoubleClick, Amazon, and RealNetworks, it reflects the FTC's 1998 Privacy Online and 1999 Self-Regulation reports to Congress.

Transcripts from the 1999 FTC workshop on online profiling are now available.

In the European Union the European Commission's Data Directive is now in effect, seeking to harmonise legislation among EU nations and to set a basic standard. The EU, in contrast to Australia and North America, has not relied on self-regulation of ISPs and commercial or other sites: Brussels is moving to ensure compliance with mandatory EU-wide principles and operational standards. It was the subject of None of Your Business: World Data Flows, Electronic Commerce and the European Privacy Directive (Washington, Brookings 98) by Peter Swire & Robert Litan.

While overall responses within the EU have been positive, some critics argue that the Directive and new Directive-related national legislation is unduly bureaucratic or used to suppress freedom of speech. A recent example is Jacob Palme's paper on Freedom of Speech, the EU Data Protection Directive & the Swedish Personal Data Act and his less temperate view of Swedish regulation of the Web.

The essays by Mayer-Schoenberger and Bennett in Technology and Privacy: The New Landscape (Cambridge, MIT Press 97), edited by Marc Rotenberg & Philip Agre, are of more value in assessing European developments and their wider implications.

Apart from the EU Privacy Directive, a significant document is the OECD Privacy Guidelines.

The OECD produced a report on Privacy Protection on Global Networks and one on Implementing the OECD Privacy Guidelines in the Electronic Environment: Focus on the Internet (Focus). The report (PDF) of its 1998 Workshop on Privacy Protection in a Global Networked Society is of interest.

Economics may be Global but Politics are Local: Personal Privacy in the Digital Age, a 1999 paper by Stephen Kobrin and Eric Johnson, offers thoughtful comments from the Wharton Business School about the differing US and EU approaches.

The US National Information Infrastructure Agency produced a White Paper on Privacy and the National Information Infrastructure and the Federal Trade Commission (FTC) provided Congress with an Internet privacy report - Self-Regulation & Privacy Online - on 13 July 1999.

The 1998 Industry Canada and Justice Canada's consultation paper on The Protection of Personal Information: Building Canada's Information Economy & Society is useful as a background to the C6 legislation noted earlier in this guide. There's a broader view in the Radio-Television Commission (CRTC) paper on Competition & Culture on the Information Highway.

consumers

Behind the Numbers: Privacy Practices on the Web, the 27 July 1999 report from the US Centre for Democracy and Technology (CDT), found that less than 10% of US sites met the FTC's minimum standards.

Beyond Concern: Understanding Net Users' Attitudes About Online Privacy, a study by Lorrie Cranor, Joseph Reagle & Mark Ackerman offered a much criticised but more nuanced analysis of US consumer responses to privacy policies and seals.

A crucial document, like much of the writing from Donna Hoffman and Tom Novak's eLab, is their 1997 paper Information Privacy in the Marketspace: Implications for the Commercial Use of Anonymity on the Web.

The California Healthcare Foundation recently released two landmark reports: a detailed study on the Privacy Policies & Practices of Health Web Sites and a study of consumer attitudes to privacy on health web sites. Unsurprisingly, it found significant reluctance by many US consumers to divulge any information and substantial reason for concern in data collection/management practices.

IBM and Harris Research last year released a detailed multinational study of consumer attitudes to online data collection and the handling of information.

The report shows very clearly that businesses must have an explicit and well-considered privacy policy and must 'live' that policy if they are to gain and maintain the confidence of their customers.

next page (primers)