Manufacturers get rules to guard consumer data But advocates question if voluntary guidelines will really protect privacy


WASHINGTON -- A group representing some of the nation's largest computer makers issued modest guidelines yesterday that are meant to help its members better protect the privacy of consumers' personal data.

But some privacy advocates questioned how effective the new rules would be, since they were strictly voluntary and would not be enforced.

The Information Technology Industry Council, whose members include household names like IBM Corp. and Compaq Computer Corp., said its members should clearly tell individuals how personal data they collect will be used or disclosed.

During transactions with consumers, many companies collect large amounts of personal information. Often the information is shared between departments in a company. Personal data also are sometimes sold to other companies.

The trade group said at the time that such information is collected, its members should give consumers the "informed choice," based on being told the intended use of the data, not to have their personal data disclosed.

"We believe that consumer confidence is a key ingredient in the success of electronic commerce," said Rhett Dawson, the council's president. "ITI's action demonstrates our members' commitment to address consumer concerns about privacy in cyberspace."

Analysts have said electronic commerce, also known as e-commerce, will never reach its potential until consumers are persuaded they can make routine purchases over the Internet in relative safety.

The guidelines would also call for members to limit what personal data they collected only to that needed for valid business reasons.

Meanwhile, companies collecting and using personal data should take measures to protect the data from unauthorized access and disclosure, limiting employee access to data only to those workers with a genuine business need.

The rules mirror those voluntarily adopted by others as the industry reacts to White House requests for self-regulation to allay consumer worries. Many companies have moved to come to terms with consumer needs for assurance to forestall federal government regulation.

For instance, the Direct Marketing Association and McGraw Hill Cos. earlier this year made public their rules for handling personal information. In both those instances, however, the codes were mandatory, unlike the ITI's.

Evan Hendricks, a privacy advocate and editor of Privacy Times, was unimpressed by the ITI guidelines because of their voluntary nature and lack of any enforcement. "It's a pretty sincere effort but we're at the point where brochures aren't the answer," he said.

Pub Date: 12/09/97

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.