 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
H.R. 4678, the Consumer Privacy Protection Act of 2002
Subcommittee on Commerce, Trade, and Consumer Protection
Prepared Statement of The Honorable Billy Tauzin
Thank you, Mr. Chairman, and
let me commend you, first of all, for the extraordinary effort you and the
Subcommittee members have put into this complex and intricate issue of consumer
privacy. I believe this good work shows in the thoughtful, comprehensive new
bill that is the subject of today's hearing. One reason I am a cosponsor of H.R. 4678 is
because of your careful consideration of the issue as you crafted this
legislation: you have listened to all sides, all interested parties, and
worked off an extensive record of some six privacy hearings held by this
Subcommittee this Congress. The result, I believe, promises to be a significant
enhancement of the privacy protections for American consumers when conducting
commercial transactions. The hearing process behind this bill brought out a
fact that we must remember as we move forward: There are legitimate consumer
concerns about how companies collect and use information. There are also
actual abuses of consumer privacy occurring in the marketplace today. Whether or
not such abuses cause direct harm, they can still harm consumer trust and
confidence, which can produce a chilling effect on the expansion of goods and
services available to consumers overall. Of course, leading companies, often those with the
biggest brand names, understand the value of protecting consumer privacy.
They realize that making consumers comfortable about their privacy practices is
good for business. They also understand that betraying consumer trust is
business suicide. If all companies were like those leading the pack, then
this legislation might not be needed. But this is not the case. We know there are
some bad actors, a small minority of companies and individuals causing the
greatest grief for consumers. There is also a host of companies that
haven't made privacy a priority for their business. And so I think there
is need for targeted legislation to provide additional privacy protections for
consumers. This will provide a standard
level of federal law to govern privacy of consumers in those areas not already
covered by law. It brings everyone up to the level where the good guys
already are. We are going to raise the tide.
H.R. 4678 embodies a principal
that I think is essential for any new commercial privacy legislation: promote
consumers' privacy without unfairly hampering current commercial activity and
the vast consumer benefits generated by information sharing. The many components of this
bill align well with my position on privacy legislation. For example, I
will not support a bill that takes a medium-specific approach to privacy, such
as applying only to Internet transactions. Today's information
collection activities are not bound by any one medium.
Companies generally don't build separate databases or have differing privacy
regimes based on the medium used to collect consumer data. And we
should not legislate as if they do. We also cannot have 50
different laws for information sharing, which will only stifle interstate
commerce -- a scenario that gets even worse if localities start to jump on the
bandwagon. I'm pleased, Mr. Chairman, to see the bill takes a firm
stance towards state preemption. We must also ensure that
consumers have the information they need to make educated decisions about the
information collected and used about them. So I'm also pleased to see that
H.R. 4678 includes a detailed process to empower and educate consumers about
company privacy practices through notices and statements. And given that the sale of
information has been one of the strongest concerns raised during the hearings,
the bill appropriately includes an important obligation to permit the consumer
to preclude the sale of information from one company to another. But it
doesn't mandate that this be either opt-in or opt-out -- as broadly locking in
this decision is not in the best interest of consumers. Because privacy intersects so
many difficult issues, the list of essential measures needed to navigate this
terrain is too long to go into here. Suffice to say, I'm also pleased to see
the bill takes solid, defendable stances on other necessary fronts. It emphatically makes clear
that self-regulation is a necessary part of the process. It includes a
lengthy and extensive self-regulatory mechanism to allow privacy organizations
to police the actions of its members with an FTC backstop, if necessary.
This should increase compliance and ease the process consumers have to deal with
to get a problem resolved. On the legal front: The bill
bans private rights of action, which will prevent harmful lawsuits and limit
legal shenanigans. It is proper to do this because the bill includes
strong authority for the FTC to take enforcement action against violators -- and
we expect vigilance by the FTC in this matter. Lastly, the bill would deploy new information
security obligations and has specific, targeted fixes for identity theft and an
extensive provision dealing with the international aspect of this law. All
are needed and worthy provisions. I will encourage all Members to join this effort,
and be part of this bipartisan, balanced approach. No one should assume that
every word and comma of the bill is locked in stone. On the contrary, we
will be open to discussions on how best to improve the bill - without gutting
essential principles. If we work together perhaps we can work through any
perceived shortfalls. Let me add that we also have no set agenda for
moving the bill. We will decide where to go after the hearing. As I
stated during the privacy hearings last year, we are set on our own, determined
course here. We certainly haven't designed this bill as a response to
the Senate's work. This measure builds on our own thoughtful process. Thank you again Mr. Chairman, and I look forward to the witness testimony.
|
