Preface

Jerry Berman, President
Paula J. Bruening, Staff Counsel and Compendium Editor
Center for Democracy and Technology

The Center for Democracy and Technology is pleased to present this compendium of papers, Considering Consumer Privacy: A Resource for Policymakers and Practitioners.

Expanded use of computer technologies has increased public concern about commercial privacy worldwide. In response, US industry and the state and federal governments � with the active involvement of privacy and consumer advocates � have engaged in intensive experimentation in defining and implementing fair information practices. What has been learned from this experience varies based on one's perspective. While we have moved closer to consensus about some privacy issues, difficult questions remain to be resolved.

Over the last year, the privacy landscape changed significantly. The decline in the dot.com economy prompted a re-examination of the business models and information collection practices of online marketers. The aftermath of September 11 intensified government interest in access to and analysis of consumer data. Rather than pushing privacy aside, these developments led to a more in-depth focus on specific, practical aspects of privacy: notice, choice, access, privacy enhancing technologies, self-regulation, and the respective roles of the states and the federal government. Bills introduced in the last Congress prompted discussion of the discrete elements of a legislative approach to privacy protection. The debate focused squarely on what kind of privacy regime would best address the needs of consumers while still allowing business to engage in responsible information collection and sharing.

This renewed interest in the practical aspects of privacy protection represents a key opportunity to examine the issues in greater detail. To enhance this discussion, CDT called for papers from industry representatives, academic experts, and consumer advocates. We asked them to draw on their experience to consider the realities of implementing principles of fair information practices � notice, choice, access and security � as well as other issues critical to the definition of privacy.

The papers in this compendium also consider questions related to enforcement of privacy rules � pre-emption of state law, alternative dispute resolution, private rights of action, safe harbors and whether a law applied to online collection of information should apply offline as well.

The compendium is organized by topic. In choosing submissions, we attempted, as much as possible, to include a range of viewpoints on each issue. In most cases the papers submitted represent opposing viewpoints, as in the case of those by Peter Swire and Paul Misener on the online/offline question. In others, the papers illustrate unique perspectives, as in Robert Ellis Smith's review of privacy as a legislative issue and the Privacy Council's overview of privacy as a management challenge. In some instances, only one perspective is represented, inviting response and further discussion. Above all, we sought papers that would reflect current privacy policies, the challenges businesses and consumers encounter when these are put into practice, and the tensions inherent in some of these issues that remain to be resolved.

The result is a compendium that we hope will offer Members of Congress, their staffs, and the wider policy community a deeper and more comprehensive understanding of the practical realities encountered by companies and consumers dealing with personal data in the information age. Our goals are to provide a sense of what we have learned from the ongoing work on privacy, promote more informed discussion, and point the way to policy consensus.

We see this publication as the first step in a process that encourages thoughtful consideration of the issues. We invite all interested parties to engage in further discussion and analysis.

We are grateful to all who contributed papers to this compendium, and we look forward to a productive dialogue in the coming months.