Failing E-Tailer in Privacy Battle

SAN MATEO (07/10/2000) - Bankrupted e-tailer Inc. in liquidating its assets moved to sell off an extensive customer database -- a move that Monday raised red flags at the U.S. Federal Trade Commission (FTC) because of privacy concerns.

The FTC claimed that toysmart's sale of its customer database would stand in violation of toysmart's own privacy policy, which had earlier passed muster with Truste, a non-profit privacy seal program.

"We are now in negotiations with FTC, and toysmart has not yet sold any assets," said Alex Rodolakis, a Boston-based bankruptcy attorney for the firm Hanify & King, which is overseeing the sale of toysmart's assets, including the customer database in question.

Rodolakis said Toysmart had agreed to work with the FTC on the privacy issues the agency raised before any sale of the customer database moves forward.

But the FTC -- claiming that the agency is exercising its authority to hold Web sites accountable to their own stated privacy policies -- moved to formally block the sale of the database, saying that sale would amount to a privacy violation.

The FTC also publicly hammered the Waltham, Mass.-based company for selling consumer data after promising not to do so.

"Even failing dot-coms must abide by their promise to protect the privacy rights of their customers. The FTC seeks to ensure these promises are kept," said FTC Chairman Robert Pitofsky.

The FTC has filed a complaint against the company with the United States District Court for the District of Massachusetts to keep from selling the data.

FTC officials said that toysmart collects detailed data including the names, addresses, billing information, and family profiles including the names and birth dates of children.

Because Toysmart has had a posted privacy policy that said the company would not sell the data to third parties, FTC officials vowed to hold toysmart to that promise even though the company went out of business on May 22.

"This is the first time an issue like this has come up in a bankruptcy situation," said former FTC official Peter Ward, now an attorney at the e-business group at the law firm Baker Donelson Bearman & Caldwell, in Nashville, Tenn.

In the offline world, customer account information has historically been treated as part of a corporation's assets, Ward said.

"In the bricks-and-mortar world, you give your name and information as part of a transaction," Ward said.

And when personal data is exchanged as part of a offline transaction, "there is typically no representation on the part of a seller that that information will be protected," Ward said.

Information flows more freely online and is often offered up by consumers after they are promised that the information will not be passed off to third parties.

Ward signaled that the toysmart incident may fuel the FTC's quest for privacy legislation.

"At some point, we will have to look at what privacy protections lists have," Ward said. "What happens to a list once a company enters bankruptcy or merges with another company?"

The FTC may claim that a new set of laws are necessary to answer some of those questions, Ward said.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Federal Trade CommissionFTCTRUSTe

Show Comments