Legislative and regulatory interest in privacy may soon broaden beyond online transactions to include wireless networks and off-line databases, according to Jodie Bernstein, the U.S. Federal Trade Commission's (FTC) top consumer protection official.
Wireless technology raises unique issues, said Bernstein, speaking at a U.S. Chamber of Commerce e-commerce forum this week. "How do you put conspicuous disclosures on a screen this big?" she said, gesturing with her hand to illustrate the small screen size of a handheld wireless device.
Bernstein said investigating the application of privacy rules on wireless commerce is "likely to be the next thing we have to do." One thing the FTC wants to avoid is a "move in the direction of a regulation that would foreclose a new technology," she said.
But Robert Rothman, director of legal affairs at e-GM, General Motors Corp.'s e-commerce division, said privacy rules in wireless networking raise many questions.
"There are very, very complex relationships here with content providers, content aggregators, service providers - and the privacy policies of each can differ," said Rothman, who also spoke at the e-commerce forum. "How do we disclose all of that orally?"
Detroit-based GM has been moving into content delivery via its OnStar system, a wireless voice-communication system installed in vehicles that can provide directions, emergency help, reservations services and other features.
"Are you going to be able to do the same kind of disclosures that are done online? I don't think so," said Rothman.
Bernstein said the FTC has looked at many off-line, sector-specific database issues, especially in the financial area in response to the Gramm-Leach-Bliley Act, the financial modernization bill. A rising question, she said, is whether privacy legislation will develop that "will comprehensively cover off-line and online issues, together."
Andrew Shen, a policy analyst at the Electronic Privacy Information Center in Washington, said he also expects that more attention will be given to a comprehensive approach to privacy protection. "To a large extent, it doesn't make sense to make a distinction between two types of data. My name is my name," he said.
For businesses, a comprehensive set of privacy rules may untangle some of the problems a diverse company may now face when it has to comply to different sector-specific rules, said Shen.