Dot-coms Wary of Privacy Bills

FRAMINGHAM (03/10/2000) - Drugstore.com Inc. uses e-mail to inform customers of prescription refills and new products. It's an important means of customer contact. But Congress and most states are considering privacy laws that could make that harder to do.

Five major Internet privacy bills are in Congress, and others will likely be considered in 44 states - every state with a legislative session this year. The bills may affect everything from Web site design to the bottom line.

For Drugstore.com in Bellevue, Wash., federal regulations could, for instance, mandate "opt-in" provisions on notification, compared with the company's default process that now lets customers opt out if they don't want notification on product specials. Andy Stergachis, Drugstore.com's chief pharmacist, said such a change could hinder customers from signing up for notifications.

And the potential for conflicting state regulations "would create a burden," he said. If that happens, "the concept of a single uniform privacy law vs. 50 state [laws] has merit," said Stergachis.

Drugstore.com already follows myriad state and federal rules related to pharmacy practice, including privacy restrictions. Stergachis said the company doesn't sell personally identifiable information.

But pressure for privacy regulations appears to be growing, especially in the wake of the revelation of DoubleClick Inc.'s plan to merge personally identifiable information with data on Web browsing habits. "Things like the DoubleClick incident ... have helped our cause," said Matt Raymond, a spokesman for privacy bill sponsor U.S. Sen. Conrad Burns (R-Mont.).

New York-based DoubleClick quickly acknowledged two weeks ago that its plan was a mistake and last week hired New York's consumer commissioner, Jules Polonetsky, to oversee its privacy activities. (An interview with Polonetsky is at www.computerworld.com.) But the moves aren't likely to curb the political furor.

"I don't think DoubleClick's announcement forestalls anything," said Chris Woods, CEO of FollowUp.Net LLC a permission-based Web marketing firm in Westport, Conn. "They brought something to a head that was probably going to a head anyway."

Privacy regulations, with their potential for giving consumers control over how information is shared, can hurt a company's bottom line, especially for companies that sell information. "It puts more control in the users' hands rather than [those of] the companies," said Topher Neumann, director of the Center for Trust Online at New York-based Ernst & Young LLP.

Privacy regulations could ultimately affect Web site design by setting requirements for the display of privacy notices.

Of key concern are regulations that hurt the ability to personalize marketing information. "The beauty of the Web is the fact that you can create these profiles," said Paul Terry, general counsel at Onview.com Inc., a fine art seller in New York.

The U.S. Federal Trade Commission has taken action against companies that post privacy policies and then violate them. Terry said he believes enforcement is a better approach than regulation.

Join the newsletter!

Or
Error: Please check your email address.

More about DoubleClickdrugstore.comErnst & YoungErnst & YoungFederal Trade Commission

Show Comments