Other letters:
http://www.ccianet.org/letters/hollings_privacy.php3
http://www.uschamber.com/Press+Room/2002+Releases/May+2002/02-93.htm
Fwd: CSPP's current CEO members are: Michael Dell, Dell (chairman of CSPP); Craig Barrett of Intel; Carly Fiorina of HP; Chris Galvin of Motorola; Lou Gerstner of IBM; Lars Nyberg of NCR; Joseph Tucci of EMC; and Larry Weinbach of Unisys. Computer Systems Policy Project May 15, 2002 The Honorable Fritz Hollings Chairman United States Senate Committee on Commerce, Science and Transportation Russell Senate Office Building Washington, D.C. 20510 Dear Mr. Chairman: The Computer Systems Policy Project (CSPP) has for some time supported efforts to develop practicable, baseline national privacy legislation. The CEOs of the CSPP companies have personally met with Senators on a number of occasions over the past three years to communicate the principles they believe constitute effective privacy legislation. Those principles are attached. We find it unfortunate that S. 2201, the Online Personal Privacy Act, as introduced by Chairman Hollings, deviates considerably from our long-espoused principles. CSPP is opposed to S. 2201 as drafted and recommends that the following changes be made: Scope - Offline/Online - CSPP supports privacy laws being, to the greatest extent practicable, equally applicable to both online and offline commercial transactions. Personal information should receive consistent protection, regardless of where it is collected. As introduced and amended, S. 2201 purports to protect the personally identifiable information (PII) provided by individuals to companies with which they transact business. However, the bill limits statutory protection to data shared with businesses through the Internet or online channels. The bill should be amended to expand its application to protect all PII shared in all commercial transactions where that information is collected or processed by an automated means. Preemption - We strongly support preemption of state law with respect to privacy. As written, S. 2201, could be interpreted as preempting only "State statute, regulation, or rule" with regard to Internet privacy. The bill must be redrafted to more clearly define state law to include the preemption of state judicial rulings. Private Right of Action - We believe that the Federal Trade Commission Act is adequate deterrence of and contains sufficient enforcement provisions against unfair and deceptive practices, including failure of a commercial entity to abide by its published privacy policy. We believe the proposed right of consumers to bring private action would only result in unwarranted litigation for damages above and beyond the penalties already imposed by federal law. Access - While CSPP supports individuals having reasonable means to review the PII retained by companies, we concur with the earlier FTC findings that the extensive implications of providing access warrants additional study prior to enactment of a legislative requirement Although we have limited our comments in this letter to those issues raised by our legislative principles, CSPP members have many additional concerns about how S. 2201 in its present form would impact the Internet and e-commerce. We will continue to work with the Senate to craft balanced legislation that enables individuals to make informed privacy choices while preserving the convenience and savings of today's Internet. Sincerely, Ken Kay Executive Director Computer Systems Policy Project