Caslon Analytics elephant logo title for Privacy guide
home | about | site use | resources | publications | timeline   spacer graphic   Ketupa




Aust law

EU law

New Zealand

Asia law

N America





other writing


















section heading icon     reports by government and advocacy groups

This page highlights some of the more significant online documents about privacy, in particular government reports and studies by industry/interest groups.

For Australia the landmark document is the Australian Law Reform Commission's three volume discussion paper on the national privacy regime. Among other matters, highlighted here, it recommends establisment of a statutory tort of privacy and acceptance of a coherent set of privacy principles encompassing the public and private sectors.

A useful overview of recent US developments is provided in the online briefing by the bipartisan Congressional Internet Caucus. 

There's a thoughtful discussion of the Canadian legislation in relation to international developments in a report by Colin Bennett, co-editor of Visions of Privacy: Policy Choices for the Digital Age (Toronto: Uni of Toronto Press 1999).

The Advisory Committee on Online Access & Security (ACOAS) of the US Federal Trade Commission (FTC) recently released its 220 page Privacy Online: Fair Information Practices in the Electronic Marketplace report on consumer access to information collected by commercial websites and the security of that information.  

Coming after a spate of privacy breaches by bodies such as CDNow, DoubleClick, Amazon, and RealNetworks, it reflects the FTC's 1998 Privacy Online and 1999 Self-Regulation reports to Congress.  

Transcripts from the 1999 FTC workshop on online profiling are also available online.

In the European Union the European Commission's Data Directive is now in effect, seeking to harmonise legislation among EU nations and to set a basic standard. The EU, in contrast to Australia and North America, has not relied on self-regulation of ISPs and commercial or other sites: Brussels is moving to ensure compliance with mandatory EU-wide principles and operational standards.  It was the subject of None of Your Business: World Data Flows, Electronic Commerce and the European Privacy Directive (Washington: Brookings 1998) by Peter Swire & Robert Litan. 

While overall responses within the EU have been positive, some critics argue that the Directive and new Directive-related national legislation is unduly bureaucratic or used to suppress freedom of speech.  A recent example is Jacob Palme's paper on Freedom of Speech, the EU Data Protection Directive & the Swedish Personal Data Act and his less temperate view of Swedish regulation of the Web.  

The essays by Mayer-Schoenberger and Bennett in Technology and Privacy: The New Landscape (Cambridge: MIT Press 1997), edited by Marc Rotenberg & Philip Agre, are of more value in assessing European developments and their wider implications.

Apart from the EU Privacy Directive, a significant document is the OECD Privacy Guidelines.

The OECD produced a report on Privacy Protection on Global Networks and one on Implementing the OECD Privacy Guidelines in the Electronic Environment: Focus on the Internet (Focus). The report (PDF) of its 1998 Workshop on Privacy Protection in a Global Networked Society is of interest.

Economics may be Global but Politics are Local: Personal Privacy in the Digital Age
, a 1999 paper by Stephen Kobrin and Eric Johnson, offers thoughtful comments from the Wharton Business School about the differing US and EU approaches.

The US National Information Infrastructure Agency produced a White Paper on  Privacy and the National Information Infrastructure and the Federal Trade Commission (FTC) provided Congress with an Internet privacy report - Self-Regulation & Privacy Online - on 13 July 1999.

The 1998 Industry Canada and Justice Canada's consultation paper on The Protection of Personal Information: Building Canada's Information Economy & Society is useful as a background to the C6 legislation noted earlier in this guide. There's a broader view in the Radio-Television Commission (CRTC) paper on Competition & Culture on the Information Highway.

subsection heading icon     consumers

Behind the Numbers: Privacy Practices on the Web, the 27 July 1999 report from the US Centre for Democracy and Technology (CDT), found that less than 10% of US sites met the FTC's minimum standards.  

Beyond Concern: Understanding Net Users' Attitudes About Online Privacy
, a study by Lorrie Cranor, Joseph Reagle & Mark Ackerman offered a much criticised but more nuanced analysis of US consumer responses to privacy policies and seals.

A crucial document, like much of the writing from Donna Hoffman and Tom Novak's eLab, is their 1997 paper Information Privacy in the Marketspace: Implications for the Commercial Use of Anonymity on the Web.

In 2000 the California Healthcare Foundation published two landmark reports: a detailed study on the Privacy Policies & Practices of Health Web Sites and a study of consumer attitudes to privacy on health web sites. Unsurprisingly, it found significant reluctance by many US consumers to divulge any information and substantial reason for concern in data collection/management practices.

In 2001 IBM and Harris Research released a detailed multinational study of consumer attitudes to online data collection and the handling of information. 

The report shows very clearly that businesses must have an explicit and well-considered privacy policy and must 'live' that policy if they are to gain and maintain the confidence of their customers.

     next page  (primers)

this site
the web




version of November 2007
© Bruce Arnold | caslon analytics