reports by government and advocacy groups
page highlights some of the more significant online documents
about privacy, in particular government reports and studies
by industry/interest groups.
For Australia the landmark document is the Australian
Law Reform Commission's three volume discussion paper
on the national privacy regime. Among other matters, highlighted
here, it recommends
establisment of a statutory tort of privacy and acceptance
of a coherent set of privacy principles encompassing the
public and private sectors.
A useful overview of recent US developments is provided
in the online briefing
by the bipartisan Congressional Internet Caucus.
There's a thoughtful discussion of the Canadian legislation
in relation to international developments in a report
by Colin Bennett, co-editor of Visions of Privacy:
Policy Choices for the Digital Age (Toronto: Uni of
Toronto Press 1999).
The Advisory Committee on Online Access & Security
of the US Federal Trade Commission (FTC)
recently released its 220 page Privacy Online: Fair
Information Practices in the Electronic Marketplace
on consumer access to information collected by commercial
websites and the security of that information.
Coming after a spate of privacy breaches by bodies such
as CDNow, DoubleClick, Amazon,
and RealNetworks, it reflects the FTC's 1998 Privacy
Online and 1999 Self-Regulation
reports to Congress.
Transcripts from the 1999 FTC workshop
on online profiling are also available online.
In the European Union the European Commission's Data
Directive is now in effect, seeking to harmonise legislation
among EU nations and to set a basic standard. The EU,
in contrast to Australia and North America, has not relied
on self-regulation of ISPs and commercial or other sites:
Brussels is moving to ensure compliance with mandatory
EU-wide principles and operational standards. It
was the subject of None of Your Business: World Data
Flows, Electronic Commerce and the European Privacy Directive
(Washington: Brookings 1998) by Peter Swire & Robert
While overall responses within the EU have been positive,
some critics argue that the Directive and new Directive-related
national legislation is unduly bureaucratic or used to
suppress freedom of speech. A recent example is
Jacob Palme's paper
on Freedom of Speech, the EU Data Protection Directive
& the Swedish Personal Data Act and his less temperate
of Swedish regulation of the Web.
The essays by Mayer-Schoenberger and Bennett in Technology
and Privacy: The New Landscape (Cambridge: MIT Press
1997), edited by Marc Rotenberg & Philip Agre, are
of more value in assessing European developments and their
Apart from the EU Privacy Directive, a significant document
is the OECD Privacy Guidelines.
The OECD produced a report
on Privacy Protection on Global Networks and one
on Implementing the OECD Privacy Guidelines in the
Electronic Environment: Focus on the Internet (Focus).
The report (PDF)
of its 1998 Workshop on Privacy Protection in a Global
Networked Society is of interest.
Economics may be Global but Politics are Local: Personal
Privacy in the Digital Age, a 1999 paper
by Stephen Kobrin and Eric Johnson, offers thoughtful
comments from the Wharton Business School about the differing
US and EU approaches.
The US National Information Infrastructure Agency produced
Paper on Privacy and the National Information
Infrastructure and the Federal Trade Commission (FTC)
provided Congress with an Internet privacy report
- Self-Regulation & Privacy Online - on 13
The 1998 Industry Canada and Justice Canada's consultation
on The Protection of Personal Information: Building
Canada's Information Economy & Society is useful
as a background to the C6 legislation noted earlier in
this guide. There's a broader view in the Radio-Television
on Competition & Culture on the Information Highway.
Behind the Numbers: Privacy Practices on the Web,
the 27 July 1999 report
from the US Centre for Democracy and Technology (CDT),
found that less than 10% of US sites met the FTC's minimum
Beyond Concern: Understanding Net Users' Attitudes About
Online Privacy, a study
by Lorrie Cranor, Joseph Reagle & Mark Ackerman offered
a much criticised but more nuanced analysis of US consumer
responses to privacy policies and seals.
A crucial document, like much of the writing from Donna
Hoffman and Tom Novak's eLab,
is their 1997 paper
Information Privacy in the Marketspace: Implications
for the Commercial Use of Anonymity on the Web.
In 2000 the California Healthcare Foundation published
two landmark reports: a detailed study
on the Privacy Policies & Practices of Health Web
Sites and a study of consumer attitudes
to privacy on health web sites. Unsurprisingly, it found
significant reluctance by many US consumers to divulge
any information and substantial reason for concern in
data collection/management practices.
In 2001 IBM and Harris Research released a detailed multinational
of consumer attitudes to online data collection and the
handling of information.
The report shows very clearly that businesses must have
'live' that policy if they are to gain and maintain the
confidence of their customers.