Web privacy project gains White House nod

Web privacy project gains White House nod

Consumer concerns feed politicos’ frenzy

Consumer right to privacy has become a rallying point for political action. Federal and state governments have in the past relied upon the burgeoning Web industry to self-regulate; however, this hands-off policy appears to be fading fast, as demonstrated by multiple legislative initiatives announced in the past two months.

The Platform for Privacy Preferences (P3P), a standard whose technical protocols were released by the World Wide Web Consortium last November, was unveiled on June 21 in New York with the support of industry and government heavyweights including Microsoft, America Online, and the White House. The Clinton administration plans to redesign the White House Web site to be one of the first to comply with P3P, and Microsoft and Netscape have announced that the next versions of their Web browsers will be P3P-compliant.

Once implemented, P3P compares a user’s privacy preferences with the privacy practices of Web sites as the sites are accessed and will make end users more aware of what information they are making available when they enter a site. Despite the high-profile support for P3P, not all companies are in favor of the new standard. Online consumer advocate groups and online privacy companies like Webwasher.com criticize P3P as being too little, too late, especially since users will still be forced to provide information in order to get into Web sites.

In related news, President Clinton signed the Electronic Signatures in Global and National Commerce Act into law on June 30, using a smart card containing his personal digital signature. The act in effect gives electronic signatures legal enforceability when used to sign interstate and foreign transactions, and it is considered an important step toward implementing the U.S. government’s Paperwork Elimination Act.

In addition, the U.S. House of Representatives passed an e-signature bill in mid-June that gives electronic contracts the same legal weight as handwritten documents. The bill has been sent to the Senate for further discussion. The Department of Health and Human Services says it plans to have the final HIPAA privacy regulations published by September. HHS missed the June 30 deadline for publishing the transactions and code-sets rules.

The European Union is also discussing online privacy, specifically an agreement that would grant European Internet users greater privacy than their U.S. counterparts. U.S. firms that sign up under the safe harbor terms of the agreement would be subjecting themselves voluntarily to this higher privacy standard—at least in Europe.

All of this bodes well for the medical records market, which has long suffered from concerns over patient privacy. Between the dueling medical privacy acts being debated on Capitol Hill, the advent of the HIPAA rules (finally), e-signatures gaining enforceability, and the willingness of the federal government to advocate for consumer rights, standards for regulating access to electronic patient data could be in place by the end of the year.