Privacy and NII
PRIVACY AND THE NII: SAFEGUARDING TELECOMMUNICATIONS-RELATED PERSONAL INFORMATION (NTIA, Department of Commerce 1995) (principal author).
As the National Information Infrastructure (NII) is built, more and more individuals will use it for a wide range of transactions. In the course of using the NII, individuals will create information trails that could provide others, in the absence of safeguards, with the personal details of their lives.
In this White Paper, the National Telecommunications and Information Adminstration (NTIA) hopes to contribute to the broader privacy debate by addressing the privacy issues related to a specific sector — the telecommunications sector. Specifically, this paper focuses on the privacy concerns associated with an individual’s subscription to or use of a telecommunications or information service. The overall purpose of the paper is to provide an analysis of the state of privacy in the United States as it relates to existing and future communications services and to recommend a framework for safeguarding telecommunications-related personal information (TRPI).
The analysis provided herein reveals that there is a lack of uniformity among existing privacy laws and regulations for telephony and video services. In fact, similar services are governed differently depending on how they are delivered. And, other communications services like those available over the Internet are almost entirely unprotected. Furthermore, NTIA believes that it will become increasingly difficult to apply existing privacy laws and regulations to communica tions service providers as services and sectors converge, and as new technologies evolve.
To rectify limitations in existing telecommunications privacy law and to provide consumers with a uniform privacy standard for TRPI, NTIA proposes a framework that draws upon the Information Infrastructure Task Force’s NII Principles for Providing and Using Personal Information. This framework has two fundamental elements — provider notice and customer consent.
Under this proposed framework, telecommunications and information service providers would notify individuals about their information practices, abide by those practices, and keep customers informed of subsequent changes to such practices. Service providers would be free to use information collected for stated purposes once they obtain consent from the relevant customer. Affirmative consent would be required with respect to sensitive personal information. Tacit customer consent would be sufficient to authorize the firm to use all other information.
NTIA believes that establishing minimum privacy protections across the communications industry would ensure that consumers are provided with a reasonable level of privacy protection. Uniformly applied, a common “base” standard could also prevent some industries from gaining an unfair competitive advantage.
- [access published version @ Department of Commerce, NTIA]