[Federal Register Volume 64, Number 244 (Tuesday, December 21, 1999)]
[Notices]
[Pages 71457-71459]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 99-33015]
=======================================================================
-----------------------------------------------------------------------
FEDERAL TRADE COMMISSION
Establishment of the Federal Trade Commission Advisory Committee
on Online Access and Security and Request for Nominations
AGENCY: Federal Trade Commission.
ACTION: Notice and request for nominations.
-----------------------------------------------------------------------
SUMMARY: The Federal Trade Commission (``Commission'' or ``FTC'') has
established an Advisory Committee on Online Access and Security
(``Advisory Committee''). The purpose of the Advisory Committee is to
provide advice and recommendations to the Commission regarding
implementation of certain fair information practices by domestic
commercial Web sites--specifically, providing online consumers
reasonable access to personal information collected from and about them
and maintaining adequate security for that information. The Commission
also seeks nominations of individuals for appointment to the Advisory
Committee.
DATES: The Advisory Committee will meet on February 4, 2000; February
25, 2000; March 31, 2000; and April 28, 2000. Nominations for Advisory
Committee membership must be submitted on or before January 5, 2000.
ADDRESSES: The Advisory Committee will meet in Room 432, Federal Trade
[[Page 71458]]
Commission, 600 Pennsylvania Avenue, NW, Washington, DC 20580. Advisory
Committee meetings will be open to the public. Parties interested in
submitting nominations should send an original and two copies to the
Secretary, Federal Trade Commission, Room H-159, 600 Pennsylvania
Avenue, NW, Washington, DC 20580. Nominations should be captioned
``Advisory Committee on Online Access and Security--Nomination,
P004807.'' To enable prompt review and public access, paper submissions
should be accompanied by a version on diskette in ASCII, WordPerfect
(please specify version) or Microsoft Word (please specify version)
format. Diskettes should be labeled with the name of the submitter, the
Advisory Committee caption, and the name and version of the word
processing program used to create the document. Alternatively,
nominations may be submitted to the following email address:
advisorycommittee@ftc.gov. The public may also submit comments in the
manner designated for nominations.
FOR FURTHER INFORMATION CONTACT: Laura Mazzarella, Division of
Financial Practices, Federal Trade Commission, 600 Pennsylvania Avenue,
NW, Mail Stop 4429, Washington, DC 20580, telephone (202) 326-3424,
email lmazzarella@ftc.gov; or Hannah Stires, Division of Financial
Practices, Federal Trade Commission, 600 Pennsylvania Avenue, NW, Mail
Stop 4429, Washington, DC 20580, telephone (202) 326-3178, email
hstires@ftc.gov.
SUPPLEMENTARY INFORMATION:
Authority: 15 U.S.C. 41 et seq.; 5 U.S.C. App. Secs. 1-15; 16
CFR Part 16.
In accordance with the requirements of Section 9 of the Federal
Advisory Committee Act, 5 U.S.C. App. Sec. 9(a)(2), and Part 16 of the
Commission's regulations, 16 CFR 16.5(d), the Commission has directed
publication of this notice that it has established an Advisory
Committee on Online Access and Security. The Commission certifies that
creation of the Advisory Committee is necessary and in the public
interest because it will further the Commission's work in fostering and
evaluating self-regulatory efforts to protect consumer privacy online.
By this Notice, the Commission is also requesting nominations for
members to serve on the Advisory Committee.
1. Background
The Commission has been involved in addressing online privacy
issues for almost five years.1 Throughout its online privacy
efforts, the Commission's goal has been to understand the emerging
online marketplace and its information practices, to assess the impact
of these practices on consumers, and to encourage and facilitate
effective self-regulation as the preferred approach to protecting
consumer privacy online.
---------------------------------------------------------------------------
\1\ The Commission held its first public workshop on privacy in
April 1995. Since then, the Commission has held a series of hearings
and workshops focusing on online privacy, including most recently a
public workshop on Online Profiling sponsored jointly with the
Department of Commerce on November 8, 1999. The Commission and its
staff have also issued several reports addressing consumer
protection issues, including online privacy, in the electronic
marketplace. See, e.g., Individual Reference Services: A Federal
Trade Commission Report to Congress (December 1997); FTC Staff
Report: Public Workshop on Consumer Privacy on the Global
Information Infrastructure (December 1996); FTC Staff Report:
Anticipating the 21st Century: Consumer Protection Policy in the New
High-Tech, Global Marketplace (May 1996).
---------------------------------------------------------------------------
The Commission has issued two reports to Congress describing the
status of domestic commercial Web sites' implementation of fair
information practices. In Privacy Online: A Report to Congress (June
1998) (``1998 Report''), the Commission described the well-settled fair
information practice principles of (1) Notice/Awareness; (2) Choice/
Consent; (3) Access/Participation; (4) Integrity/Security; and (5)
Enforcement/Redress. The 1998 Report assessed existing self-regulatory
efforts in light of these fair information practice principles and set
out findings of the Commission's extensive survey of commercial Web
sites' information practices. The 1998 Report concluded that an
effective self-regulatory system had yet to emerge and that additional
incentives were required in order to ensure that consumer privacy would
be protected.2
---------------------------------------------------------------------------
\2\ With respect to the protection of children's privacy online,
the Commission recommended that Congress enact legislation. 1998
Report at 42-43. Congress subsequently enacted the Children's Online
Privacy Protection Act of 1998, 15 U.S.C. Sec. 6501 et seq., and
authorized the Commission to promulgate regulations implementing the
Act. The Commission's final rule was issued in October 1999. 16 CFR
Part 312 (1999).
---------------------------------------------------------------------------
In a follow-up report entitled Self Regulation and Privacy Online:
A Report to Congress (July 1999) (``1999 Report''), the Commission
noted that a recent Georgetown University study had found a significant
improvement in the number of Web sites meeting the fair information
practice principle of notice/awareness. The Commission also noted that
significant challenges remain for industry self-regulation,
particularly the full implementation of all fair information practice
principles identified in the 1998 Report. Recognizing that providing
reasonable access to and adequate security for personal information
collected from and about online consumers raises a number of
implementation issues for online businesses, the Commission announced
its intention to convene a task force to examine these
issues.3
---------------------------------------------------------------------------
\3\ 1999 Report at 14.
---------------------------------------------------------------------------
2. The Advisory Committee
Pursuant to Section 9 of the Federal Advisory Committee Act, 5
U.S.C. App. Sec. 9(c), the Commission has charged the Advisory
Committee with providing advice and recommendations to the Commission
regarding implementation of certain fair information practices by
domestic commercial Web sites--specifically, providing online consumers
reasonable access to personal information collected from and about them
and maintaining adequate security for that information. The Advisory
Committee will consider the parameters of reasonable access to personal
information and adequate security and report to the Commission on
options for implementation of these information practices.
The Advisory Committee will consider, among other things, whether
the extent of access provided by Web sites should vary with the
sensitivity of the personal information collected and/or the purpose
for which such information is collected; whether the difficulty and
costs of retrieving consumers' data should be considered; whether
consumers should be provided access to enhancements to personal
information collected directly from them, such as inferences about
their preferences and information about them derived from other
databases; appropriate and feasible methods for verifying the identity
of individuals seeking access; whether a reasonable fee should be
assessed for access, and if so, what a reasonable fee would be; and
whether limits should be placed on the frequency of requests for
access, and if so, what those limits should be.
The Advisory Committee will also consider how to define the
standards by which the adequacy of measures taken by Web sites to
protect the security of personal information collected online may be
judged; what might constitute reasonable steps to assure the integrity
of this information; and what managerial and technical measures should
be undertaken to protect this information from unauthorized use or
disclosure.
The Advisory Committee will conduct its work in accordance with the
provisions of the Federal Advisory Committee Act. The agency will
provide
[[Page 71459]]
necessary support services to the Advisory Committee. The duties of the
Advisory Committee will be solely advisory; determinations of actions
to be taken and policy to be expressed with respect to matters upon
which the Advisory Committee provides advice or recommendations shall
be made solely by the Commission.
The Advisory Committee will meet in Room 432, Federal Trade
Commission, 600 Pennsylvania Avenue, NW, Washington, DC, on February 4,
2000; February 25, 2000; March 31, 2000; and April 28, 2000. Meetings
of the Advisory Committee will be open to the public. Meetings of
subgroups of the full Advisory Committee will likely occur more
frequently. Subgroups will report to the Advisory Committee only. The
Advisory Committee will present its written report describing options
for implementing reasonable access to, and adequate security for,
personal information collected online, and the costs and benefits of
each option, by May 15, 2000. The Advisory Committee will conclude its
work on May 31, 2000.
Fifteen days after publication of this notice in the Federal
Register, a copy of the Advisory Committee's charter will be filed with
the Secretary of the Federal Trade Commission, the Committee on
Commerce, Science, and Transportation of the United States Senate, and
the Committee on Commerce of the United States House of
Representatives. A copy of the charter will also be furnished to the
Library of Congress and posted on the Commission's Web site at
www.ftc.gov. The charter will be available for public inspection in
accordance with the Freedom of Information Act, 5 U.S.C. 552, and
Federal Trade Commission regulations, 16 CFR 4.9, Monday through Friday
between the hours of 8:30 a.m. and 5 p.m. in Room 130, Federal Trade
Commission, 600 Pennsylvania Avenue, NW, Washington, DC 20580.
The Commission will provide additional information about Advisory
Committee meetings, including meeting times and agendas, in the Federal
Register and on the Commission's Web site, www.ftc.gov.
3. Nominations for Advisory Committee Membership
The Advisory Committee will include approximately thirty members
who are appointed for a limited term, to begin on February 4, 2000, and
to end on May 31, 2000, and who serve at the discretion of the
Commission. In selecting Advisory Committee members, the agency will
appoint individuals who can represent effectively the broad range of
interests affected by commercial Web sites' collection of personal
information from and about online consumers, including online
businesses, trade associations, privacy and consumer groups, and
experts in interactive technology.
Nominees should have expertise in the issues and/or technologies
relevant to the implementation of fair information practices by
commercial Web sites. Nominees must be able to attend all Advisory
Committee meetings and to participate in good faith in the tasks
undertaken by the Advisory Committee. Members of the Committee will
serve without compensation and will bear the cost of their own travel-
related expenses. Employees of the United States Government are not
eligible to serve as members of the Advisory Committee.
Advisory Committee members will be selected on the basis of the
following criteria:
1. The individual's participation would promote a balance of points
of views represented and functions to be performed by the Advisory
Committee.
2. The individual has expertise in or knowledge of the issues that
are the focus of the Advisory Committee's work.
3. The individual adequately reflects the views of the relevant
affected interest(s).
Interested persons may nominate themselves or others for Advisory
Committee membership. Nominations should include a summary of the
nominee's qualifications and of the interests he or she can represent
and should be submitted in the form and manner described above on or
before January 5, 2000. At its discretion, the agency may also appoint
Advisory Committee members according to the above criteria in order to
insure that committee membership is balanced in terms of points of view
and that the relevant interests are represented. The agency will notify
members of their selection as soon as possible after January 20, 2000.
By direction of the Commission.
Donald S. Clark,
Secretary of the Commission.
[FR Doc. 99-33015 Filed 12-20-99; 8:45 am]
BILLING CODE 6750-01-P
