Originally created 12/19/97

Computer privacy honored by companies



WASHINGTON - The computer data industry has adopted voluntary guidelines to help keep sensitive personal information like Social Security numbers and a mother's maiden name out of publicly accessed databases.

The Federal Trade Commission announced the deal Wednesday in a report to Congress. The agreement was signed by a group of leading information companies that make up 90 percent of the database industry, including Lexis-Nexis and the nation's three main credit reporting bureaus.

"The information industry's innovative and far-reaching, self-regulatory program will go a long way to address these concerns and lessen the risk that these services will be misused," FTC Chairman Robert Pitofsky said. "The industry should be commended for its responsiveness and commitment."

Pitofsky expressed concern, however, that the deal failed to give individuals enough access to certain types of public information, including mortgage agreements, marriage and divorce licenses and birth certificates. He said access to such court documents would allow people to discover and correct any mistakes.

"We trust the industry will bring the same spirit of cooperation to resolving these remaining issues. We also encourage industries doing business on-line to develop similar self-regulatory efforts to protect consumers' privacy," Pitofsky said.

According to the agreement, the 14 companies will not release to the general public certain types of non-public information, including Social Security numbers, birth dates, credit history and a mother's maiden name. They also agree not to release unlisted telephone numbers obtained from non-public records and unlisted addresses from telephone companies.

The restrictions would not apply to sensitive information that is derived from public records, such as birth certificates or state motor vehicle information. For example, 20 states use Social Security numbers on drivers licenses, the FTC said.

Qualified subscribers, such as law enforcement agencies and private investigators, would still have access to all data.

The companies agreed to be reviewed once a year to ensure their compliance with the new standards. Results of the audit would be made public.

"This compliance assurance mechanism will curb misuse of non-public, personal identifying information and should significantly affect the practices of the entire individual reference service industry," Pitofsky said.

Rep. Billy Tauzin, chairman of the House Telecommunications, Trade and Consumer Protection Subcommittee, applauded the agreement.

"I am very pleased that industry has stepped up to the plate with serious self-regulation that protects individual privacy while preserving the many beneficial uses of the databases," said Tauzin, R-La. "This is an important first step toward ensuring the privacy of users, while keeping government intrusion at a minimum."

In its report to Congress, the FTC laid out the risks and benefits from the increasing dissemination of personal data through electronic databases. Vast amounts of sensitive information can easily be accessed with computers through simple Internet searches, it said.

"The present challenge is to protect consumers from threats to their psychological, financial and physical well-being while preserving the free flow of truthful information and other important benefits of individual reference services," the report said.