At this stage, the U S Government has effected legislation on only the most sensitive of information and has allowed the industry to self-regulate. Final rules for health providers and plans are being effected and will be implemented within two years. For financial services there are new privacy standards under the Financial modernisation law passed in 1998. (DMA Website, 1999)
The Federal Trade Commission effected laws governing the privacy of minors taking effect from April, 2000. This prohibits marketing to children under 13 without the permission of their parents. (FTC Website, 1999)
The FTC established the Advisory Committee on Online Access and Security in December 1999. It's purpose was to provide advice and recommendations to the Commission regarding implementation of certain fair information practices by domestic commercial Web sites. In particular, the Advisory Committee addressed providing online consumers reasonable access to personal information collected from and about them and maintaining adequate security for that information. (FTC Website, 1999)
Any self-regulation must be uniform across the industry and include all database providers such as DMA, Acxiom, Criss Cross, medical records, health care and insurance providers and Government departments etc.
The Direct Marketing Association as mentioned in the case is one of these databanks. They operate as a Data Warehouse that each telemarketer or marketing member is able to access and retrieve lists as required.
The policies proposed by Gore are explained as follows:
As a database warehouse will hold a large number of names, it must use a specific and unique key. Because populations may be transient, the most specific key is a social security, drivers licence or tax file number. This is perceived as a threat to privacy as once the customer has been identified so specifically, the file is capable of holding an unlimited amount of information on a person; their credit card number/s
By using a primary key such as social security, tax file number or driver's license, a person's most current and up-to-date address and telephone number is available.
The positives to this type of procedure is that there is a single centralised database warehouse that can provide up to date and specific information to marketers and companies to ensure that their advertising dollars are optimally spent.
However, stringent protection and "opt outs" taken up by a large proportion of the population may reduce marketers' ability to specifically target their marketing efforts. Improved database administration has so far enabled marketing to be more productive and keep advertising and subsequently, prices of products lower than competitors.
The consumer's name needs to be blacklisted from the main database provider to ensure a consistent and uniform database. However, member databases may lose the ability to advise their customers of specific products aligned with the product that the blacklisted customer is currently using.
For instance, if a bank decided it would like to advise both existing and potential customers of a new facility offered within their cheque account, they would need to make a SQL Query to extract from DMA all customers that their product may be relevant to. This should perhaps include new potential customers, existing customers and their own "opt out" customers. Should the bank feel that the new information is part of a continuation of an existing service to their "opt out" customer, they then need to make a decision as to whether the information is necessary and specific to their customers' well being or whether it is simply an additonal, but stand alone product.
Unfortunately, whilst privacy invasion can be minimised, it is almost impossible to eliminate it.
However, a databank regulated or controlled by the Government does not guarantee the public confidence. Many individuals may feel that a Government controlled authority would further reduce the freedom they have from their Government and fear the "big brother" of Government far more than the "big brother" of commerce. The Government has done little to allay those fears. Only last week, USA Today reported that U.S Government agencies are one of the main offenders in breaching privacy by using cookies to track internet users and providing the information to private companies. (USA Today, 2000)
However, I feel that current regulations as they stand are limited and people's privacy is already at risk under the present commercial control and their information being a tangible asset of private enterprise. The risk of privacy infringements is exacerbated when databases hold such a high value as an asset.
DMA Website, 1999
FTC Website, 1999 Kid's Privacy  and Advisory Committee on Online Privacy and Security
Australian Government Privacy website, undated
McCullagh, Declan, "Your Driver's license for Sale?" 25th June, 1999 Wired.com
Amazon website, 2000
Tech Report, "Study: Govt Web sites track users" USA Today 23rd October, 2000