AOL give
privacy an expiration date
AOL tells its users that their 'opt
out' privacy preferences have expired -- and need to be
renewed.
By Doug
Brown, Inter@ctive
Week
UPDATED December 1, 1999 8:08 AM PT
An America Online policy is again
putting privacy issues on the front burner. The nation's
leading access provider recently started sending e-mails
to customers informing them that the privacy preferences
they signed up for a year ago - the ones telling the
company not to collect or distribute information about
their accounts or online habits - have
"expired."
AOL
(NYSE:AOL)
said that if subscribers want their preferences to
remain in place, they must again fill out what is known
as an "opt out" form. If they do nothing,
information about their accounts and Web habits may be
distributed to marketers and other interested parties.
The preferences' one-year life span is
part of a much-publicized privacy policy that AOL put in
place a year ago, said Andrew Weinstein, a spokesman at
AOL. He defended the policy, saying that the company
explained "to consumers in detail exactly how [the
preferences] will work. They work on a one-year basis.
If they want to receive materials after that, they are
given the ability to do that."
But privacy advocates evaluate the new
policy differently. They said most AOL users are
surprised to learn they have to redo their opt-out
preferences.
Critics not surprised
David Sobel, general counsel at
privacy advocacy group Electronic Privacy Information
Cente, said AOL's new approach to privacy is appalling,
but not surprising. It also could mark a step backward
for the industry's attempts to anoint "opting
out" the only privacy solution in the online world.
"I think that if we get to the point
of having a serious congressional examination of this
issue, it will be shown that 'opt out' is not
adequate," Sobel said. "I would show as
exhibit 'A' the kind of thing that AOL is sending out.
Not only will they bother you once, but it will become a
constant job to keep saying 'no.' "
Sobel favors legislation to deal with
the collection and sale of personal online information.
Industry, on the other hand, promotes self-regulation as
the only way to protect privacy without setting up
e-commerce roadblocks.
For consumers, opting out means,
generally, filling out a form - either online or on
paper - stating an unwillingness to have personal
information distributed. Users can opt out of lists used
for sending spam e-mail, having logs of their online
travels sold to marketers or having information about
what they buy online disseminated.
The concept has gathered momentum in
Washington, D.C. The Federal Trade Commission recently
sponsored a daylong conference that explored the
practice of harvesting and selling data about users'
online habits and ways to deal with it, including opting
out. There are also several House bills pushing opting
out as a way to help ensure consumer privacy.
But privacy advocates generally oppose
opting out, saying the practice is a smokescreen for
businesses more than anything else. Consumers must
remain constantly vigilant to keep their online
activities out of the marketing loop when the burden,
they argue, should instead be placed upon industry.
"You're in the world, not your
living room," said Sydney Rubin, a spokeswoman at
the Online Privacy Alliance, an industry coalition that
promotes privacy standards from an industry perspective.
"You have to read the privacy policies and then
choose whether or not to shop at a site."
