Hi Toby, Jill, Abbe and David:
Thanks again for the opportunity to participate on the
panels last week during the Workshop on Children's Privacy. Following are a few
suggestions not captured in my original feedback that were covered during the workshop:
* Privacy protection can be graded according to the level
of intimate information shared. In other words, free content sites are not required
to register visitors. For sites that want registered users to customize content, and
will use that valuable information, there is an acceptable cost to verifying consent.
And for transaction-enabled sites, where personal information is needed, the value
created in the transaction can support a process that causes an acceptable verification
cost. In general, most Internet sites today are content and community (not
transactions), but do gain a value from the personal information collected, and should be
willing to accept a reasonable cost to protect the precious resource of privacy.
* The Commissions should strongly consider the
approach of verifying the results of privacy protection, and encourage auditable
accountability by businesses. This means that the processes, methods and
technologies can vary over time -- but the end result is the same: protected private
information. One approach that may be useful is Performance Standards and Criteria.
* One implementable approach that can be used is to set up
a scorecard systems (possibly like http://www.gomez.com) that Commission staff can use to grade performance of sites.
The criteria that are used - both quantitative and qualitative - can be documented
in a standards document. A great example of this in Government is the Malcolm
Baldridge Quality Award (http://www.quality.nist.gov/).
This Quality process outlines several Performance Standards and Criteria (http://www.quality.nist.gov/docs/99_crit/ovrvu99.htm) so that individual businesses can improve their ability to deliver results.
The Commission can use this type of approach to improve privacy, while suggesting
metrics and approaches that are helpful. There can also be an Award recognition, as
a positive incentive, to those organizations that lead the way to better privacy and
achievement of the Performance Standards and Criteria.
* Sample Performance Standards and Criteria can be
categorized into categories, like Overall Safety of Site, Privacy Protection, Privacy
Disclosure, and Verification Frequency, and Verification Accuracy.
1. Overall Safety of Site: The site has never allowed, enabled or
permitted an act that has threatened or caused harm to a child. The site has
successfully deflected/rejected attempts to threaten or harm or child. Potential
Metric: Zero incidents of harm.
2. Privacy Protection: The site takes measures to
categorize levels of consent, according to the activities on the site. The site sets up
procedures and processes that affirm reasonable consent with regard to privacy. Potential
metric: A diagramed process flowchart of actions/procedures taken to verify consent.
3. Privacy Disclosure: The site has clearly stated
disclosure of its privacy policies. These policies are written in plain English and can be
criteria that must be disclosed. (This approach is already in use today)
4. Verification Frequency: The site regularly verifies the
user base to confirm that children have parental approval and consent. The site
samples an appropriate number of users to make sure that an automated procedure is
representative of a more labor-intensive process. Potential metric: 5% of all users
are surveyed during the year and confirmed that verification/consent is given
5. Verification Accuracy: The site has high degree of
confidence that user's privacy consent is valid. The site regularly samples its
users to re-confirm that information and privacy consent is given appropriately.
Potential metric: Less than 1% of inappropriate verifications are found.
These are initial thoughts, and if appealing to the
Commission, I am happy to discuss further.
Thank you very much, Paul
R. Paul Herman
(415) 575 3520 Phone
(415) 575 3525 Fax