Testimony


Commerce Committee Testimony.

Reprinted from the Federal News Service October 11, 2000, Wednesday ... sections redacted unrelated to Mr. Chiang

CAPITOL HILL HEARING.

HEADLINE:
HEARING OF THE TELECOMMUNICATIONS, TRADE, AND CONSUMER PROTECTION SUBCOMMITTEE OF THE HOUSE COMMERCE COMMITTEE.

SUBJECT:
PRIVACY PROTECTIONS FOR CONSUMERS.

CHAIRED BY:
REPRESENTATIVE W. J. TAUZIN. (R-LA)

LOCATION:
2123 RAYBURN HOUSE OFFICE BUILDING, WASHINGTON, D.C.

WITNESSES:
REPRESENTATIVE E. CLAY SHAW, JR. (R-FL)

REPRESENTATIVE BOB GOODLATTE (R-VA)

LINDA D. KOONTZ, DIRECTOR, INFORMATION MANAGEMENT ISSUES, U.S. GENERAL ACCOUNTING OFFICE;

SALLY KATZEN, DEPUTY DIRECTOR FOR MANAGEMENT, OFFICE MANAGEMENT AND BUDGET;

ROGER BAKER, CHIEF INFORMATION OFFICER, U.S. DEPARTMENT OF COMMERCE;

ROBERT PITOFSKY, CHAIRMAN, FEDERAL TRADE COMMISSION;

JODIE BERNSTEIN, BUREAU DIRECTOR, FEDERAL TRADE COMMISSION;

LARRY CHIANG, CHIEF EXECUTIVE OFFICER, MONEYFORMAIL.COM;

GLEE HARRAH CADY, VICE PRESIDENT FOR GLOBAL PUBLIC POLICY, PRIVADA;

PARRY AFTAB, SPECIAL COUNSEL, DARBY AND DARBY, P.C.;

MIKE GRIFFITHS, CHIEF TECHNOLOGY OFFICER;

ANDREW SHEN, POLICY ANALYST, ELECTRONIC PRIVACY INFORMATION CENTER.

BODY:
REP. W.J. TAUZIN (R-LA): The subcommittee will please come to order. Today this subcommittee will hold a hearing on the important developments in the efforts to protect the privacy of American consumers.

Few issues in this industry generate such strong emotions as how to deal with the enormous amounts of personal information that are collected, distributed, stored every day by the Internet. This morning, later, we will hear from two of our colleagues -- Representative Clay Shaw and Representative Bob Goodlatte. Representative Shaw will explain to this subcommittee his legislation, H.R. 4857, the Privacy and Identity Protection Act of 2000, which has been reported out of the Ways and Means Subcommittee on Social Security and is currently awaiting action in the subcommittee.

In addition, the subcommittee will hear from Representative Goodlatte about the Lansdowne Privacy Summit, which the National Chamber Foundation hosted for House Republicans in May of this year, and what has come from that. I understand the foundation also scheduled a similar session with the House Democrats and unfortunately got cancelled, I believe. Representative Goodlatte co-hosted, along with my colleagues Chairman Bliley, Representative Ehrlich and myself, this privacy summit and I personally want to thank him for his efforts in this endeavor.

I also want to thank both of our colleagues for coming this morning and for sharing their views with us. This subcommittee has been a keen observer, for many years, of this debate -- holding hearings on this issue both in 1998, 1999 and, again, in 2000. Over the last year we have seen consumer concerns over privacy heightened and, as a result, specific federal responses. Congress has adopted two federal laws to deal with specific areas of concern -- the Graham- Leach-Bliley law, in which financial privacy laws are written, and the Children's Online Privacy Protection Act.

In addition, Americans have witnessed the development of a new private sector technology -- in fact, many technologies -- to help consumers as well as voluntary standards by industry to self-police and educate consumers. In certain areas the federal government and commercial entities have come together to achieve cooperative standards to govern their online conduct. Privacy was not created with the advent of the Internet. In fact, we have been passing privacy laws, I believe, for the past 30 years. But the Internet adds a level of dissemination beyond what Americans had ever thought possible and in many circumstances beyond which they feel comfortable.

While the Internet is still relatively new the issue of privacy, of course, is not. Prior to the adoption of the GLB and the COPPA laws, Congress had enacted privacy protections in a dozen other circumstances, indeed, over that past 30 years, with the Fair Credit Reporting Act in 1970 starting that process. The sharing of personal information did not begin when the Internet was established but many people remember party-line telephones and can recall door-to-door salesmen plying their wares using neighborhood directories. Businesses for decades have bought and sold their business assets including their valuable information databases about their customers. There's nothing new in that.

As I've said many times before, personal information has value to both consumers and to an information economy. We live in an Internet information age and obviously information is the lifeblood of that system. A consumer's purchasing patterns, online behavior, is indeed valuable information to marketers. But at the same time I believe that consumers should have the ability to control that information or at least to be potentially compensated for giving away personal information if it indeed is a valuable asset. One of our witnesses, who will testify later this morning, has a business model that operates on consumers being compensated for sharing their personal information.

The issues as we move forward in this debate in coming years are these: has industry done enough to protect consumer privacy or should government step in to establish minimum standards to protect against the bad player? And if there are standards that work for private industry should they also be applied to government's collection of personal information? After all, I can choose whether to give information to a private company but in many government agencies I don't have a choice. I'm obliged to provide them with personal information. Does the government have a higher standard in play here to protect the privacy of my information?

Well, hopefully this morning we'll shed some light on these matters. While a tremendous amount of attention over the past year has been paid to the privacy of consumers in dealing with private industry, very little has been paid to the federal government's collection of personal information. The last time I checked very few consumers, indeed, were providing information to the IRS strictly voluntarily. Consumers, indeed, can vote with their feet in the private sector and go to another business if they don't want to share private information with them. But can you refuse to do business with the IRS or the EPA or the Medicare program, for that matter? And if you do can you refuse to provide them with information they require of you in order to do business with them?

Earlier this year, Representative Dick Armey and I asked the GAO to conduct a survey of the privacy policies of federal websites and then compare it to the fair information practices recommended by the FTC for commercial websites.

In short, we wanted to see if federal websites would fare any better than the commercial websites if they were held to the exact same standards that the FTC has held the commercial websites in their reviews. Was the federal government ready to practice what it has preached?

Well, from the results of the survey -- which we will discuss today -- it appears that the federal government does not practice what it preaches. Our report is not the only GAO report that has produced failing grades for government websites and databases. The Horn report on database security and the Lieberman report on OMB privacy requirements have also both shown that the government is not doing an adequate job of protecting America's personal information.

On just two issues in recent weeks the government has flunked. On the placement of cookies on government websites, the results are troubling. Despite OMB memoranda in 1999, in June of 2000, prohibiting the placement of cookies on federal websites, the practice continues today at the IRS and possibly at other government websites. In fact, we learned in the GAO report, I think, that 14 percent of the websites surveyed potentially permit cookies on their federal websites.

And just last Friday the AP reported that the White House website itself violates COPPA by collecting personal information from children. While government websites can hide behind different standards, in these two instances they certainly do not live up to the spirit of the laws that apply in the commercial world. Chairman Pitofsky of the Federal Trade Commission has graciously agreed to testify today about the many FTC reports and activities in the past year dealing with privacy.

We'll also hear from private sector witnesses who will discuss online profiling and Children's Online Privacy Protection Act and the use of technology in protecting privacy. And we will hear from one entrepreneur with an interesting take on privacy. In short, we'll be looking at both the government sector and the private sector today and we will examine just how well we stack up. In short, while there's no obvious time this year for this committee to engage probably in legislation, the remaining days of this session, this hearing will be preparatory to activities next year in which we will continue our efforts to guarantee that both the federal government and the private sector respect the privacy of American citizens.

I want to close by inviting you -- I understand the website is down this morning but -- to visit the EPA website. Our staff visited the EPA website, I believe, yesterday and discovered that there is on the EPA website a section called "explorers' club" which invites children to give information about themselves to the EPA. Nowhere on this website is there a disclosure that children should first get the permission of their parents before sharing their private information with a government agency. There's something wrong when federal agencies can't obey the law that we impose on private citizens....

 

Prepared Statement of Mr. Larry Chiang
MoneyForMail.com, CEO
125 University Avenue, Suite 100

Palo Alto CA 94301
Panel 2, Witness 1 


PAGE 1  

 

Statement of

LARRY CHIANG

CEO, MoneyForMail.com Inc.

 

Submitted to

Subcommittee on Telecommunications, Trade, and Consumer Protection
Committee on Commerce
United States House of Representatives

 

Hearing On

Privacy Issues

October 11, 2000 




 

 


 

I. Introduction


Mr. Chairman and Members of the Subcommittee:

Good morning. I am Larry Chiang, CEO of MoneyForMail.com in Palo Alto California. I welcome this opportunity to comment on the current state of Internet privacy and the impact of compiling consumer data for  consumers and businesses. 

I am here to testify on what I believe are reasonable standards for promoting consumer safety for those who use the Internet, and to report to you the efforts my company has taken to help consumers “take back” their personal information.

The comments and views expressed in this Statement are offered in my capacity as CEO of MoneyForMail.com, and my experience in dealing with privacy and credit issues since 1989.  I will discuss:

·        Economic benefit of matching surfing data with “real world data”

·        How these combined data files may be abused

·        Potential discrimination using today’s technology

·        How privacy issues tie into Fair Credit Reporting Act

·        Future trends of consumer demographic collection

·        Pending privacy scandals

I believe strongly that you, the members of Congress, will play a critical role in shaping legislation that will enhance privacy by expanding and strengthening the consumer’s right to control his or her own own personal information. I appreciate the opportunity to share my views on that topic.

II. Economic benefit in matching surf data with “real world data”

Advertisers are willing to pay for advertising that better targets an audience. The medium of the Internet naturally lends itself to specifically targeted ad messages for users groups as small as one person.

Internet advertising agencies can earn a premium by matching online demographic data and “surf pattern” data with “real world” data.  Surf data is the tracking of user movements from web site to web site.  Real world data is purchasing history, club memberships, newspaper and magazine subscriptions and credit-related data.   

By “spooling up” banner ads to a person visiting particular web sites, the real world data serves as a qualifier of purchasing power and offline interests.

III. How these combined data files could be abused

Two particular industries have definite potentials for abuse: credit and insurance.

Say a web surfer visits a Las Vegas Hotel site and his combined profile dictates that he visits Vegas three times a year.  An insurance company underwriter may find that behavior tends to increase the likelihood of filing a fire insurance claim. Therefore, the insurance applicant may be rejected for fire insurance because of the Las Vegas visits.  Now take this example and apply it to breast cancer sites, Bible study sites, scuba diving sites -- and the potential to abuse privacy is very likely.

While this may sound far-fetched, is it unreasonable to assume it could not happen? I don’t believe so. After all, who would have guessed ten years ago that your credit record – a report of how you’ve managed your bills – would be a better predictor of how many insurance claims you would file than your driving record? Yet today a number of insurance companies rely on credit records when evaluating insurance applications. 

Combined data files put more information into everyone’s hands. While it may seem innocuous for a web site that sells BBQ grills to sell surf information to Midwestern beef houses, the consumer needs to control and know what data files are being used and distributed.

IV. Potential discrimination using today’s technology

Since web sites can be made dynamic to each and every particular web user, certain collected data files could be used to discriminate against consumers.

For example: access to low-cost mortgage rates could be kept from those individuals that have an online surf pattern of perpetually visiting job listing boards. The mere act of visiting a job listing board could signify job instability. Or, an insurance company could determine that people that purchase adventure gear (ski equipment, sky diving supplies or mountain climbing ropes) are not a good risk. These are the types of discrimination that are made possible using technology available today.

V. How privacy ties into the Fair Credit Reporting Act

Nearly thirty years ago, Congress enacted the Fair Credit Reporting Act to protect consumers’ credit reports. Your predecessors realized that this information played an important role in consumers’ lives, and that people should have the right to review their reports and challenge their accuracy. In addition, Congress acknowledged that this sensitive information should be available for limited purposes. 

Today we are beginning to see interesting overlaps between companies that collect credit data and companies that collect other data about consumers. Experian, one of the major credit reporting agencies, owns 19.9% of MyPoints.com and 6.4% of AdForce. Both are companies that derive the majority of their income from Internet advertising.

Is it such a stretch, then, to ask Congress to consider regulating Internet data collection just as it did credit data? Or is it unreasonable to ask the FTC to oversee these practices as it does the credit reporting agencies? 

VI. Future trends of consumer demographic collection

The holy grail of advertising has always been getting the right message to the right person.  The complaint of advertisers has been, “I know I am wasting 50% of my advertising dollars, I just don’t know which 50%.”  Collecting Internet demographic data and marrying it with real world data will only increase as advertisers try to narrow their targets.

VII. Pending privacy scandal

Right now the pieces are in place for a number of privacy scandals.

In Silicon Valley, you have (1) young CEOs – some in their 20’s – (2) heading up cash- strapped companies, (3) oblivious to privacy concerns, and (4) controlling private information worth a great deal of money. These ingredients up the likelihood of a privacy scandal which will negatively impact e-commerce. 

VIII. Conclusion 

It is my opinion that Congress should act now to establish guidelines for the collection and use of personal data on the Internet. At a minimum, consumers should be told what information will be collected when they visit web sites, what it will be used for, and steps they can take to ensure their privacy. The Federal Trade Commission should be given regulatory authority to ensure privacy, and to protect consumers’ rights.

Mr. Chairman and members of the Committee, I hope this overview has been helpful for you. If you have any questions, I will try to answer them. 

1. Dugas, "Your Money," USA Today, Feb 28, 2000, at p. 4B. 

2. Singletary, “Color of Money,” Washington Post, April 24, 2000, at p1.

3. Harris, "Digits: Gambits and Gadgets," Wall St. Journal, Aug. 17, 2000, at p7.

4. Abelson, “Money and Business,” New York Times, Jan. 9, 2000, at p2. 

 

Aug 17

Digits: Gambits & Gadgets
In the World of Technology

How Much?

What's your credit record worth to you? Try 50 cents a peek. That is about how much MoneyForMail.com (www.moneyformail.com) plans to offer consumers who agree to let marketers send Internet ads to them based on their credit record. Since January, the Internet start-up has offered consumers about 20 cents to view advertisements. Now the company will pony up more money per ad to customers who send in written permission to access to their credit reports. The payment comes in a check after the consumer has "earned" $10. "Consumers don't always know how truly valuable their credit report is," says President Gerri Detweiler, adding, "We wanted to give consumers a chance to be part of this process."

MoneyForMail.com, Palo Alto, Calif., keeps the credit reports on file and lets advertisers send e-mail advertisements to customers that meet their credit criteria. An advertiser can request to send e-mails say, to female consumers over the age of 25 who have no history of late payments. MoneyForMail says advertisers won't look at the actual reports, and neither will consumers. Ms. Detweiler says the site plans to let consumers get hold of their credit reports in the future: "But there are technical issues to be worked out."

--Nicole Harris Making E-Mail Ads Tastier Than Spam

By Michelle Singletary
Sunday, April 23, 2000; Page H01

I have at least one rule when I buy a car.

I always negotiate to get something free in exchange for the privilege of allowing the dealership to place its company logo on the back of my car.

I often get laughed at by dealers who think I'm playing. I assure you, I'm not.

Once, when I showed up to drive home our family's new Isuzu Trooper, I noticed during my inspection that the people at the dealership had prominently placed an advertising plate on the tail section of my car. I promptly told them to remove it.

I don't intend to ride around town advertising for Bob's Big Truck and Car Barn. No freebie or discount for me, no free advertising for the dealer. That's my rule.

I would even remove the car manufacturer's hood ornament on principle, but my husband doesn't like the little hole it would leave.

I'm the same way with clothing. I'm not using my personal body space to give any companies free publicity.

It comes down to this for me: You want me to advertise for you, then I've got to be paid.

So I'm more than pleased to hear about Money for Mail (www.moneyformail.com), a new Internet service that is paying consumers cold cash to read e-mail ads. It's high time we get something out of being bombarded by advertising pitches.

Now, getting a freebie isn't a new thing. Old-line companies have mastered the art of enticing consumers with coupon deals or offers of free goodies if they buy a certain brand or spend a certain amount of money.

The Internet isn't any different. You can get free stamps, music, Internet connections, pharmacy items, books and a growing list of other consumer items.

Bargains.com and Deal-Finder.com inform online shoppers about free offers, coupons and rebates. Go to Funtasia's Internet Coupons Web site (hometown.aol. com/mshum/coupons.html) and you will find information about "online coupons, codes, steals, bargains and freebies."

You can even get your taxes filed electronically for free--if you are willing to trade your personal financial information.

In too many cases, however, that's the trade-off. You get a freebie in exchange for your personal data, which of course then gets sold and bought multiple times with several companies profiting from the trades.

But what I like about Money for Mail is you don't have to buy a thing. You don't have to give up any of your personal business. You just view ads and collect a check.

This Web-based business was co-founded by Gerri Detweiler, a longtime consumer advocate. Detweiler argues that "consumers are sick and tired of companies cyber-snooping into their private lives without their permission, making a profit, then filling their mailboxes with junk."

Detweiler believes personal information is a valuable commodity and it's about time that consumers share in the wealth that companies have long enjoyed from the sale of it.

To that end, Money for Mail pays consumers from 20 cents to $2.50 for each e-mail ad that is read--and pledges to keep consumers' information confidential.

Members give the company information about themselves and their preferences, and the profiles enable Money for Mail to match advertisers with the consumers most likely to be interested in their products.

Under Money for Mail's business deal, the consumer gets 85 percent of the amount paid to the company from advertisers. The response rate is what brings advertisers back.

"We give the lion's share of the money to the consumers because it's their information and they should be able to profit from it the most," Detweiler said. "We are going to be a profitable company based on the volume of information we broker."

The money you get may seem like chump change, but imagine how much money we all could make if we began to charge for information about what detergent we like to use or which brand of toothpaste leaves our mouths minty and fresh.

"What I hope is that consumers realize how valuable their information is and they will start demanding companies compensate them for it," Detweiler said.

I agree with Detweiler when she says the Internet can make that happen. It allows companies such as Money for Mail to reach thousands of consumers at minimal cost so they can pay them and still make a profit.

We have the power.

It's like my rule about cars. Take control of what you have to offer as a consumer. I'm hoping Detweiler's venture becomes the new model of doing business.

Michelle Singletary will be discussing this column on the "Insight" program with Herman Washington tomorrow at 6:40 p.m. on WHUR (96.3-FM). Readers can also join her Tuesday at 2 p.m. for a live discussion at washingtonpost. com. Readers can write to her at The Washington Post, 1150 15th St. NW, Washington, D.C. 20071, or by e-mail to singletarym@ washpost.com.

© 2000 The Washington Post Company

Page 4B

Junk e-mail smells sweet to consumers at MoneyForMail.com 

By Christine Dugas
USA TODAY

Junk mail just keeps coming: An 11-year-old boy received a letter congratulating him on being pregnant. And a marketing professor got 218 pieces in January.

They are among the winners of a junk mail contest sponsored by MoneyForMail.com, a Web site that pays consumers for viewing online ads. ''We want to draw attention to how much of our information is sold, exchanged and used,'' says Gerri Detweiler, a consumer advocate and co-founder of the site.

''The credit bureaus collect information about us, and without asking us, they turn around and sell it and make a handsome profit.''

At MoneyForMail, consumers fill out a personal profile when they sign up. Advertisers select the type of consumers they want, and MoneyForMail forwards advertisers' e-mail offers to them. It never gives out personal information. Consumers receive 20 cents to $2.50 each time they click open one of the forwarded e-mails. When their fees total $10, MoneyForMail sends them a check.

Among the advertisers: J. Crew, Amazon.com and Nextcard, an Internet credit card.

Although consumers are increasingly concerned about the unfettered flow of personal information, the volume of junk mail has not declined. Last year, the U.S. Postal Service handled 85.6 billion pieces of so-called Standard A mail, most of which is direct marketing mail. That's up from 82.5 billion in 1998.

Nancy Church, the contest winner who collected 218 pieces of junk mail, says her postal carrier has suggested she get a bigger mailbox. ''I've gotten 32 catalogs in one day,'' says Church, a marketing professor at the State University of New York in Plattsburgh.

The winner of the most outrageous junk mail category is Sergey Gordiyenko, 13, from Brooklyn, N.Y. Two years ago, he received a letter from his mother's health insurance company saying that his obstetrician had advised them that he was pregnant.

You can ask for your name to be removed from mailing lists by writing to: Mail Preference Service, Direct Marketing Association, P.O. Box 9008, Farmingdale, NY 11735.

 

Article 10 of 13
Money and Business/Financial Desk; Section 3
PRIVATE SECTOR
Junk E-Mail? No Way. It's Valuable.
By REED ABELSON
 
01/09/2000
The New York Times
Page 2, Column 3
c. 2000 New York Times Company

 

The sirens of Silicon Valley have called again. Gerri E. Detweiler, a longtime consumer advocate, is the co-founder of a new dot-com, Money for Mail , which pays consumers to read e-mail advertisements directed to their interests.

Ms. Detweiler was quick to describe her company as a ''pro-consumer organization,'' because consumers are being paid to volunteer information about themselves. She has joined with Larry Chiang, founder of United College Marketing Services, which markets credit cards to college students. Money for Mail keeps individual data private -- a pledge that Ms. Detweiler says she is working hard to make credible -- but provides information to companies in bulk form, to help focus their advertising. ''Our main goal is to show consumers, by paying them, that their information is worth something,'' she said.

Despite years with nonprofit organizations like the National Council of Individual Investors, Ms. Detweiler says she is prepared for the for-profit world. She will help persuade investors to buy stock in the company if it goes public. REED ABELSON

 

 

 

 

For Immediate Release

                                                                        Contact:          Rachelle Pachtman

                                                                                                212-996-1715

                                                                                                Gerri Detweiler

                                                                                                650-566-8200 x 324

                                                                                                Larry Chiang

                                                                                                650-566-8200 x 333

 

 

 

FTC OVERSIGHT OF PRIVACY SEAL TO GIVE TEETH TO

PRIVACY LEGISLATION:

GREAT NEWS FOR NET SURFERS, SAYS MONEYFORMAIL.COM

 

(Palo Alto, CA):// Legislation proposed by Congressmen Tom Campbell (R-CA) and Tom Udall (D-NM) to create a privacy seal that would be overseen by the Federal Trade Commission will help ease consumers’ fears while surfing the web, says Larry Chiang, CEO of MoneyForMail.com, the first permission-based web marketing company founded by consumer advocates. “Right now consumers have no way of telling for sure whether web sites actually adhere to the privacy policies they promote,” says Chiang. “This bill will give teeth to a site’s privacy pledge.” 

Chiang will be participating in Congressman Campbell’s press conference in Washington DC (Wednesday, March 22, 2000 at 11:15 am) to support the legislation. 

The proposed legislation, called the “Online Privacy and Disclosure Act,” establishes a set of privacy principles that include telling consumers when their information is collected and how it will be used. Web sites and other Internet companies that collect information about consumers online for commercial use would be able to voluntarily participate in the program, which the FTC would enforce. 

“We believe consumers have a fundamental right to know who is collecting information about them, and what they will do with it – and they should have the right to correct mistakes. Giving the FTC a specific mandate to enforce a privacy seal program would help consumers feel safer when they surf,” says Chiang. He notes, however, that his site is one of the few that would still strive for companies to be required to offer consumers the choice of opting-in before collecting their personal information. “If you want to do the right thing, you get consumers’ permission first,” he adds. 

MoneyForMail.com pays consumers cash to read targeted email ads they’ve asked to receive. Founded by consumer advocates Larry Chiang and Gerri Detweiler, the company is based in Palo Alto. 

  Larry.gif (22333 bytes)

 Larry Chiang is CEO of MoneyForMail, one of the most visited sites on the Internet.  MoneyForMail.com is his latest vehicle to empower consumers using a profitable business model. 

His first start-up was United College Marketing Services (UCMS), #1 in credit card sales to students, which is a multi-million dollar force in the credit industry.  He started it in his dorm room at University of Illinois in 1989 while studying engineering because he saw a need to credit educate young adults.  When he left the company in 1996, it had educated 16 million students. 

Mr. Chiang champions consumer privacy/credit rights by putting ideals into practice.  First, of course, at UCMS, a credit card company that provides credit education.  Today, he uses MoneyForMail to privacy / credit educate.  His companies have been featured on ABC, NBC, CBS, Fox and CNN.  He has been profiled in 44 of the top 50 newspapers in America including NY Times, Wall Street Journal and numerous cover pages like USA Today. 

Larry's hobbies include reading, coaching young entrepreneurs and playing "pick-up" basketball.

 Larry Chiang
CEO, MoneyForMail.com
125 University Avenue, Suite 100
Palo Alto, CA 94301
(650) 566-8200
(650) 651-1515 fax