from the Federal News Service October 11, 2000, Wednesday ...
sections redacted unrelated to Mr. Chiang
OF THE TELECOMMUNICATIONS, TRADE, AND CONSUMER PROTECTION
SUBCOMMITTEE OF THE HOUSE COMMERCE COMMITTEE.
PROTECTIONS FOR CONSUMERS.
W. J. TAUZIN. (R-LA)
RAYBURN HOUSE OFFICE BUILDING, WASHINGTON, D.C.
REPRESENTATIVE E. CLAY SHAW, JR. (R-FL)
BOB GOODLATTE (R-VA)
D. KOONTZ, DIRECTOR, INFORMATION MANAGEMENT ISSUES, U.S. GENERAL
KATZEN, DEPUTY DIRECTOR FOR MANAGEMENT, OFFICE MANAGEMENT AND
BAKER, CHIEF INFORMATION OFFICER, U.S. DEPARTMENT OF COMMERCE;
PITOFSKY, CHAIRMAN, FEDERAL TRADE COMMISSION;
BERNSTEIN, BUREAU DIRECTOR, FEDERAL TRADE COMMISSION;
CHIANG, CHIEF EXECUTIVE OFFICER, MONEYFORMAIL.COM;
HARRAH CADY, VICE PRESIDENT FOR GLOBAL PUBLIC POLICY, PRIVADA;
SPECIAL COUNSEL, DARBY AND DARBY, P.C.;
GRIFFITHS, CHIEF TECHNOLOGY OFFICER;
SHEN, POLICY ANALYST, ELECTRONIC PRIVACY INFORMATION CENTER.
W.J. TAUZIN (R-LA): The subcommittee will please come to order.
Today this subcommittee will hold a hearing on the important
developments in the efforts to protect the privacy of American
issues in this industry generate such strong emotions as how to
deal with the enormous amounts of personal information that are
collected, distributed, stored every day by the Internet. This
morning, later, we will hear from two of our colleagues --
Representative Clay Shaw and Representative Bob Goodlatte.
Representative Shaw will explain to this subcommittee his
legislation, H.R. 4857, the Privacy and Identity Protection Act of
2000, which has been reported out of the Ways and Means
Subcommittee on Social Security and is currently awaiting action
in the subcommittee.
addition, the subcommittee will hear from Representative Goodlatte
about the Lansdowne Privacy Summit, which the National Chamber
Foundation hosted for House Republicans in May of this year, and
what has come from that. I understand the foundation also
scheduled a similar session with the House Democrats and
unfortunately got cancelled, I believe. Representative Goodlatte
co-hosted, along with my colleagues Chairman Bliley,
Representative Ehrlich and myself, this privacy summit and I
personally want to thank him for his efforts in this endeavor.
also want to thank both of our colleagues for coming this morning
and for sharing their views with us. This subcommittee has been a
keen observer, for many years, of this debate -- holding hearings
on this issue both in 1998, 1999 and, again, in 2000. Over the
last year we have seen consumer concerns over privacy heightened
and, as a result, specific federal responses. Congress has adopted
two federal laws to deal with specific areas of concern -- the
Graham- Leach-Bliley law, in which financial privacy laws are
written, and the Children's Online Privacy Protection Act.
addition, Americans have witnessed the development of a new
private sector technology -- in fact, many technologies -- to help
consumers as well as voluntary standards by industry to
self-police and educate consumers. In certain areas the federal
government and commercial entities have come together to achieve
cooperative standards to govern their online conduct. Privacy was
not created with the advent of the Internet. In fact, we have been
passing privacy laws, I believe, for the past 30 years. But the
Internet adds a level of dissemination beyond what Americans had
ever thought possible and in many circumstances beyond which they
the Internet is still relatively new the issue of privacy, of
course, is not. Prior to the adoption of the GLB and the COPPA
laws, Congress had enacted privacy protections in a dozen other
circumstances, indeed, over that past 30 years, with the Fair
Credit Reporting Act in 1970 starting that process. The sharing of
personal information did not begin when the Internet was
established but many people remember party-line telephones and can
recall door-to-door salesmen plying their wares using neighborhood
directories. Businesses for decades have bought and sold their
business assets including their valuable information databases
about their customers. There's nothing new in that.
I've said many times before, personal information has value to
both consumers and to an information economy. We live in an
Internet information age and obviously information is the
lifeblood of that system. A consumer's purchasing patterns, online
behavior, is indeed valuable information to marketers. But at the
same time I believe that consumers should have the ability to
control that information or at least to be potentially compensated
for giving away personal information if it indeed is a valuable
asset. One of our witnesses, who will testify later this morning,
has a business model that operates on consumers being compensated
for sharing their personal information.
issues as we move forward in this debate in coming years are
these: has industry done enough to protect consumer privacy or
should government step in to establish minimum standards to
protect against the bad player? And if there are standards that
work for private industry should they also be applied to
government's collection of personal information? After all, I can
choose whether to give information to a private company but in
many government agencies I don't have a choice. I'm obliged to
provide them with personal information. Does the government have a
higher standard in play here to protect the privacy of my
hopefully this morning we'll shed some light on these matters.
While a tremendous amount of attention over the past year has been
paid to the privacy of consumers in dealing with private industry,
very little has been paid to the federal government's collection
of personal information. The last time I checked very few
consumers, indeed, were providing information to the IRS strictly
voluntarily. Consumers, indeed, can vote with their feet in the
private sector and go to another business if they don't want to
share private information with them. But can you refuse to do
business with the IRS or the EPA or the Medicare program, for that
matter? And if you do can you refuse to provide them with
information they require of you in order to do business with them?
this year, Representative Dick Armey and I asked the GAO to
conduct a survey of the privacy policies of federal websites and
then compare it to the fair information practices recommended by
the FTC for commercial websites.
In short, we wanted to see if federal websites would fare any
better than the commercial websites if they were held to the exact
same standards that the FTC has held the commercial websites in
their reviews. Was the federal government ready to practice what
it has preached?
from the results of the survey -- which we will discuss today --
it appears that the federal government does not practice what it
preaches. Our report is not the only GAO report that has produced
failing grades for government websites and databases. The Horn
report on database security and the Lieberman report on OMB
privacy requirements have also both shown that the government is
not doing an adequate job of protecting America's personal
just two issues in recent weeks the government has flunked. On the
placement of cookies on government websites, the results are
troubling. Despite OMB memoranda in 1999, in June of 2000,
prohibiting the placement of cookies on federal websites, the
practice continues today at the IRS and possibly at other
government websites. In fact, we learned in the GAO report, I
think, that 14 percent of the websites surveyed potentially permit
cookies on their federal websites.
just last Friday the AP reported that the White House website
itself violates COPPA by collecting personal information from
children. While government websites can hide behind different
standards, in these two instances they certainly do not live up to
the spirit of the laws that apply in the commercial world.
Chairman Pitofsky of the Federal Trade Commission has graciously
agreed to testify today about the many FTC reports and activities
in the past year dealing with privacy.
also hear from private sector witnesses who will discuss online
profiling and Children's Online Privacy Protection Act and the use
of technology in protecting privacy. And we will hear from one
entrepreneur with an interesting take on privacy. In short, we'll
be looking at both the government sector and the private sector
today and we will examine just how well we stack up. In short,
while there's no obvious time this year for this committee to
engage probably in legislation, the remaining days of this
session, this hearing will be preparatory to activities next year
in which we will continue our efforts to guarantee that both the
federal government and the private sector respect the privacy of
want to close by inviting you -- I understand the website is down
this morning but -- to visit the EPA website. Our staff visited
the EPA website, I believe, yesterday and discovered that there is
on the EPA website a section called "explorers' club"
which invites children to give information about themselves to the
EPA. Nowhere on this website is there a disclosure that children
should first get the permission of their parents before sharing
their private information with a government agency. There's
something wrong when federal agencies can't obey the law that we
impose on private citizens....
Statement of Mr. Larry Chiang
125 University Avenue, Suite 100
Palo Alto CA
Panel 2, Witness 1
on Telecommunications, Trade, and Consumer Protection
Committee on Commerce
United States House of
Mr. Chairman and Members of the Subcommittee:
Good morning. I am Larry Chiang, CEO of MoneyForMail.com in
Palo Alto California. I welcome this opportunity to comment on the
current state of Internet privacy and the impact of compiling
consumer data for consumers
I am here to testify on what I believe are reasonable
standards for promoting consumer safety for those who use the
Internet, and to report to you the efforts my company has taken to
help consumers “take back” their personal information.
The comments and views expressed in this Statement are offered
in my capacity as CEO of MoneyForMail.com, and my experience in
dealing with privacy and credit issues since 1989.
I will discuss:
benefit of matching surfing data with “real world data”
these combined data files may be abused
discrimination using today’s technology
privacy issues tie into Fair Credit Reporting Act
trends of consumer demographic collection
Pending privacy scandals
I believe strongly that you, the members of Congress, will
play a critical role in shaping legislation that will enhance
privacy by expanding and strengthening the consumer’s right to
control his or her own own personal information. I appreciate the
opportunity to share my views on that topic.
Economic benefit in matching surf data with “real world data”
are willing to pay for advertising that better targets an
audience. The medium of the Internet naturally lends itself to
specifically targeted ad messages for users groups as small as one
advertising agencies can earn a premium by matching online
demographic data and “surf pattern” data with “real world”
data. Surf data is
the tracking of user movements from web site to web site.
Real world data is purchasing history, club memberships,
newspaper and magazine subscriptions and credit-related data.
“spooling up” banner ads to a person visiting particular web
sites, the real world data serves as a qualifier of purchasing
power and offline interests.
III. How these combined data files could be abused
particular industries have definite potentials for abuse: credit
a web surfer visits a Las Vegas Hotel site and his combined
profile dictates that he visits Vegas three times a year.
An insurance company underwriter may find that behavior
tends to increase the likelihood of filing a fire insurance claim.
Therefore, the insurance applicant may be rejected for fire
insurance because of the Las Vegas visits.
Now take this example and apply it to breast cancer sites,
Bible study sites, scuba diving sites -- and the potential to
abuse privacy is very likely.
this may sound far-fetched, is it unreasonable to assume it could
not happen? I don’t believe so. After all, who would have
guessed ten years ago that your credit record – a report of how
you’ve managed your bills – would be a better predictor of how
many insurance claims you would file than your driving record? Yet
today a number of insurance companies rely on credit records when
evaluating insurance applications.
data files put more information into everyone’s hands. While it
may seem innocuous for a web site that sells BBQ grills to sell
surf information to Midwestern beef houses, the consumer needs to
control and know what data files are being used and distributed.
Potential discrimination using today’s technology
web sites can be made dynamic to each and every particular web
user, certain collected data files could be used to discriminate
example: access to low-cost mortgage rates could be kept from
those individuals that have an online surf pattern of perpetually
visiting job listing boards. The mere act of visiting a job
listing board could signify job instability. Or, an insurance
company could determine that people that purchase adventure gear
(ski equipment, sky diving supplies or mountain climbing ropes)
are not a good risk. These are the types of discrimination that
are made possible using technology available today.
How privacy ties into the Fair Credit Reporting Act
thirty years ago, Congress enacted the Fair Credit Reporting Act
to protect consumers’ credit reports. Your predecessors realized
that this information played an important role in consumers’
lives, and that people should have the right to review their
reports and challenge their accuracy. In addition, Congress
acknowledged that this sensitive information should be available
for limited purposes.
we are beginning to see interesting overlaps between companies
that collect credit data and companies that collect other data
about consumers. Experian, one of the major credit reporting
agencies, owns 19.9% of MyPoints.com and 6.4% of AdForce. Both are
companies that derive the majority of their income from Internet
it such a stretch, then, to ask Congress to consider regulating
Internet data collection just as it did credit data? Or is it
unreasonable to ask the FTC to oversee these practices as it does
the credit reporting agencies?
Future trends of consumer demographic collection
holy grail of advertising has always been getting the right
message to the right person.
The complaint of advertisers has been, “I know I am
wasting 50% of my advertising dollars, I just don’t know which
Internet demographic data and marrying it with real world data
will only increase as advertisers try to narrow their targets.
Pending privacy scandal
now the pieces are in place for a number of privacy scandals.
Silicon Valley, you have (1) young CEOs – some in their 20’s
– (2) heading up cash- strapped companies, (3) oblivious to
privacy concerns, and (4) controlling private information worth a
great deal of money. These ingredients up the likelihood of a
privacy scandal which will negatively impact e-commerce.
It is my opinion that Congress should act
now to establish guidelines for the collection and use of personal
data on the Internet. At a minimum, consumers should be told what
information will be collected when they visit web sites, what it
will be used for, and steps they can take to ensure their privacy.
The Federal Trade Commission should be given regulatory authority
to ensure privacy, and to protect consumers’ rights.
Mr. Chairman and members of the
Committee, I hope this overview has been helpful for you. If you
have any questions, I will try to answer them.
1. Dugas, "Your Money,"
USA Today, Feb 28, 2000, at p. 4B.
2. Singletary, “Color of
Money,” Washington Post, April 24, 2000, at p1.
3. Harris, "Digits:
Gambits and Gadgets," Wall St. Journal, Aug. 17, 2000, at p7.
4. Abelson, “Money and
Business,” New York Times, Jan. 9, 2000, at p2.
Digits: Gambits & Gadgets
In the World of Technology
What's your credit record worth to you? Try 50 cents a peek.
That is about how much MoneyForMail.com
plans to offer consumers who agree to let marketers send Internet
ads to them based on their credit record. Since January, the
Internet start-up has offered consumers about 20 cents to view
advertisements. Now the company will pony up more money per ad to
customers who send in written permission to access to their credit
reports. The payment comes in a check after the consumer has
"earned" $10. "Consumers don't always know how
truly valuable their credit report is," says President Gerri
Detweiler, adding, "We wanted to give consumers a chance to
be part of this process."
Palo Alto, Calif., keeps the credit reports on file and lets
advertisers send e-mail advertisements to customers that meet
their credit criteria. An advertiser can request to send e-mails
say, to female consumers over the age of 25 who have no history of
late payments. MoneyForMail
says advertisers won't look at the actual reports, and neither
will consumers. Ms. Detweiler says the site plans to let consumers
get hold of their credit reports in the future: "But there
are technical issues to be worked out."
--Nicole Harris Making E-Mail Ads Tastier Than Spam
By Michelle Singletary
Sunday, April 23, 2000; Page H01
have at least one rule when I buy a car.
I always negotiate to get something free in exchange for the
privilege of allowing the dealership to place its company logo on
the back of my car.
I often get laughed at by dealers who think I'm playing. I
assure you, I'm not.
Once, when I showed up to drive home our family's new Isuzu
Trooper, I noticed during my inspection that the people at the
dealership had prominently placed an advertising plate on the tail
section of my car. I promptly told them to remove it.
I don't intend to ride around town advertising for Bob's Big
Truck and Car Barn. No freebie or discount for me, no free
advertising for the dealer. That's my rule.
I would even remove the car manufacturer's hood ornament on
principle, but my husband doesn't like the little hole it would
I'm the same way with clothing. I'm not using my personal body
space to give any companies free publicity.
It comes down to this for me: You want me to advertise for you,
then I've got to be paid.
So I'm more than pleased to hear about Money for Mail (www.moneyformail.com),
a new Internet service that is paying consumers cold cash to read
e-mail ads. It's high time we get something out of being bombarded
by advertising pitches.
Now, getting a freebie isn't a new thing. Old-line companies
have mastered the art of enticing consumers with coupon deals or
offers of free goodies if they buy a certain brand or spend a
certain amount of money.
The Internet isn't any different. You can get free stamps,
music, Internet connections, pharmacy items, books and a growing
list of other consumer items.
Bargains.com and Deal-Finder.com inform online shoppers about
free offers, coupons and rebates. Go to Funtasia's Internet
Coupons Web site (hometown.aol. com/mshum/coupons.html) and you
will find information about "online coupons, codes, steals,
bargains and freebies."
You can even get your taxes filed electronically for free--if
you are willing to trade your personal financial information.
In too many cases, however, that's the trade-off. You get a
freebie in exchange for your personal data, which of course then
gets sold and bought multiple times with several companies
profiting from the trades.
But what I like about Money for Mail is you don't have
to buy a thing. You don't have to give up any of your personal
business. You just view ads and collect a check.
This Web-based business was co-founded by Gerri Detweiler, a
longtime consumer advocate. Detweiler argues that "consumers
are sick and tired of companies cyber-snooping into their private
lives without their permission, making a profit, then filling
their mailboxes with junk."
Detweiler believes personal information is a valuable commodity
and it's about time that consumers share in the wealth that
companies have long enjoyed from the sale of it.
To that end, Money for Mail pays consumers from 20 cents
to $2.50 for each e-mail ad that is read--and pledges to keep
consumers' information confidential.
Members give the company information about themselves and their
preferences, and the profiles enable Money for Mail to
match advertisers with the consumers most likely to be interested
in their products.
Under Money for Mail's business deal, the consumer gets
85 percent of the amount paid to the company from advertisers. The
response rate is what brings advertisers back.
"We give the lion's share of the money to the consumers
because it's their information and they should be able to profit
from it the most," Detweiler said. "We are going to be a
profitable company based on the volume of information we
The money you get may seem like chump change, but imagine how
much money we all could make if we began to charge for information
about what detergent we like to use or which brand of toothpaste
leaves our mouths minty and fresh.
"What I hope is that consumers realize how valuable their
information is and they will start demanding companies compensate
them for it," Detweiler said.
I agree with Detweiler when she says the Internet can make that
happen. It allows companies such as Money for Mail to reach
thousands of consumers at minimal cost so they can pay them and
still make a profit.
We have the power.
It's like my rule about cars. Take control of what you have to
offer as a consumer. I'm hoping Detweiler's venture becomes the
new model of doing business.
Michelle Singletary will be discussing this column on the
"Insight" program with Herman Washington tomorrow at
6:40 p.m. on WHUR (96.3-FM). Readers can also join her Tuesday at
2 p.m. for a live discussion at washingtonpost. com. Readers can
write to her at The Washington Post, 1150 15th St. NW, Washington,
D.C. 20071, or by e-mail to singletarym@ washpost.com.
2000 The Washington Post Company
e-mail smells sweet to consumers at MoneyForMail.com
By Christine Dugas
Junk mail just keeps coming: An 11-year-old boy received a
letter congratulating him on being pregnant. And a marketing
professor got 218 pieces in January.
They are among the winners of a junk mail contest sponsored by
MoneyForMail.com, a Web site that pays consumers for viewing
online ads. ''We want to draw attention to how much of our
information is sold, exchanged and used,'' says Gerri Detweiler, a
consumer advocate and co-founder of the site.
''The credit bureaus collect information about us, and without
asking us, they turn around and sell it and make a handsome
At MoneyForMail, consumers fill out a personal profile when
they sign up. Advertisers select the type of consumers they want,
and MoneyForMail forwards advertisers' e-mail offers to them. It
never gives out personal information. Consumers receive 20 cents
to $2.50 each time they click open one of the forwarded e-mails.
When their fees total $10, MoneyForMail sends them a check.
Among the advertisers: J. Crew, Amazon.com and Nextcard, an
Internet credit card.
Although consumers are increasingly concerned about the
unfettered flow of personal information, the volume of junk mail
has not declined. Last year, the U.S. Postal Service handled 85.6
billion pieces of so-called Standard A mail, most of which is
direct marketing mail. That's up from 82.5 billion in 1998.
Nancy Church, the contest winner who collected 218 pieces of
junk mail, says her postal carrier has suggested she get a bigger
mailbox. ''I've gotten 32 catalogs in one day,'' says Church, a
marketing professor at the State University of New York in
The winner of the most outrageous junk mail category is Sergey
Gordiyenko, 13, from Brooklyn, N.Y. Two years ago, he received a
letter from his mother's health insurance company saying that his
obstetrician had advised them that he was pregnant.
You can ask for your name to be removed from
mailing lists by writing to: Mail Preference Service, Direct
Marketing Association, P.O. Box 9008, Farmingdale, NY 11735.
Money and Business/Financial Desk; Section 3
Junk E-Mail? No Way. It's Valuable.
By REED ABELSON
The New York Times
Page 2, Column 3
c. 2000 New York Times Company
The sirens of Silicon Valley have called again. Gerri E.
Detweiler, a longtime consumer advocate, is the co-founder of a
new dot-com, Money for Mail , which pays consumers to read
e-mail advertisements directed to their interests.
Ms. Detweiler was quick to describe her company as a
''pro-consumer organization,'' because consumers are being paid to
volunteer information about themselves. She has joined with Larry
Chiang, founder of United College Marketing Services, which
markets credit cards to college students. Money for Mail keeps
individual data private -- a pledge that Ms. Detweiler says she is
working hard to make credible -- but provides information to
companies in bulk form, to help focus their advertising. ''Our
main goal is to show consumers, by paying them, that their
information is worth something,'' she said.
Despite years with nonprofit organizations like the National
Council of Individual Investors, Ms. Detweiler says she is
prepared for the for-profit world. She will help persuade
investors to buy stock in the company if it goes public. REED
For Immediate Release
650-566-8200 x 324
650-566-8200 x 333
OVERSIGHT OF PRIVACY SEAL TO GIVE TEETH TO
NEWS FOR NET SURFERS, SAYS MONEYFORMAIL.COM
(Palo Alto, CA):// Legislation proposed by
Congressmen Tom Campbell (R-CA) and Tom Udall (D-NM) to create a
privacy seal that would be overseen by the Federal Trade
Commission will help ease consumers’ fears while surfing the
web, says Larry Chiang, CEO of MoneyForMail.com, the first
permission-based web marketing company founded by consumer
advocates. “Right now consumers have no way of telling for sure
whether web sites actually adhere to the privacy policies they
promote,” says Chiang. “This bill will give teeth to a
site’s privacy pledge.”
Chiang will be participating in Congressman
Campbell’s press conference in Washington DC (Wednesday, March
22, 2000 at 11:15 am) to support the legislation.
The proposed legislation, called the
“Online Privacy and Disclosure Act,” establishes a set of
privacy principles that include telling consumers when their
information is collected and how it will be used. Web sites and
other Internet companies that collect information about consumers
online for commercial use would be able to voluntarily participate
in the program, which the FTC would enforce.
“We believe consumers have a fundamental
right to know who is collecting information about them, and what
they will do with it – and they should have the right to correct
mistakes. Giving the FTC a specific mandate to enforce a privacy
seal program would help consumers feel safer when they surf,”
says Chiang. He notes, however, that his site is one of the few
that would still strive for companies to be required to offer
consumers the choice of opting-in before collecting their personal
information. “If you want to do the right thing, you get
consumers’ permission first,” he adds.
MoneyForMail.com pays consumers cash to read
targeted email ads they’ve asked to receive. Founded by consumer
advocates Larry Chiang and Gerri Detweiler, the company is based
in Palo Alto.
Larry Chiang is CEO of MoneyForMail, one of the most visited sites
on the Internet. MoneyForMail.com
is his latest vehicle to empower consumers using a profitable
His first start-up was United College
Marketing Services (UCMS), #1 in credit card sales to students,
which is a multi-million dollar force in the credit industry.
He started it in his dorm room at University of Illinois in
1989 while studying engineering because he saw a need to credit
educate young adults. When
he left the company in 1996, it had educated 16 million students.
Mr. Chiang champions consumer privacy/credit
rights by putting ideals into practice.
First, of course, at UCMS, a credit card company that
provides credit education. Today,
he uses MoneyForMail to privacy / credit educate.
His companies have been featured on ABC, NBC, CBS, Fox and
CNN. He has been profiled in 44 of the top 50
newspapers in America including NY Times, Wall Street Journal and numerous
cover pages like USA Today.
Larry's hobbies include reading, coaching
young entrepreneurs and playing "pick-up" basketball.
125 University Avenue, Suite 100
Palo Alto, CA 94301
(650) 651-1515 fax