Microsoft Agrees, Well Almost, With The Dunning Letter

In a Washington Post article, “Microsoft Calls for National Privacy Law”, by Brian Krebs and dated November 3, 2005, he writes that Microsoft has called on Congress to pass federal privacy legislation. He goes on to predict that this move will push lawmakers beyond the current provision of just notifying individuals when their personal data is breached. Nothing really new yet.

And then Krebs hits the target. Well, almost. He writes that “…Microsoft said consumers should have at least some control over how their personal information is used and disclosed.” Beginning to sound familiar? This has been my stand for over ten years, except, I would give individuals complete control over their names and private information and pay them for its use.

As the article indicates, here is an industry giant that seems to be admitting that the information business is simply too large to regulate itself on privacy. Further, that fifty different—and, perhaps, not nationally acceptable—state laws could be a nightmare.

Besides, when it comes to regulation, we aren’t just talking the junk mail companies—whose revenue on selling names and personal data alone accounts for $4 billion annually—we are also talking non-junk mail, such as the pharmaceutical industry and financial institutions. We need federal legislation that will level the playing field between government and business needs, while at the same time protecting consumer privacy and giving back what is rightfully ours.

The big guys posted a statement online, “Microsoft Advocates Comprehensive Federal Privacy Legislation,” also on November 3. Brad Smith, senior vice president and general counsel, delivered a speech to the Congressional Internet Caucus and outlined three key factors: 1) the state and federal patchwork of data privacy laws; 2) growing consumer fears over identity theft; and 3) the increasing desire of individuals for control over their names and private information. All three, staples of The Dunning Letter since its introduction last April.

The irony of the situation is that, if the junk mailers and non-junk mail companies would just give up control of this data and share in the wealth, the average consumer would most likely reciprocate by increasing their habits of shopping or dealing direct, and everyone would be the winner. The idea is original, bold and even outrageous according to present-day standards, but workable.

And then there’s the bad news. While Microsoft puts in its two cents for more substantial federal legislation, Congressional leaders continue to mock the plight of the identity crisis by recently passing a bill (November 4, 2005) that not only does not fully protect individuals, but it will pre-empt the California law that does allow consumers to protect themselves. "Data theft bill a step backward" by David Lazarus in the San Francisco Chronicle, states “The Republican-backed bill was approved in a 13-8 vote along party lines…”

The bill does require the reporting of data breaches, but according to Lazarus, the description of this is vague: “…contains no definition of what constitutes a ‘significant risk.’” Consumers Union agrees in their letter to Congressional leaders, “RE: Oppose H.R. 4127, Data Accountability and Trust Act (DATA),” sent on November 2, 2005.

CU had six key concerns you should read about, but their main point was that the bill’s “…so-called breach trigger for notice to individual consumers is nearly insurmountable.” They go on to note that, had the bill been in effect in early 2005, it would be doubtful if any of the 50 million breaches would have been covered.

Pathetic! This doesn’t even qualify as a band-aid approach to the problem. And I don’t know if you can blame it all on the Republicans, since I haven’t heard any screaming by the Democrats over the inequity of the bill.

Folks, if you don’t join my grass-roots effort soon, you’ll find yourselves out in the cold without your identity. According to the Web site Identity Theft Resource Center, victims of ID theft spend over 600 hours of their time to clear their name, equaling nearly $16,000 in lost potential or realized income. And that doesn't even include attorney fees for credit repair.

Let me hear from you. Tell your friends and family. Write your local paper. Contact your members of Congress. Give me some ammunition to get this movement going, and I promise that I will not disappoint you.