Public Agencies, Private Data

In its privacy-policy report released in September, the National Electronic Commerce Coordinating Council (NECCC) warned that the privacy debate has received too little attention on the state and local levels during the rush to adopt e-commerce.

The NECCC report cited a survey in which only 19 states reported having privacy policies or notices posted on their Web sites. That report came on the heels of a Business Week/Harris poll published in March in which 96 percent of respondents said they felt that it was at least somewhat important that a Web site have a privacy policy. In the same study, 67 percent said they believed that sharing information so that individuals can be tracked across multiple sites is inappropriate.

Regulating Use

Although there is anxiety over issues like Echelon, an intelligence gathering organization, and Carnivore, the FBI's software system used to monitor e-mail, most citizens are more concerned with personal information gathered by government and, more importantly, what "big brother" is doing with that information.

"The theme that seems to come up most consistently is the lack of notice given on government Web sites about privacy policies and the concerns about who has access to certain data records," said Kara LaPierre, director of e-government initiatives at the National Information Consortium (NIC). "Most folks' concerns center on trying to create economies without putting at risk personally identifiable data. That's really the crux of the issue."

Although some states have shown initiative in dealing with Internet privacy matters, the majority are either waiting for federal guidelines or lagging behind because of a lack of knowledge. The lack of action on the state level has raised concerns that patchwork legislation among the states will prevail and ultimately fail.

"Some people would suggest that the cat's already out of the bag and now it's just a question of how well we control it," said Eric Seabrook, deputy secretary of Ohio.

"We are facing a risk any time we go into a new legislative session of eager legislators wanting to get protections set down in law, so we may end up with a very patchwork approach to privacy legislation in this country," said LaPierre. "That's not necessarily the right answer, but I'm not sure that public policy in a coordinated way can be established quickly enough to prevent that from happening."

"My sense is that the states are being pretty circumspect," said Pari Sabety, director of technology policy of the Ohio Supercomputer Center. "They're saying, 'Let's wait for the feds to act. If they don't act and we see it inhibiting our competitive advantage as a state, then that's something we should take action on.'"

In the meantime, as states proceed in making services available via the Internet, some warn that, without effective policy, privacy concerns could have a backlash effect on e-commerce, especially in the case of states reselling public information.

Information Poses Threat

According to Basil Nikas, CEO of PublicPurchasing.Net, the biggest threat to e-commerce is the repercussions involved when states obtain free services, such as online licensing, from companies that then resell the information. Nikas, an NECCC board member, pointed out that, although the Supreme Court has weighed in against the practice, "You're going to see a big backlash" as more citizens become aware of such practices.

The ease with which information can be accessed and distributed using 20th-century technology means governments have to figure out how to share data, such