Commerce and International Privacy Activities: Early Years of Privacy at Commerce

 Report home | Read the report (PDF) | Previous section | Next section

The privacy responsibilities of the National Telecommunications and Information Administration of the Department of Commerce originated with the establishment of a privacy coordinating committee by President Jimmy Carter in 1977 as part of a presidential privacy initiative. [4] The staff that carried out the work was transferred to NTIA at the time of its establishment in 1978. [5]

NTIA’s mission has always been much broader than privacy. [6] Its principal activities have been to develop telecommunications and information policy, allocate and manage federal use of radio frequencies, provide grants for public telecommunications facilities, and to carry out related activities. During the Carter Administration, NTIA’s more general privacy work was part of its general responsibility to study and make recommendations on the impact of the convergence of computer and communications technology. [7]

NTIA’s privacy activities diminished rapidly after 1980. According to GAO, in 1979 and 1980, there were fifteen staff positions associated with privacy activities. In 1981, the number of position was reduced to six. In 1982, there were only four privacy staff positions, and this number was reduced to one in 1983, 1984, and 1985. [8] By 1989, it appears that privacy had entirely disappeared as an activity at NTIA.

At a hearing in 1984, a former NTIA privacy staffer confirmed the agency’s loss of interest in privacy. The Director of the OECD Privacy Guidelines Project testified that the NTIA privacy initiative ended when the Reagan Administration began:

Shortly after Mr. Reagan took office, the privacy staff at NTIA was dismantled. No one associated with that effort is currently working on privacy-related issues, and most of the staff has left the Government. [9]

The principal international privacy activities of NTIA during the 1980s related to privacy guidelines adopted in 1980 by the Organization for Economic Cooperation and Development. [10] The OECD is an international organization that promotes economic and social welfare and stimulates and harmonizes efforts on behalf of developing nations. The United States is a member along with nearly all industrialized free market countries. [11]

The OECD privacy guidelines grew in importance over time and became a statement of privacy policy used by many countries as core principles for privacy legislation. NTIA took the position that voluntary adoption of the guidelines by American companies – as opposed to formal legislative or administrative action – would demonstrate a serious commitment to privacy protection. In 1981 and 1982, NTIA requested private sector endorsement of the OECD guidelines. [12] By 1983, 182 major US multinational corporations and trade associations had endorsed the guidelines. [13]

However, the sincerity and substantive value of NTIA’s efforts to secure domestic corporate compliance with international privacy standards were questioned. The Director of NTIA’s OECD Privacy Guidelines Project testified in 1984 that the focus of NTIA’s interest was on avoiding embarrassment. As soon as the international pressure was off, NTIA’s staff was no longer allowed to discuss the guidelines project with the press or to make speeches urging corporations to comply with the guidelines. [14] The activities involving advising multinational corporations on data privacy policies were disbanded by the fall of 1982. [15] By 1983, the privacy protection aspects of the transborder data flow issue warranted only a brief mention in an NTIA report on long-range international telecommunications and information goals. [16]

It was never clear if the endorsement of the OECD guidelines by American companies had any actual effect on privacy practices at the time. A study conducted by Business International in 1983 on transborder data flows reported that European data protection authorities were skeptical of the OECD guideline endorsements. These authorities noted that the guidelines were voluntary and that the endorsements of most firms amounted to little more than lip service. A survey in connection with the Business International report found that interviewees in ten out of thirty-four US companies that had endorsed the guidelines did not even know that their firms had done so. [17] Only seven executives interviewed at the time even knew that their firms had endorsed the guidelines, and three actually strongly denied that their firms had done so. [18]

During the 1990s, the Department of Commerce played a role in developing the Clinton Administration’s Global Information Infrastructure (GII) agenda. [19] NTIA, along with other Department components and other agencies of the federal government, worked on the vision to create and implement the Administration’s vision for a GII. Despite many forward-looking elements to the GII, the privacy part of the agenda was not far removed from the efforts of the Reagan Administration to convince the rest of the world that the US approach to privacy was different but comparable to that of many other nations, pointing to the sectoral elements of US privacy law and diverting attention from the areas where no laws, rules, or policies existed. While the Department engaged in GII activities other than privacy, the Department continued to support the status quo and to promote voluntary and non-regulatory approaches to privacy. [20]

 

 

 

___________________________

Endnotes

[4] For more on this history of NTIA’s origins in privacy, see Robert Gellman, Fragmented, Incomplete, and Discontinuous: The Failure of Federal Privacy Regulatory Proposals and Institutions, VI Software Law Journal 199 (1993), available at <http://bobgellman.com/rg-docs/rg-softwarelj.pdf>.

[5] See General Accounting Office, Privacy Policy Activities of the National Telecommunications and Information Administration (Aug. 31, 1984) (GGD-84-93) [hereinafter cited as “GAO NTIA Report“]. See also Right to Privacy Proposals of the Privacy Protection Study Commission, Hearings before a Subcommittee of the House Committee on Government Operations, 95th Cong., 2d Sess. 164-65 (1978) (testimony of C.L. Haslam, General Counsel, Department of Commerce).

[6] Executive Order 12,046, reprinted in Codification of Presidential Proclamations and Executive Orders 937 (April 13, 1945 – January 20, 1989). The reorganization combined the functions and resources of the Office of Telecommunications Policy in the Executive Office of the President and the Office of Telecommunications within the Department of Commerce.

[7] GAO NTIA Report.

[8] GAO NTIA Report.

[9] Testimony of Jane Yurow, Privacy and 1984: Public Opinions on Privacy Issues, Hearing before a Subcommittee of the House Committee on Government Operations, 98th Cong., 1st Sess. 115 (1984) [hereinafter cited as “1984 Privacy Hearing“]. See also id. at 271 (testimony of John Shattuck, National Legislative Director, American Civil Liberties Union) (“[The Reagan Administration] emasculated the one federal agency charged with developing privacy protections inside the federal government, the National Telecommunications and Information Administration.”).

[10] OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data, available at http://www.oecd.org/document/18/0,2340,en_2649_34255_1815186_1_1_1_1,00.html.

[11] See Issue Brief: An Introduction to Fair Information Practices, World Privacy Forum, for more background on the OECD guidelines. < https://www.worldprivacyforum.org/fairinformationpractices.html>.

[12] See Report on OECD Guidelines Program, Memorandum from Bernard Wunder, Jr., Assistant Secretary for Communications and Information, Department of Commerce, to Interagency Committee on International Communications and Information Policy (Oct, 30, 1981), reprinted in International Telecommunications and Information Policy, Hearings before a Subcommittee of the House Committee on Government Operations, 97th Cong., 1st & 2d Sess. 27-58 (1981-82) [hereinafter cited as “International Policy Hearings“].

[13] GAO NTIA Report.

[14] 1984 Privacy Hearing at 115 (testimony of Jane Yurow).

[15] Id.

[16] National Telecommunications and Information Administration, Long-Range Goals in International Telecommunications and Information: An Outline for United States Policy (1983), printed as Senate Print 98-22, 98th Cong., 1st Sess.

[17] Business International, Transborder Data Flow: Issues, Barriers and Corporate Responses 16 (1983) (Executive Summary).

[18] “Despite Data Flow Restriction Woes, U.S. Firms Seen Lax in Data Privacy”, Computerworld, May 9, 1983.

[19] See, e.g., The Global Information Infrastructure: Agenda For Cooperation (undated), available at <http://www.ntia.doc.gov/oiahome/Giiagend.txt>.

[20] The Framework for Global Electronic Commerce (undated), available at <http://clinton4.nara.gov/WH/New/Commerce/read.html>, (“The Administration supports private sector efforts now underway to implement meaningful, consumer-friendly, self-regulatory privacy regimes. These include mechanisms for facilitating awareness and the exercise of choice online, evaluating private sector adoption of and adherence to fair information practices, and dispute resolution.”).

 

 

Roadmap: The US Department of Commerce and International Privacy Activities – Indifference and Neglect: Early Years of Privacy at Commerce

 

 Report home | Read the report (PDF) | Previous section | Next section