Testimony to
New York State Assembly Committee on Consumer Affairs and Protection

Privacy and Data Collection

Presented by
Marcus W. Ferguson, Esq.
Director of Government Affairs

November 22, 2013

Chairman Dinowitz and members of the Consumer Affairs and Protection Committee, The Business Council submits these comments on behalf of New York’s employers.

The Business Council is the largest business organization and leading advocate for economic development in New York State. Our membership is comprised of thousands of companies -- both large and small -- as well as local chambers of commerce and professional and trade associations.

These companies and associations collectively have billions of customers covering everything from mobile telephone service to high speed internet services. Since the late 1990’s many businesses have used an online marketing technique called “behavioral targeting” to better reach their audience. This is simply advertising to Internet users based on their Web surfing habits.

This practice allows businesses to communicate with their customers and prospective customers as real individuals rather than as subjects in a random sampling. Businesses can reach millions of people whose stated personal interests and preferences match the goods or services the company is selling. This benefits consumers because the web experience becomes more tailored to their respective interests and it subsidizes the free services, like online news, email and social networking, on which they rely. In turn, businesses are able to better serve their customers by offering them products and services which customers are more likely to be interested in.

Behavioral targeting as a marketing tool has received a fair amount of attention from state and federal legislators over the past 15 years because of perceived threats to consumer privacy. We have seen draconian proposals introduced which would strictly regulate and discourage the practice. Most industry experts agree, that these regulations are impractical and would not protect consumers. France, for example, has implemented very onerous privacy regulations yet, there isn’t any evidence that French consumers’ privacy is better protected than Americans.

The Attorney General of New York (and AGs’ of almost all states) currently has the ability to regulate and punish bad behavior on this front. Under current law, the FTC and Attorney General’s Office may already bring enforcement actions against unfair or deceptive business practices, for violations of the strict federal children’s privacy law, spamming, text and telemarketing, and other laws that protect New York consumers. Moreover any Attorney General’s Office can bring enforcement actions against the wide range of Internet advertising companies that have committed to follow the Digital Advertising Alliance’s (DAA) self-regulatory guidelines and fail to follow them. These guidelines give users a one-stop shop to opt out of online tracking for behavioral advertising purposes.

The Business Council and our members take customer privacy very seriously and make every effort to ensure our customers are well educated about the uses of their personal information. At the same time, industry is working to continue to provide customers with transparent, real-time privacy solutions, like “do-no-track” functionality on browsers. Together with privacy experts, programs like these continue to be developed through organizations such as the National Telecommunications and Information Administration (NTIA) multi-stakeholder process, the DAA and CTIA-the Wireless Association. The innovations brought about as a result of these programs clearly provide far more useful tools for consumer control than anything that could be mandated though state regulation.

New York is growing as a major technology and Internet advertising hub, and has a major stake in the success of the Internet and of Internet-advertising-supported business models. We as a state should be very careful not to take actions that would kill jobs or stifle innovation by imposing different privacy requirements than already exist in this area.

States should try to avoid passing inconsistent laws regulating Internet privacy. The Internet is a borderless medium and it is extremely difficult to customize website or network operations for requirements in particular states.

States that attempt to impose these requirements usually see them struck down by federal courts as unconstitutional and wind up wasting taxpayer dollars paying the plaintiff’s attorneys’ fees. Federal courts in New York and the Second Circuit Court of Appeals have issued the broadest rulings limiting states’ ability to impose conflicting requirements on Internet content and communications. See, e.g. American Library Association v. Pataki, 969 F. Supp. 160 (S.D. N.Y. 1997); American Booksellers Foundation v. Dean, 342 F.3d 96 (2d Cir. 2003).

For all of these reasons, the legislature should be very cautious in considering privacy legislation and be sure not to adopt any bill that conflicts in any way with privacy laws already on the books in the other states.

The Business Council believes we should not seek to limit access to new technologies and restrict information transmission that is beneficial to consumers. The business community has been at the forefront of innovation in online marketing and communications, while proactively and voluntarily taking additional steps to protect our consumers’ privacy.

We appreciate this opportunity to provide input on this subject, and look forward to the opportunity to discuss these issues with members of the Assembly Consumer Affairs and protection Committee and answer any questions you may have on our comments today.

Thank you