Privacy and the NII: Safeguarding Telecommunications-Related Personal Information

Citation: National Telecommunications and Information Administration, Privacy and the NII: Safeguarding Telecommunications-Related Personal Information (Oct. 23, 1995).

Overview
In this White Paper, the National Telecommunications and Information Administration (NTIA) sought to contribute to the broader privacy debate by addressing the privacy issues related to a specific sector -- the telecommunications sector. Specifically, this paper focused on the privacy concerns associated with an individual's subscription to or use of a telecommunications or information service. The overall purpose of the paper was to provide an analysis of the state of privacy in the United States as it relates to existing and future communications services and to recommend a framework for safeguarding telecommunications-related personal information (TRPI).

The analysis revealed that there is a lack of uniformity among existing privacy laws and regulations for telephony and video services. In fact, similar services are governed differently depending on how they are delivered. And, other communications services like those available over the Internet are almost entirely unprotected. Furthermore, NTIA believed that it would become increasingly difficult to apply existing privacy laws and regulations to communications service providers as services and sectors converge, and as new technologies evolve.

To rectify limitations in existing telecommunications privacy law and to provide consumers with a uniform privacy standard for TRPI, NTIA proposed a framework that drew upon the Information Infrastructure Task Force's NII Principles for Providing and Using Personal Information. This framework had two fundamental elements -- provider notice and customer consent.

Under this proposed framework, telecommunications and information service providers would notify individuals about their information practices, abide by those practices, and keep customers informed of subsequent changes to such practices. Service providers would be free to use information collected for stated purposes once they obtained consent from the relevant customer. Affirmative consent would be required with respect to sensitive personal information. Tacit customer consent would be sufficient to authorize the firm to use all other information.

NTIA believed that establishing minimum privacy protections across the communications industry would ensure that consumers were provided with a reasonable level of privacy protection. Uniformly applied, a common "base" standard could also prevent some industries from gaining an unfair competitive advantage.