ng=0 width=100%>
Yahoo! is not affiliated with the authors of this page or responsible for its content.
Draft Issues Paper on Consumer, User Protection and Privacy Draft Issues Paper on Consumer, User Protection and
Privacy
1. Issue
Consumer and User Protection and Privacy are related but separate issues.
Consumer Protection refers to the protection of consumer rights. Enhancing such rights will likely
lead to some increased business cost in the immediate term but in the long run, they increase business
by increasing the confidence of consumers to consume.
User Protection is a narrower concept and is intended to protect users, who tend to be na�ve regarding
the internet, vis a vis the experts, such as content providers or internet service providers. There are
three factors that should be monitored: availability of service, quality of service and price of service.
Service providers may manipulate these three to their favour against the interests of the consumer. On
the other hand, if the three factors are too inflexibly monitored, service providers may find it difficult
to make a profit, which in the end works against the interests of users and potential users.
Privacy protection refers to the protection of personally identifiable data such that they are used only
for the purposes the person has allowed. With a digital medium such as the internet, where data can be
cross-matched, the potential for abuse of privacy is greater. And as more activities of people their
jobs, their hobbies, their friendships, their social and political activities are conducted online, being
able to track online activities would mean being able to monitor society.
While privacy is recognised as a human right, it is a right that balances the competing and legitimate
interests of government and business to intrude upon privacy under law. Governments may do so in
the course of investigating crimes; corporations may do so to better their marketing efforts and
customer service.
There are two main and conflicting paradigms to privacy. The first paradigm treats privacy as a
human right, which means that it cannot be negotiated away. This is the approach adopted by the
European Union in its Data Protection Directive, and by the United Nations in the Universal
Declaration of Human Rights
1
. The second paradigm treats privacy as an agreement between two
parties that can be bargained and negotiated; this is the position that much of the rest of the world
adopts.
There have been attempts to bridge the two with a safe harbour provision that the US Department of
Commerce has negotiated with the European Union such that those who subscribe to the safe harbour
provisions are deemed to comply with the European Union paradigm.
Privacy protection can add to the costs of providing service and content over the internet.
The Internet has given rise to a number of novel issues. For example, one issue is whether users
should be required to declare their identity when accessing the Internet, registering a domain name, or

1
Article 12: No one shall be subjected to arbitrary interference with his privacy, family, home or
correspondence...
This paper is a 'draft working paper' reflecting the preliminary findings of the drafting team. It
has been subject to review by all WGIG members, but it does not necessarily present a
consensus position nor does it contain agreed language accepted by every member. The purpose
of this draft is to provide a basis for the ongoing work of the group. It is therefore not to be seen
as a chapter of the final WGIG report, but rather as raw material that will be used when drafting
the report. This draft working paper has been published on the WGIG website for public
comment, so it will evolve, taking into account input from governments and stakeholders. creating a website. Another is the lifetime of information on the Internet: how long should
information about oneself, made perhaps through a newsgroup discussion 10 years earlier, be used by
a potential employer.
2. Attribution to categories
Access for all.
Other issues for consideration.
3. SWOT Analysis
Protection of consumers and users on the internet can only work against a backdrop of consumer
protection in the offline world. It is not possible to have strong online consumer protection without
equivalent protection offline. Without such protection, consumer and user protection will be limited
only by specific contractual terms. E-commerce cannot flourish where there is no consumer
confidence.
On privacy, the war on terrorism is holding, and even rolling back, initiatives that would enhance
privacy. For now, the trade-off between security and privacy has largely been accepted with little
quibble. But as the war winds down, concerns over privacy will rise again. And like consumer
protection, weak privacy rules will diminish consumer confidence.
Privacy, especially in a globally connected society, is a fundamental element of democracy; the
possibility not to disclose social, political or religious beliefs, health problems, or other sensible
elements of one's identity is necessary to prevent discrimination.
Where laws may be promulgated to promote a greater shared understanding of consumer protection,
greater benefit will accrue to e-commerce and other online activities.
4. Actors (who, with whom?)
Governments the world over are concerned about consumer protection and privacy. The concern over
privacy is greatest in Europe and the European Union in particular.
There is an International Consumer Protection and Enforcement Network (ICPEN)
http://www.icpen.org/
that brings together about 30 countries, mostly OECD members, to share
information about cross-border commercial activities that may affect consumer interests.
Non-profit groups around the world also exist to advance consumer and privacy interests. Often, these
groups are divided along business vs consumer lines. While not necessarily antagonistic to each other,
the groups do have divergent interests.
There are organizations that use privacy enhancing tools (PET) technology. Some commercial ones
have folded.
Policies that concern privacy and consumer rights are developed at ICANN
5. Forums (where?)
(a) who participates
(b) nature of forum
There are a few associations of consumers associations that meet regularly. Some of the associations
are industry-specific. Their common goal is to advance consumers rights. Typically, these are non-
profit organizations that try to be independent of business and government. There is no major forum for privacy internationally. A significant reason is that privacy is culture-
bound; there are non-governmental organizations in countries that aim to advance privacy protection.
6. Governance mechanisms (how?)
(a) objectives of the rules system
(b) content of principles, norms and rules
The objective of governance is to advance consumer protection. Often it is done through legislation as
that is the most effective way of sanctioning offenders. Legislation is usually targeted at misleading
information and practices, fraud and identity theft, unauthorized access and other forms of mischief
offences that are manifest in the Internet world through techniques such as some forms of spam,
spoofing, phishing, and the dissemination of viruses, worms, trojans and spyware..
The protection of privacy, however, is slightly different in that the consumer is being protected
against the whims of both the government and the retailer. Legislation is usually targeted at
minimizing if not outright eliminating the exploitation of personally identifiable data that had been
given earlier for some other specific use. Phishing, dictionary attacks and e-mail address harvesting
are examples of techniques that may be used to capture personal information on the Internet.
7. Adequacy measured against criteria / benchmarks set out in Declaration of
Principles:
(a) multilateral
(b) transparent
(c) democratic
(d) capacity to address Internet governance in a coordinated manner
(e) multi-stakeholder approach
(f) other
Consumer Protection
The nature of consumer protection is such that the laws at the national level must have support from
government, business and the consumer. Consumer protection at the global level can only exist where
there is such a base of support at the country level. Given the lack of such consumer protection among
developing countries, it is difficult to see how global protection can exist.
Consumers associations want to be independent, or at least perceived to be independent of
government and business pressures.
Countries that are part of ICPEN also tend to have consumer protection, and are able to meet most if
not all of the benchmarks set out above.
Privacy
There is no universal agreement on privacy because of the different paradigms on the subject. The
EUs data protection directive, especially the clause barring the transfer of information to third
countries without adequate data protection, sets the benchmark other countries have to meet. The
USs safe harbour provision is one such attempt. Canada, Australia and Singapore have made similar
attempts to meet the benchmark. The Australian effort has been declared not to meet the benchmark. There are some seals for online privacy, which are essential self-regulating ass