NEW YORK-Minnesota became the first state to pass an online-privacy law last week, increasing the anxiety among advertisers that others will quickly follow. Similar legislation is already under consideration by legislators in California and Michigan.
The Minnesota law takes effect March 1, 2003. It requires Internet businesses to obtain consent from consumers before disclosing their personal information to third parties for marketing purposes [Adweek, April 15].
Marketers will also have to describe the types of organizations to whom the information may be disseminated and its anticipated uses.
Advertising lobby groups contend that such legislation would place huge burdens on marketers, although it is too early to estimate actual costs of compliance with the laws. (Internet advertising totaled $7.2 billion in 2001, according to a study sponsored by the Interactive Advertising Bureau.)
"There is reason to be concerned that other states will now step in and say Minnesota has protected its citizens, so we should have as much or greater protection for ours," said Dan Jaffe, executive vice president of the Association of National Advertisers. "In this kind of contest, the most restrictive rule will dominate."
The borderless nature of the Web makes state-specific rules difficult to adhere to, said Mark Uncapher, svp and counsel of the Information Technology Association of America, a member of the Online Privacy Alliance. "Multiple state laws and standards will undermine the effectiveness of the Internet as a communications medium," he said.
Adonis Hoffman, senior vice president of the American Association of Advertising Agencies, agreed: "The problem is going to be inconsistent regulation from state to state."
In addition to the state efforts, a key Senate committee passed an Internet-privacy bill two weeks ago that would give the Federal Trade Commission broad authority to establish privacy rules for businesses.