Online Privacy


Issue
When users visit any Web site, their computer exchanges data with remote servers hosting the site. In doing so, sites may anonymously track user activity, including time spent viewing a page, what links were clicked, etc. This allows sites to tailor advertising and even content they believe suits their users best.

AAF Position
Companies should clearly disclose their policies concerning information collection. The AAF has outlined the steps all companies should take in establishing an online privacy policy: 1. An organization’s privacy policy must be easy to find, read and understand. 2. It must be available at or before the time that information is collected or requested. 3. The policy must state clearly what information is being collected, how it will be used and who else will have access to the information. 4. Individuals must be allowed to decide whether the site can use their information. 5. Individuals must be assured their data is secure. 6. The company must take steps to ensure that information is accurate.

Opposition
Some legislators have introduced broad online privacy laws that do not distinguish between sensitive financial or medical data and other benign data, such as saving a mailing address in order to expedite future purchases.

Legislation
A bill introduced by Rep. Edward Markey, D-Mass., in the last Congress would have forced companies conducting business via the Internet to destroy personal data soon after it is no longer needed for immediate business. The bill never received a hearing or vote.

Last updated: August 2007

Return to the Position Statements main page.