Colorado Task Force on Information Technology

Minutes of Meeting on

May 21, 2001

(As approved by Board)

The meeting of the Colorado Task Force on Information Technology ("Task Force") was called to order by Donnetta Davidson, Colorado Secretary of State, at 2:00 p.m. on May 21, 2001 at the offices of McKenna & Cuneo, L.L.P., Denver, Colorado.

Present were Chairman of the Task Force, Ms. Donnetta Davidson, Colorado Secretary of State, Kathryn Krause, Sara Rosene, David Baker, and Bill Mitchell. Also present was Dana Williams, Administrative Assistant to Ms. Davidson and I. Thomas Bieging, counsel to the Privacy Task Force. The meeting was recorded by tape.

Ms. Davidson opened the meeting and requested approval of the Minutes of the Meeting of March 30, 2001. Upon motion duly seconded and carried, the Minutes of the Meeting of March 30, 2001 were approved as prepared.

Ms. Davidson then requested that Patricia Faley, Vice President, Ethics and Consumer Affairs, Direct Marketing Association, Inc. and Emily Hackett made a presentation regarding privacy issues relating to consumers and the direct marketing industry. Ms. Faley and Ms. Hackett are representatives of a trade association made up of businesses involved in direct marketing through catalogs, internet, telephone and interactive television. In their respective capacities Ms. Faley and Ms. Hackett have been engaged extensively in assisting direct marketing companies with developing member compliance guides for industry and a "Privacy Promise". The Privacy Promise is designed to ensure that direct marketing companies take appropriate steps to protect consumer privacy and build consumer trust in the direct marketing industry. Among the issues highlighted by Ms. Faley and Ms. Hackett were:

    • Industry is trying to determine what consumers expect in the privacy area. Consumers’ greatest fears seem to be lack of security and lack of control over their information.

    • Industry and commerce is able to use consumer information to develop consumer profiles. Consumer profiles can be beneficial to a consumer in that it allows industry to better understand consumers and present them with new services and products that are directly relevant to their needs.

    • The majority of consumers believe that benefits of the internet outweigh privacy problems.

    • The Direct Marketing Association has developed preference lists which allow consumers to opt out of direct marketing solicitations by mail, telephone and e-mail. Based on the assessments by the DMA, the preference lists are approximately 80% effective in eliminating unsolicited direct marketing.

    • Problems which have been noted with the effectiveness of preference lists. Opting out of direct solicitation problems include the territorial constraints that exist with such lists and the cost of maintaining the lists.

    • The states have been the laboratories for consumer protection laws. In most instances, effective consumer protection laws have originated from state legislation which, when successful, have been adopted by Congress.

    • In 2000, approximately 546 privacy bills were introduced in various legislative bodies. A very small number of bills were passed out of the various legislatures. Those that were passed primarily focused on the state’s own websites and privacy issues relating to those websites.

    • Federal legislation has been recently passed that increases the penalties for identity theft, an area of substantial consumer concern.

    • Internet software which attempts to make a consumer’s identity anonymous when visiting websites has had limited success. Microsoft will be introducing a P3P program next year that may gain wider acceptance.

At the conclusion of the presentation, Ms. Davidson thanked the representatives of the Direct Marketing Association for their information. Additionally, Ms. Faley agreed to provide to the members of the Task Force the survey of laws and regulations affecting privacy which was commissioned by the Direct Marketing Association. A copy of the survey will be provided to Task Force members at the June meeting.

After the presentation, Ms. Davidson opened discussion on those issues which the Task Force members present believed were most relevant. Among the topics discussed included:

    • The perception that while legislatures, agencies, commerce and privacy advocates all are deeply engaged in privacy questions, the public, in general, does not seem as engaged or concerned. The question this leads one to consider is whether legislation or regulation is required when the public may not perceive the need. This question becomes particularly apropos in light of the potential expense that legislation or regulation may impose upon commerce.

    • While the Task Force has concluded that federal legislation in the financial and medical areas may be appropriate at this time, the remaining areas that the Task Force may wish to focus on would be general commercial interests, the internet and governmental protection of consumer privacy.

    • It was reported that many financial institutions have already accomplished their Gramm-Leach-Bliley privacy mailings in preparation for the July 1, 2001 compliance date. Some banks are reporting a 1% response to these mailings.

    • Consumer concerns communicated to governmental officials seem to focus primarily on identity fraud and concern with social security number use.

Ms. Davidson then indicated that the program for the June 26, 2001, meeting will focus on an open forum by Task Force members to develop a plan under which the final report for the legislature will be created. Additionally, there was conversation about conducting a public forum in Denver in the upcoming months. A date for that public forum will be set.

The Task Force next scheduled meeting will be at 2:00 p.m. on June 26, 2001.

There being no further business to come before the Task Force, the meeting was adjourned at 5:00 p.m.