Thank
you, Chair Goheen and members of the Mt. Hood Regulatory Commission,
for the opportunity to testify about Comcast Cable TV and consumer
privacy. My name is Laura Etherton, and I’m the consumer advocate with
Oregon State Public Interest Research Group (OSPIRG). OSPIRG is a non
profit, non-partisan public interest organization with over 33,000
members statewide.
In
2003, OSPIRG joined with others objecting to the privacy policy that
Comcast sent to subscribers in April of that year, and calling for more
robust protection of consumers’ privacy. Since that time, concerns over
privacy have grown even greater in our communities, with major security
breaches in the news everyday and the problem of identity theft on the
rise.
Unfortunately,
Comcast’s new Cable Television Subscriber Policy is inadequate to
protect consumer’s privacy. The policy allows Comcast to collect and
disclose consumers' private information, such as social security
numbers, name & address, bank account numbers, driver's license
numbers and credit card numbers, with other businesses, telemarketers,
and others. Comcast can do this without getting the consumer's approval
first, and without ever notifying the consumer that they shared the
information.
In
addition, the policy does not adequately define terms. It states that
Comcast can release, without notice to subscribers, personal
information to 3rd parties for the purposes of “legitimate business
activity” related to the cable service or related services, but does
not define which business activities that are “necessary” or
“legitimate”. While we all agree that it is important for a cable
provider to collect a set of information in order to be able to deliver
the cable service, the current lack of definition in the Comcast policy
opens consumers up to the possibility of having additional personal
information collected and disclosed inappropriately and without their
consent or knowledge.
To
“opt-out” of this scheme, a consumer must currently contact Comcast by
phone to limit or prevent disclosure of only their name and mailing
address to direct mail and marketing lists.
Consumers
should be able to presume their information is kept private. They
should not have to each bear the burden of notifying Comcast that they
would prefer their own information be kept confidential. Instead,
consumers should have the right to have their own personal private
information treated as confidential, and not collected or shared,
unless the consumer gives Comcast permission ahead of time.
On behalf of OSPIRG, I would like to urge the Mt. Hood Cable Regulatory
Commission to propose the strongest privacy ordinance possible to
protect consumers. Elements of such a policy should include:
• Clear definition of terms, including the terms “necessary”, “non-cable related,” and “personally identifiable information”
• Strict limits on the information a cable operator may collect, use and disclose
• A prohibition of the disclosure of personally identifiable
information for non-cable related purposes unless the cable customer
provides affirmative written or electronic consent.
• Required notice to consumers if their personal information is disclosed to a third-party
• The right of the customer to examine any of his own personal information that they cable operator has collected or maintains.
• Regular reporting by the cable operator to the Mt. Hood Cable
Regulator Commission summarizing its activities regarding the
collection, disclosure, and security of consumers’ personal information
• Requirements for the safeguarding of personal information and timely destruction of personal information.
Thank
you again for holding this important hearing regarding consumer
privacy. I urge you to take action to provide local cable consumers
with the strongest possible privacy protections.
