Transcript of July 21 OPA Press Briefing

Transcription services by Alderson Reporting Company

 6    FOLLOW:
 8              QUESTION: Could
 9    you explain a little bit what your policy is for
10    children and requiring parental notification?
11    Now I'm aware that you issued sort of a statement
12    of principles but is there something more
13    specific in this new policy?
14              MS. VARNEY:  Well, what we've done
15    is the documents that we released on June 21st
16    included our principles for children.  Today's
17    documents are a rerelease of the same children's
18    principles, the same privacy principles, the same
19    mission statement and what we've added is the
20    enforcement piece.  So the children's principles
21    have not changed and they are still requiring
22    prior parental consent or direct parental
23    notification for kids under 13, depending on the
24    nature of the use of the information.
25              QUESTION: Why did you

 1    decide to go ahead and enforce this yourself than
 2    to rely instead on either TRUSTe or the Council
 3    of Better Business Bureau?
 4              MS. VARNEY:  Basically, because
 5    the Online Privacy Alliance was conceived as sort
 6    of a catalyst, a call to action, taking the
 7    companies and trade associations that care about
 8    these issues and marshalling their thinking and
 9    resources and commitment to establishing the
10    right standards for data collection online and
11    the right enforcement principles.  You know, what
12    we need here is action, not really reinvention or
13    further institution building, and TRUSTe is
14    already in this space.  BBB Online has evidenced
15    an intent to get in.  DMA is thinking about how
16    they might do this.
17              So what we've done is laid down the
18    road map.  As our companies are committed to
19    participating in the third-party enforcement,
20    what third-party enforcement needs to look like,
21    and for those enterprises that want to get into
22    the space, an outline as to what it needs to look
23    like.
24              Now, come three, four or five months,
25    if this isn't moving, if TRUSTe, BBB or others

 1    aren't really stepping up to the plate in an
 2    appropriate way, which I doubt will happen, I
 3    think they're very enthusiastic, or if companies
 4    are finding that the third-party seal providers
 5    aren't meeting the standards that they set, we'll
 6    reconsider.  But for the moment, we would like
 7    the marketplace to work.
 8              QUESTION:  Christine, how are you --
 9    How are you
10    going to bring companies who are not Alliance
11    members now into this system?
12              MS. VARNEY:  Well, for one thing, we
13    get more and more companies every day wanting to
14    join and calling me and others with questions
15    about how to join and what does it mean.  I think
16    that now that we've got sort of the framework of
17    the principles and policies, our next challenge
18    is the business and consumer outreach.  It's
19    really a two-step process.
20              We have to, all of us, reach out to
21    other businesses, our business partners.  We have
22    some very big portal companies here in the Online
23    Privacy Alliance, some very big ISPs, OSPs, all
24    of whom have a lot of reach in the industry and
25    we're hoping to leverage their reach to sort of

 1    spread the gospel here.
 2              Simultaneously, we do need to begin the
 3    process of talking to consumers about looking for
 4    privacy programs, privacy protection, privacy
 5    seals as they go online.  So I think our
 6    challenge between now and the end of the year is
 7    to engage the power we have through our companies
 8    and our associations, our trade associations.  We
 9    have, I think, a dozen or so trade associations
10    that have enormous reach and as they go out and
11    educate their members, we hope to see more
12    universal adoption of these privacy policies.
13              QUESTION:  I'm sorry, do you want
14    to go ahead?  I'm just wondering what you think
15    of FTC Chairman Pitofsky's proposal he submitted
16    today for legislation in this area, not just the
17    proposal but what you thought of it.
18              MS. VARNEY:  Well, as many people on
19    this call know, Chairman Pitofsky was my law
20    school professor and I find him to be a very fair
21    and honest and accurate grader.  What Chairman
22    Pitofsky said this morning was that the industry
23    has made enormous strides but the work is
24    incomplete, they have further to go and he is
25    going to be looking again at the end of the year

 1    to see where we are.
 2              He actually did not call for
 3    legislation.  My understanding is that he said if
 4    legislation were needed, they would recommend a
 5    very narrow and tailored approach, focusing on
 6    the principles that we as the Alliance have
 7    focused on.  But I think the chairman is
 8    withholding judgment as to whether or not
 9    legislation is needed at this time.
10              QUESTION:  Christine,
11    I'm unclear as to how you see
12    this group coexisting with the other seal
13    programs and whether the existence of several
14    different stamps of approval isn't going to
15    confuse consumers who will have to decide which
16    site offers which benefits.
17              MS. VARNEY:  Right.  First of all, the
18    Online Privacy Alliance is not itself at this
19    point in time envisioning that it will run or
20    offer a seal program, so there are really only,
21    as we see at the moment, excluding what an
22    association may or may not do, there are only two
23    potential entrants in the seal program in a
24    large, ubiquitous potential way and that is
25    TRUSTe and BBB Online.

 1              I'm not sure that two seal providers
 2    creates confusion in the marketplace.  Perhaps
 3    200 does, but where does the line fall between 2
 4    and 200?  I don't think we can answer right now.
 5              Individual consumers who go online to
 6    shop for retail goods are very different from
 7    CIOs and corporations who are looking to use
 8    enhanced DDI to place orders for information.
 9    And maybe they don't need the same seal.  So I
10    think one of the things that we all want to wait
11    and see, I mean, this is a medium in its
12    infancy.  And we do want to wait and see how the
13    market develops.  We want ubiquitous signals to
14    consumers but we want to recognize the vast
15    diversity the Internet brings to the marketplace
16    and be able to be flexible.
17              QUESTION:
18    I'm curious to see whether
19    the Alliance criteria, as outlined now with your
20    enforcement decision, does that mean that you meet the
21    EU data directive criteria, do you think?
22              MS. VARNEY:  Well, as you all know, I'm
23    sure, the EU directive requires member states to
24    adopt data protection regimes consistent with the
25    EU's standards by October 28th.  And in those

 1    standards is a requirement that data not be
 2    shipped out of a European state to what is called
 3    a noncomplying or an inadequate state.
 4              The question of whether the U.S. has
 5    adequate data protection laws vis-a-vis the EU is
 6    one that is currently hotly, vigorously discussed
 7    between the European governments, the EC and the
 8    U.S. Government as well as business to business.
 9    It is my own -- it has always been and it
10    continues to be my belief that the U.S. has a
11    very different historical approach to privacy
12    than the Europeans.  And what the Europeans, I
13    think, at the end of the day are very concerned
14    about is protecting the data of their citizens as
15    they move around the globe.
16              I think these standards do that, and I
17    think they do it in an incredibly efficient and
18    effective way, far more efficient, I believe,
19    than any centralized privacy bureaucracy in the
20    U.S. might be able to do.  So I believe they do.
21    I'll be talking with the Europeans in the coming
22    days about where we are and we'll see what they
23    say.
24              QUESTION:
25    I was expecting today, at

 1    least when I hear the word enforcement, I think
 2    of enforcement that includes penalties.  I'm
 3    looking through your guidelines and I don't
 4    really see a whole lot that's going to deter a
 5    bad actor from continuing to be a bad actor.  Can
 6    you tell me, if I'm somebody who thinks his
 7    business model includes violating the privacy of
 8    other people, how these standards are going to
 9    stop me?
10              MS. VARNEY:  Sure.  A couple of things
11    you need to keep in mind as you look at this.
12    When we talk about enforcement of
13    self-regulation, you need to remember there are
14    two pieces.  There is the existing government
15    authority to prosecute bad actors.  The Federal
16    Trade Commission, the states' attorneys general
17    all have deception authority.
18              So a bad actor who is engaged in the
19    collection of information from individuals
20    through deceit, through fraud, through any kinds
21    of devious means and the use of it in deceptive
22    ways is currently subject to prosecution by the
23    FTC, the 50 states' attorneys general and,
24    depending on the circumstances, the Department of
25    Justice.  And we really -- we support vigorous

 1    enforcement of the existing law.
 2              The Alliance document on
 3    self-enforcement then looks to how do we create
 4    an atmosphere of trust on the Internet.  And what
 5    we're talking about is for the good actors.  For
 6    the companies that want to do right on the
 7    Internet, that want to gain consumer trust and
 8    confidence, that want to grow the net, how can
 9    they do that.  And we think they can do that
10    through practicing good privacy policies and
11    certifying they do through this kind of a seal
12    program or idea.
13              Well, this is a discussion that I think
14    you and I have had in the past.  It has always
15    been my view that passing a law does not stop bad
16    actors.  You know, we passed the Telemarketing
17    Fraud Act in '94, when telemarketing fraud was
18    estimated to be at $40 billion a year.  Today
19    it's estimated to be at 60 billion.  So passing
20    the law doesn't stop the act.  It merely gives
21    you tools to prosecute the bad guys and I believe
22    we have the tools already to prosecute the bad
23    guys.
24              QUESTION:  I guess the question,
25    though, is --

 1              QUESTION:  What is everybody
 2    complaining about, then?  If we already have the
 3    tools and it's not being done, why is this a
 4    major issue with Congress?  In other words, it
 5    doesn't seem to resolve that problem, as you've
6 just portrayed it.
7 In other words, you've just said that --
 8              MS. VARNEY:  No, I understand the
 9    question.  I think that there is a real
10    divergence of opinion in the Congress about
11    what's the right role of government across the
12    board in E-commerce.  There are differences of
13    opinion on encryption; there are differences of
14    opinion on pornography; there are differences of
15    opinion on Internet taxation.  I mean, you're
16    dealing with 535 individuals who all have
17    different experiences and expectations.  So I
18    think there are many in Congress who agree that
19    the government currently does have the authority
20    to prosecute any bad actors and that what we need
21    to see is if the marketplace for self-regulation
22    will push privacy out or whether we will need
23    government action down the road.
24 QUESTION:  Christine,
25 what are you telling -- there was some mention in

 1    your press release that you've been talking to
 2    Ira Magaziner and Becky Burr on what they should
 3    say in their reports.  What are you saying?  What
 4    should happen?
 5              MS. VARNEY:  I'm sorry, what are
 6    you referencing that I've been saying?
 7              QUESTION:  There was some reference in
 8    your release today to the effect that you've been
 9    talking to the Administration about what should
10    be done this year.  And I assume that's to Becky
11    Burr for the Department of Commerce report and to
12    Ira Magaziner for his report that's due.  What
13    are you saying at this point that they should be
14    recommending or that should happen in terms of
15    what the government should do?
16              MS. VARNEY:  I really have not done
17    either.  What I did was I gave the
18    Department of Commerce staff and the White House
19    staff a copy of the effective enforcement of
20    self-regulation.  I have not advocated one way or
21    another what should be in the report.
22              QUESTION:
23    Can I just follow up one more time
24    with the issue of children?
25              MS. VARNEY:  Sure.

 1              QUESTION:  I just pulled your statement
 2    on children's online privacy act activities.
 3              MS. VARNEY:  Right.
 4              QUESTION:  And my question is, so what
 5    you're essentially saying is that if a site
 6    doesn't have the stamp of approval that kids
 7    shouldn't be on those sites because they may be
 8    collecting information, in other words, you have
 9    a list of criteria here or some principles, and
10    I'm assuming that with respect to children, that
11    the sites would have to not do these things.
12              MS. VARNEY:  That's right.
13              QUESTION:  So that's basically what your
14    solution is?
15              MS. VARNEY:  That's right.  What we've
16    done is work with the largest companies in the
17    children's space, America Online, Disney, Time
18    Warner, Viacom, I know AT&T has a kids service, I
19    think IBM even has some kids stuff on their ISP.
20    So we've worked with the biggest providers of
21    children's content on the Internet to come up
22    with these standards.  And I wouldn't want to
23    speak for CME or Dr. Kathryn Montgomery but my
24    meetings with them, I believe they generally
25    think we get it about right on what the

 1    principles ought to be when engaging
 2    interactively with kids online in data
 3    collection.
 4              So what we are absolutely saying is if
 5    you are targeted to kids, these are the rules of
 6    the road and you will not get a privacy seal if
 7    you cannot prove that you are adhering to these
 8    standards.  And I am a parent.  I have an
 9    8-year-old and an 11-year-old.  There is no way I
10    would let them near a site that wasn't adhering
11    to these standards.
12              QUESTION:
13    I had a quick clarification and a
14    question.  On the enforcement principles, it's
15    not requiring, in all cases, that there be
16    outside monitoring, right?  It refers to
17    self-assessment?
18              MS. VARNEY:  What we did on the
19    enforcement piece is set up basically the three
20    criteria that we think you need to have to run a
21    self-enforcement program.  In the first, you need
22    to have verification and monitoring.  The
23    self-assessment program has to set up a system
24    whereby a company can prove or the seal provider
25    can assess that a company does indeed have

 1    privacy policies that are consistent with the
 2    Online Privacy Alliance guidelines, that they're
 3    published, that they're easily accessible and
 4    they have to have -- the seal provider has to
 5    have a method to monitor that these practices are
 6    being adhered to.
 7              Once you can establish that the company
 8    or the organization has good privacy policies and
 9    they're adhering to them, the next thing a seal
10    provider needs to be able to do is provide some
11    way to resolve consumer complaints and disputes
12    so that if you're an individual who believes a
13    company has not abided by a privacy policy
14    they've established and you've not been able to
15    get satisfaction from the company, you have a
16    place to go, you have an independent trusted
17    third party who can mediate the dispute and come
18    to resolution.  And then the third piece is
19    education and outreach.
20              QUESTION:  So the self-assessment is
21    only under the rubric of an outside field
22    program?
23              MS. VARNEY:  In this context, yes.
24    What we would envision is that the seal program
25    would decide and would write and publish criteria

 1    if a company -- if they are going to allow
 2    self-assessment, it would be pursuant to a
 3    standard methodology that they've articulated and
 4    adopted and they'll have a mechanism for
 5    validating.  Or they can do it themselves.  It's
 6    really up to the seal program.  What we've tried
 7    to do is put a road map together.
 8              QUESTION:  Gotcha.  My broader question
 9    was whether the Alliance opposes all legislative
10    efforts in this arena regarding adults.
11              MS. VARNEY:  Well, the Alliance came
12    together in a fundamental belief that we had to
13    grow consumer confidence in the medium and the
14    way to do this was to self-regulate.  In many of
15    the companies' experience around the table,
16    legislation is a fairly blunt instrument that
17    doesn't always accomplish its goals.  And we're
18    all agreed on the goal.  The goal is privacy
19    promotion, protection to grow the medium and we
20    think this is the way to do it.  So yeah, we're
21    big supporters of self-regulation.
22              QUESTION:  Okay.  Thank you.
23              QUESTION:
24    This seal thing, is it a little logo on Web sites
25    or is there a way that you can actually enforce

 1    it in a way that you can have browsers figure in
 2    a way that you could stop people actually going
 3    into a site that does not have the seal or
 4    something like that?
 5              MS. VARNEY:  That's a technology
 6    question that I would have to defer to the
 7    technologists.  It's totally conceivable you
 8    could program a hard drive or a browser or you
 9    could get a filter.  There is all kinds of
10    technological solutions for families or
11    individuals who only want to go to sites that
12    participate in the program.  I certainly wouldn't
13    imagine it as a government mandate.  It would
14    have to be an individual choice employing
15    technological tools.
16              QUESTION:  Obviously there is only two
17    browsers around so it would be conceivable that
18    you have a little sort of something you can
19    figure in your browser so you can make sure that
20    your kids will not, yeah, be using sites without
21    the seal, for instance?  Is anything being done
22    there?
23              MS. VARNEY:  I think that you would be
24    best to direct those questions to Netscape and
25    Microsoft individually as companies, perhaps AOL,

 1    and see what they're doing.  For example, I know
 2    I'm an AOL parent and I know right now I can
 3    program the areas where my children are allowed
 4    to go and I believe I'm giving out personal
 5    identifiable information is one of the criteria
 6    that I can use to prohibit my kids from going to
 7    places that ask for that without my consent.  So
 8    I think AOL is sort of doing it a little bit
 9    right now but I would suggest you talk to them or
10    Microsoft or Netscape.
11              QUESTION:
12    You may have covered this.  I may have missed
13    it.  What was the vibe you got back from the
14    White House on your proposal?
15              MS. VARNEY:  Well, actually, as I said,
16    I simply gave them a copy of where we are and
17    didn't really get into a discussion with them.
18    I'm not sure that they've had a chance to go over
19    it, although I see a wire report that Ira
20    Magaziner is saying that he thinks it's heading
21    in the right direction.  So I would suggest that
22    you guys check with the White House directly.
23              Jeri Clausing's story at Cyber Times,
24    she's got a quote from Ira that says, quote, I
25    think the enforcement mechanisms that they -- I

 1    assume that's the Online Privacy Alliance -- are
 2    putting in place are what we have been calling
 3    for, end quote, says Ira C. Magaziner.  Next
 4    quote, now we need to -- what we need to do now
 5    is monitor it to see what really happens, end
 6    quote.
 7              QUESTION:
 8    One of the things that has been sorely lacking is
 9    consumer education and outreach.  Can we expect
10    to see a more concerted effort from the
11    Alliance?
12              MS. VARNEY:  Yes, I think you can.  I
13    think you're going to -- again, it's sort of like
14    what have you done for me lately?  First we get
15    the principles and everybody yells there is no
16    enforcement.  Then we get the enforcement,
17    everybody yells there's no outreach.  The next
18    piece we'll be working on is the business
19    outreach because we do want to get businesses up
20    to speed and get the privacy seal programs, make
21    sure they're launched and start to see them.
22    Then we will turn to, I hope, massive consumer
23    outreach about the importance of looking for
24    privacy policies before you give over any
25    information.

 1              QUESTION:  Will any efforts be done
 2    under the name Privacy Alliance or will it be
 3    done by the various companies independently?
 4              MS. VARNEY:  And the trade
 5    associations.  My guess is you'll probably see
 6    all three; the Online Privacy Alliance will do
 7    some, the companies will do some and probably the
 8    trade associations will do some.  That's not done
 9    yet but that's sort of the next thing we'll be
10    working on.
11              QUESTION:
12    We talked before about this.  I just
13    wanted to see what your latest information from
14    the Hill and from other legal authorities is.  In
15    the past, it's been positive that if a large
16    proportion of industry or even a significant
17    proportion gets together and sets down
18    self-regulatory rules, those can be considered
19    binding on the entire industry.  Do you have any
20    thoughts on this?  Is your proposal the sort of
21    thing that could be considered, if you will,
22    binding on everyone in the industry?
23              MS. VARNEY:  No, I don't think so.
24    There was a question for those of you at the
25    hearing this morning about can the standards of

 1    the Online Privacy Alliance become the de facto
 2    standards for data collection on the Internet.
 3              And the real, I think, legal answer on
 4    that is no.  I don't know of any authority that
 5    you could take and say, these are the standards
 6    for doing business online and anybody who doesn't
 7    adhere to them has got an exposure for breach of
 8    any existing law.
 9              I do think what happens, though, is you
10    begin to create an industry standard for fair
11    practices so that as you see bad actors engaged
12    in deceit and fraud and deception, you have a
13    better gauge as to what is a fair information
14    practice and what is not.  But there is such a
15    diversity of companies and sectors of the
16    economy, things that work in one sector may or
17    may not work in another.
18              For example, the degree of anonymity
19    and access to data that you may want if you're a
20    clinical trial patient for a new vaccine is very
21    different, I suspect, than the amount of access
22    you want if you routinely buy your kids' clothes
23    at L.L. Beane and you can't remember sort of what
24    you bought and what size they are.  So I think
25    we've got to be very careful about establishing

 1    one-size-fits-all universal standards.  And it's
 2    consistent with the U.S. experience.  We really
 3    do have sectorial approaches to privacy.  We have
 4    a set of expectations when we're dealing with
 5    financial information, we have a set of
 6    expectations when we're dealing with medical
 7    information and we have a set of expectations
 8    when we're dealing with retail information, and
 9    we need to allow that flexibility in the
10    information age.
11              MS. RUBIN:  Are there any other
12    questions?
13              QUESTION:
14    You spoke earlier about a
15    historical difference in attitudes between the
16    U.S. And the EU --
17              MS. VARNEY:  The question was the
18    historical differences between the U.S. and EU on
19    privacy.  And it's merely -- this is my personal
20    opinion.  This is not an Alliance position at all
21    because they haven't considered it, but as a
22    student of history and a granddaughter of Western
23    European immigrants, in many, many countries in
24    Western Europe, until very recently, when you
25    were born, you went on the government rolls and

 1    you went on for many purposes.  There is no such
 2    thing or there was no such thing as voter
 3    registration in most of Western Europe.  When you
 4    were born, you were put on the rolls, you were
 5    entitled to vote.
 6              In many countries, Ireland, where my
 7    family comes from, you were put on the rolls for
 8    purposes of both the church and the state's
 9    needs.  In many countries more recently you're
10    put on the rolls at birth because there is
11    nationalized health care.  So the Europeans have
12    had a very long tradition -- a longer tradition
13    of regulating the private sector's collection and
14    use of data on individuals and not as long or
15    historically deep a concern about the state's
16    collection and use of information about
17    individuals.
18              In the United States, our concerns have
19    been precisely the opposite.  90 percent of all
20    federal law that we have on the books about data
21    collection and protection goes to the U.S.
22    Government's rights, responsibilities,
23    obligations and limitations on the collection and
24    use of individual data and we have not been as
25    concerned about the private sector collection and

 1    use of data.  So it's merely -- it's two
 2    different cultural perspectives that we're
 3    finding converging in this increasingly small
 4    global world.  And I don't think they're
 5    necessarily inconsistent and I think we probably
 6    both have something we can learn from each other
 7    here.
 8              MS. RUBIN:  Any other questions?
 9              QUESTION:  Just a quick follow-up,
10    Christine.
11    Did I hear the tail end of a remark earlier when
12    you said that there seemed to be two main
13    organizations that right now, anyway, are likely
14    to play a role in this, TRUSTe and BBB?
15              MS. VARNEY:  Yes.
16              QUESTION:  I'm looking at your press
17    release here and it says seal program, licensee
18    program or membership association and so on.
19    Fundamentally, does this probably come down to
20    some sort of seal program with at least two or
21    more seals?
22              MS. VARNEY:  At the moment, it would
23    appear so without prejudging what any of the
24    trade associations may or may not do.  I'm not
25    clear what the DMA or the IRSG, what they will

 1    do, whether or not they're even considering
 2    creating their own seal for their own members or
 3    cobranding or what they're doing.  The two that I
 4    know of at the moment, and if anybody knows of
 5    other ones, I'm happy to learn of them, are
 6    TRUSTe and BBB Online.
 7              QUESTION:  There is an accounting
 8    association that's been trying to get something
 9    off the ground for a while.
10              MS. VARNEY:  Yes, actually they've been
11    working with us.  As I understand what they're
12    doing, it's slightly different.  They, as I
13    understand it but I would encourage you to
14    contact them, are thinking about themselves as
15    the auditors who could go in under contract to a
16    company or to a third-party seal program to audit
17    privacy policies.  I don't think they, at least
18    as far as I know, consider themselves to be in
19    the seal business.  That could change over time,
20    though.
21              QUESTION:
22    Will the Privacy Alliance specifically
23    endorse the seals or will it -- if any other
24    seals arise, will it take a look at them and
25    either endorse them or not endorse them if they

 1    turn out to be something that are not entirely
 2    legitimate?
 3              MS. VARNEY:  How about a stay tuned on
 4    that because what we would like to do is see the
 5    market get up and running, see if the companies
 6    that are members of the Online Privacy Alliance
 7    are satisfied with the choices they've got and
 8    then we'll make a determination about what we
 9    need to do, if anything, in terms of evaluating
10    the seal programs.
11              QUESTION:  And when will things get
12    going, up and running?
13              MS. VARNEY:  I think you should talk to
14    TRUSTe and BBB Online.  My understanding is
15    shortly.  TRUSTe is already up.  I think they are
16    considering some changes to their policies and
17    procedures that would bring them into the
18    conformance with the Online Privacy Alliance
19    standards and I think BBB Online has already
20    begun work.  So we'll see.
21              QUESTION:  You
22    had criticized industry self-regulatory efforts.
23    Is this evidence that they're working again?
24              MS. VARNEY:  I'm sorry, what was the
25    question?

 1              QUESTION: I was under the impression
 2    that you had criticized industry's lack of
 3    self-regulation on the Internet, and is today's
 4    announcement an indication that they're working
 5    harder or better?
 6              MS. VARNEY:  Well, what I actually said
 7    last February at the Computers, Freedom and Privacy
 8    meeting in Austin, Texas was -- and I think I
 9    shocked lots of my friends.  I said, look, for
10    self-regulation to work, it has to exist.  And in
11    February, I think the efforts were still nascent,
12    incipient.  And now the industry really has
13    worked very hard, I think since about March or
14    April to get to where they are today.  And I
15    think they've done a terrific job.  And my view
16    is that the amount of work and effort that
17    they've put in today is what they're going to
18    continue to carry this forward and spread it
19    out.
20              So I issued a clarion call in February
21    and they answered.
22              QUESTION:  And you think, then, this is
23    enough for now?
24              MS. VARNEY:  I think we are definitely
25    on the right track.  Absolutely.

 1              QUESTION:  But not finished?
 2              MS. VARNEY:  Not finished.  It's all a
 3    work in progress.
 4              MS. RUBIN:  One last question?
 5              MS. VARNEY:  Great, no last questions.
 6    Thanks everybody.
 7              (Whereupon, at 3:15 p.m., the
 8              conference concluded.)

Copyright © 1998-2003 Privacy Alliance