Five interlocking themes dominated the Fifth Annual Privacy & American Business Conference:

" The latest P&AB/Harris survey released at the Conference confirmed that privacy remains high on the "concern list" of American consumers. Fully 88% of Americans say that they are "concerned about threats to [their] personal privacy in America today," and 55% say they are "very" concerned. The survey also documents that American consumers are becoming much more privacy conscious and assertive. A great majority want more choice and control over their personal information.

" The rapid growth of e-commerce has sharpened the privacy debates, as both the opportunities and dangers in personal information gathering online (and especially about children) remain hot topics for the media, government regulators, the information industry, and state and federal legislators. As the reports in this issue fully describe, there was a clear consensus among business, government leaders and most experts at the Conference: voluntary policies and industry self-regulation should be given the chance to prove itself, both at home and abroad. This view was strongly presented not just by the corporate CEO's and heads of industry associations, but in keynote addresses from members of the Clinton Administration (Ira Magaziner, the President's Special Representative for Electronic Commerce and Commissioner Mozelle Thompson of the Federal Trade Commission.)

" Forty-two of the 50 states enacted consumer privacy legislation: the largest number of laws focused on health care, followed by online/Internet, financial services and telecommunications. In the Congress, the 105th was slightly more active in the privacy realm than the 104th. This year, 150 bills were introduced, with nine privacy bills enacted and more than 40 days of hearings. The passage of identity theft and children’s privacy laws were highlights. Financial services, medical privacy, public records and the EU Directive are expected to receive attention in the 106th.

" The Conference confirmed a shift in focus from privacy concerns raised by offline databases to increasing attention to online privacy issues. However, it became clear that the consumer privacy debates and developments emerging in the online/Internet arena will likely reverberate in the offline world.

" With the EU Directive in effect, the big unanswered question at the Conference was how will the EU handle transborder data flow? A progress report on safe harbor negotiations and another presentation on developments with the contractual approach explored the issues as of December 1998 and speculated about 1999 possibilities.