Summary of Sub-Group One Report

This Report identifies three possible approaches to the question of access. They run from a very open proposal to a more constrained approach. They are as follows:

"Total access". This is pretty much what it sounds like. It suggests that all PII, including non-PII that is capable of being made PII will be accessible. This includes access to inferred data and proprietary data. Although this is the most open approach, it is also the most expensive approach. It also runs the risk of treating on-line companies different from off line firms.

"Default Rule" Approach. This is similar to the total access approach in that it establishes a default rule in favor of access. It provides many more assumptions about when data should not be accessible however. Generally, types of inferred data and proprietary data would be less accessible.

"Case-by-Case" Approach. This approach would essentially treat different information differently. Each category of information would have different access rights depending on sensitivity, likely use, source of the information, and holder of the information. This approach is basically the sliding scale approach we discussed earlier. It is very difficult to administer, but may allow a more precise weighing of rights to particular data.

Overall, our report includes the comments we received and reflects the members’ views as closely as possible. It does take a very high level look at the problem, with details remaining to be worked out.