Testimony of Gregory Fischbach
Chairman and Chief Executive Officer of
Acclaim Entertainment
Before the
Senate Committee on the Judiciary
Regarding
Internet Privacy
April 21, 1999
Thank you, Mr. Chairman, for the opportunity to testify before the Committee today regarding the protection of personal information on the Internet. I applaud you for your leadership in seeking to strike the right, admittedly delicate balance between industry self-regulation and the appropriate role, if any, for government.
I testify today wearing two hats. I am the Chairman and Chief Executive Officer of Acclaim Entertainment, a leading maker of video and PC games. Though headquartered in Glen Cove, NY, Acclaim’s flagship development studio is Iguana Studios in Salt Lake City, which employs 90 software professionals. I am also here as the Vice-Chair of the Interactive Digital Software Association, the trade body representing the 6.3 billion dollar US entertainment software industry.
Maintaining communication with our customers is fundamental to our success as a business. Unlike many other businesses where the essential interaction with consumers involves a one-time transaction, entertainment software consumers expect and even rely on a continuous dialogue with their publishers.
For example, buyers of our games expect us to provide them with software bug fixes, game tips, virus warnings, and software upgrades. The Internet has become a major vehicle for talking with customers. We use it to provide online product registrations, direct downloads of bug fixes and updates, new product information, and online game services.
We recognize that using the Internet to communicate with customers means we must appropriately safeguard the personal information we collect and use online.
In October of 1998, the IDSA officially adopted voluntary Principles and Guidelines for Fair Information Practices online.
The Guidelines generally conform to privacy principles proposed by the Department of Commerce and the OECD. While consistent with guidelines issued by other industry groups, the IDSA guidelines go further in three areas — Access, Enforcement, and Children.
To date, sixteen IDSA members, who together accounted for almost 60% of all games sold in the US in 1998, have posted online privacy policies as required by the Guidelines or are in the process of doing so.
For our company, Acclaim, compliance has required fundamental changes in the ways we do business and relate to our customers. This is an important point: business does have a responsibility to protect privacy. But government must understand that these changes often touch on the most basic and important business asset we have: our consumer relationships. Let me tell you: overhauling your business model in this area is not as easy as it might seem when rules are first put on paper.
In fact, we at Acclaim have opted to significantly limit how much information we collect on our Web site. Acclaim.Net only collects and stores email addresses and only does so in three circumstances: when a Web site visitor is subscribing to our Newsletter, downloading software, or ordering something from our online store. We make it clear that we may use these email addresses for a variety of internal marketing purposes, but do not sell or distribute them to any outside person or organization. We also offer customers the ability to have Acclaim delete their email addresses. Finally, we expressly forbid children twelve and under from submitting information to us, and we will implement whatever consent and notice procedures the FTC identifies as appropriate in regulations promulgated under the law. Our policy is posted and we hope to have a certification seal from the ESRB as soon as it opens for business.
Mr. Chairman, I believe our industry, and my company, have made important strides toward protecting privacy. But my experience these last few months tells me that a “one size fits all” legislative or regulatory approach is a recipe for confusion. I understand the appeal of a federal mandate. But as someone working in the trenches, I suggest to you that industry self-regulation, while perhaps imperfect, is ultimately the best and swiftest way to protect consumer privacy on the Internet while allowing Internet creativity and experimentation to flourish.
Thank you for this opportunity, and I would be glad to answer any questions.