George Cunningham (Democrat, Clean Elections Candidate, 2 Year Seat, http://www.cunningham2002.com/)
(about George Cunningham...)

Protecting the integrity and safety of electronic data is an important consideration in today's society. While the Corporation Commission does not regulate the content of specific distribution of Internet messages, it does play a critical role in ensuring safe and adequate transmission capacity and that laws relating to customer privacy are enforced. The Commission also has a role in ensuring that telecommunications providers comply with all state and federal laws relating to law enforcement compliance measures, such as wire-taps.

The Commission can enact rules that impose restrictions on the use of customer information by telecommunications companies and to otherwise respect the privacy of Arizona consumers. I believe, for example, that the Commission should require all telecommunications companies to adopt an "opt-in" approach toward marketing to Arizonans and sharing consumer information with outside partners. An "opt-in" requirement would restrict the use of customer information for marketing purposes only to customers who explicitly authorize such use in advance. Qwest's recent disastrous attempt to require Arizonans to call an understaffed, unavailable and frequently-busy number in order to protect their privacy should never be repeated.

The Commission can also do much to improve the information available to consumers about their privacy rights and illegal telemarketing practices. Both state laws and rules enacted by the Federal Communications Commission place certain restrictions on certain telemarketing practices. For example, although the Arizona Legislature has not enacted a "do not call" law, under federal rules, consumers can (for a small fee) request their telephone number be placed on a do not call list. The Commission should prepare and distribute fact sheets and consumer alerts that clearly explain consumer privacy rights and programs to protect these rights. This information should be available on the Commission's web site which is presently inadequate in providing useful information to consumers. The Commission should also assume a leadership role at the Arizona Legislature to educate legislators about privacy issues, and assist in the development and implementation of a workable "Do Not Call" law.

Mike (Lowell) Gleason (Republican, Clean Elections Candidate, 2 Year Seat)
(about Mike (Lowell) Gleason...)

It is the responsibility of the ACC to insure integrity and safety of electronic data under present laws. Enforcement of the present laws will protect the privacy of individuals of in most cases. If more stringent privacy rules are needed it is in the purview of the legislature to set such policy.

Jeff Hatch-Miller (Republican, Clean Elections Candidate, 2 Year Seat, http://www.hatch-miller.org/)
(about Jeff Hatch-Miller...)

Clearly, success of homeland defense is imperative. Electronic systems and data are targets for terrorism. Yet, the greatest threat is still domestic. Whether malicious mischief or vengeful assault, a great many non-military, non-terrorist individuals and groups seem determined to destroy our systems with denial of service attacks, virus infected messages, inappropriate access and use of systems, and other damaging acts.

First, Commissioners must make best use of all funds available for this purpose. The Sept. 11 terrorist attacks on the United States have created a wave of new government spending reminiscent of the space program in the 1960s or the savings and loan bailout of the 1980s. New federal outlays for homeland defense are expected to hit $57.2 billion by next year, and President Bush has made it clear the investment will continue for years to come. It will be up to government agencies to exercise extreme care in their buying decisions. The stakes are too high to waste a single penny.

Secondly, the Corporation Commission should participate with other state agencies, in particular the Government Information Technology Agency, in insuring our state's IT system is free from unacceptable risk. We must do all that is necessary to protect confidentiality of information, integrity of data, assets, efficient and appropriate use as well as system availability. Further, the Commission can cooperate with state and federal programs that offer early detection and warning of system intrusion and the dissemination of threat information. As to specific privacy protection policies, the essence of the Gramm-Leach-Bliley Act should apply universally. Every business has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers' nonpublic personal information. They should establish appropriate standards relating to administrative, technical, and physical safeguards to:

1. insure the security and confidentiality of customer records and information;
2. protect against any anticipated threats or hazards to the security or integrity of such records; and
3. protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.

As a member of the Superior Court Committee to Study Public Access to Electronic Court Records I have come to the conclusion that different classes of information warrant different degrees of confidentiality. Clarification and formalization of a data policy by the Commission is an important first step. I would further support a legislative action that would review and suggest increased penalties for unauthorized us of personal data and information.

Jim Irvin (Republican, Clean Elections Candidate, 4 Year Seat, http://www.jimirvin.org/)
(about Jim Irvin...)

Under the current regulatory environment the Corporation Commission has no jurisdiction over internet applications, including transfers of electronic data. The Commission can only play a limited role in preserving and protecting the integrity and safety of our electronic data. However, with respect to the data that is collected and maintained by the many companies the Commission does regulate, the Commission can take steps to help protect Arizonans. For instance, I believe that it is possible to initiate a rule making procedure to require that all utilities store customer data in ways that prevents unauthorized access (i.e. mandatory state of the art firewalls, internal networks without access to the internet, or offline protected data storage). Depending on the size and sophistication of the company, implementation in most cases could be accomplished with little cost or effort.

With respect to protecting the privacy of individuals against unauthorized use of personal data and information, I led the charge against Qwest at the end of last year when it announced its intent to institute an "opt-out" policy if you did not want to have your personal information shared with other companies. A recent decision from the FCC has concluded that States can, if they chose to do so, require any communication company to utilize the "opt-in" policy, requiring it to obtain proactive permission from any of its customers I will continue fight to maintain the privacy rights of Arizonans by supporting the "opt-in" policy for all telecommunications companies doing business in this state.

Roland James (Democrat, Clean Elections Candidate, 2 Year Seat, http://www.rolandjames.org/)
(about Roland James...)

The Constitutional role of the ACC is to set just and reasonable rates for public service corporation. If the Commission lawyers say that the Corporation Commission has any authority in the area of protecting electronic data, I would certainly use it to protect the integrity and safety of electronic data.

I support privacy as well as freedom and openness. Unauthorized use of individual data and information by a public service corporation should have a very hefty fine imposed by the Commission.

James Walsh (Democrat, Clean Elections Candidate, 4 Year Seat, http://www.jamespwalsh.com/)
(about James Walsh...)

Like any branch of government, the Corporation Commission has a duty to protect the privacy rights of Arizona citizens. The Commission ought to play a critical role in ensuring that electronic transmissions can be performed securely and in enforcing laws relating to consumer privacy.

Specifically, I believe that consumers should be able to easily protect their private information from getting into the hands of telemarketing firms. Consumers should not be required to take extraordinary and often frustrating steps to protect this information from telemarketers, as Qwest tried to require recently. The public supports measures to protect private information, but the legislature failed to adopt a telemarketing "no-call" list approach to reducing the number of unwanted and annoying contacts from telemarketers. Therefore, the Commission should explore the possibility of implementing protections that this bill proposed through its regulation of Qwest and other companies whose facilities are the conduit for telemarketing. Even if this is not within the Commission's jurisdiction, it should strongly support similar legislative measures in the future