Today's Internet privacy related laws are a veritable mishmash – the range includes federal and state laws, some laws that focus on specific business sectors, other technology-specific laws, and many more. And the costs of complying with all these laws are growing. Most small or medium sized businesses, including millions of eBay sellers, probably won't be able to devote their valuable time or resources to making sure that their privacy practices are in compliance with every single privacy law in the land.

The need for a national privacy legislation framework is blindingly obvious.

Yesterday, Meg Whitman, our President and CEO, expressed her support for comprehensive federal consumer privacy legislation. In fact, she's been an industry leader in the call for a national solution to this problem, and eBay is one of the founding members of an industry group supporting "a simplified, uniform but flexible legal framework" to protect consumer privacy.

I knew that Meg was on Capitol Hill in Washington, D.C. yesterday, speaking before the House Energy and Commerce Committee, so I spoke to some of our Government Relations and Privacy folks to see how her testimony went. Scott Shipman, eBay's Chief Privacy Counsel, was at the hearing, and told me that Meg emphasized the need to have a national privacy protection framework, with federal legislation that establishes consistent national standards.

Meg urged the Congress to lay the foundation for a long-term approach to privacy protection. She put forward four principles to guide the drafting of thoughtful legislation:

• A strong unified national standard – Such a standard would "occupy the field" and preempt state laws. Legislation without preemption, Meg pointed out, would create additional uncertainty and compliance burdens, making the current situation worse.
• Federal standards must be enforced – Meg explained that eBay and many other tech companies are committed to employing strong privacy practices to protect their members, but she also pushed for something to be done to "hold the bad actors accountable for failing to put the safety and security of their consumers before other interests."
• Legislation must be applied broadly – Making the case for broad legislation, Meg noted that the law shouldn’t burden any single sector or technology. This is very important in today's scenario, where all companies are increasingly handling growing volumes of consumer information. Legislation that discriminated against a specific sector, such as e-commerce, would be unfair.
• Legislation must be in accord with international privacy protections – Businesses selling internationally to consumers around the world benefit from consistent trading rules, including consistent privacy protections.

Meg concluded her testimony by saying that a comprehensive approach to privacy protection needs to be based on the idea that industry, government, and consumers must work together to protect privacy. After hearing her testimony and that of other privacy advocates, Committee Chairman Joe Barton (R-TX) announced his intention to draft legislation on this important issue for consideration in his Committee before the year's end.

It will be interesting to see how the debate over federal privacy legislation shakes out. Other companies are also concerned about it – for instance, Google blogged about it yesterday. I plan on hitting up our GR folks regularly for the latest developments and I'll share the latest scoop on this blog.