ACLU Criticizes Government Settlement of Prozac Privacy Breach, Saying Victims Deserve Compensation
FOR IMMEDIATE RELEASE
NEW YORK–The American Civil Liberties Union today criticized the settlement of a case in which drug giant Eli Lilly admitted that it mistakenly gave out confidential information concerning nearly 700 patients who had signed up for a Prozac medication reminder service, saying that the company should be fined and the victims should receive financial compensation.
The ACLU had brought the privacy breach to the attention of the Federal Trade Commission last July when it learned from one of the patients that Lilly had sent out an e-mail containing the Internet addresses of all 669 patients who had signed up for the service. The FTC then launched an investigation, resulting in today’s settlement.
“The requirements of the settlement merely codify the privacy protections the company should have been taking to begin with,” said Barry Steinhardt, Associate Director of the ACLU. “By not leveling a fine and ordering damages to be paid to the victims of Eli Lilly’s serious privacy breach, the trade commission has missed an opportunity to send a message to online medical providers that there is a price to pay for being careless with highly sensitive information.”
“This is especially important because it is not clear whether federal medical privacy regulations cover online providers of medical information,” Steinhardt explained. “Thus, those who seek the anonymity of the Internet to access sensitive medical information may be the most vulnerable to privacy breaches.”
The case is the first time the FTC has prosecuted an unintentional violation of a website’s privacy policies. The settlement requires the Indianapolis-based company to create better safeguards for sensitive information. The security program must be reviewed every year and the company will be fined for any more violations.
Steinhardt said that the ACLU will be reviewing the settlement agreement during the 30-day comment period and that it plans to ask the Commission to order Eli Lilly to pay a fine and damages to the victims of their privacy violation.
The FTC statement and settlement is online at http://www.ftc.gov/opa/2002/01/elililly.htm
Every month, you'll receive regular roundups of the most important civil rights and civil liberties developments. Remember: a well-informed citizenry is the best defense against tyranny.
The latest in National Security
The American Civil Liberties Union is a nonprofit organization whose mission is to defend and preserve the individual rights and liberties guaranteed to every person in this country by the Constitution and laws of the United States of America.
Learn More About National Security
The ACLU’s National Security Project is dedicated to ensuring that U.S. national security policies and practices are consistent with the Constitution, civil liberties, and human rights.