E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants

Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


Source: The Associated Press

Posted on July 6, 2001

      New fears about the online security of private information were stirred Thursday when Eli Lilly and Co. said it had inadvertently released over the Internet the e-mail addresses of more than 600 people on Prozac.

      "It just seems like such gross negligence that they let this happen and then blame it on a programming error and apologize," said Evan Hendricks, who publishes the Privacy Times newsletter in Washington.

      Hundreds of patients had signed up at a Lilly Web site for an automated e-mail reminding them to take their dose of the anti-depressant. Lilly spokesman Jeff Newton said a message sent June 27 announcing the end of the service mistakenly included the e-mail addresses of all the subscribers in the message header.

      "It's really just a human programming error," Newton said.

      Experts said exposing the patients' e-mail addresses made it possible to trace their real names and other information about them, including some medical history.

      "Once you put health care information into electronic form, you magnify the harm," said Janlori Goldman, director of the Health Privacy Project at Georgetown University.

      The American Civil Liberties Union has asked the Federal Trade Commission to investigate. It accused the Indianapolis-based pharmaceutical giant of violating its own Internet privacy policy.

      "Whether they did it inadvertently or not, they did it," ACLU Associate Director Barry Steinhardt said. "The FTC isn't a privacy cop; it's an honesty cop."

      FTC spokeswoman Claudia Bourne Farrell declined to comment on the incident but noted that the agency has taken legal action in the past against companies that have violated their own online policies.

      The FTC and other authorities stepped in when Toysmart.com went out of business last year and put its customer records up for sale.

      Two years ago, RealNetworks of Seattle apologized amid complaints that its software, designed to allow customers to listen to music on computers, secretly collected details about people's listening preferences.

      Experts said the Lilly incident shows the need for more careful handling of sensitive information.

      Some experts said it is possible that the only law that was violated by Lilly is one not yet in effect -- a federal regulation protecting the privacy of medical records that goes into effect in April 2003.

      Goldman said even that law might not apply because it does not directly affect drugmakers such as Lilly. It is aimed at health care providers and pharmacies.

      With health-related Web sites, chat rooms and message boards proliferating on the Internet, more protection is needed, she said.

      "We can get tremendous benefits from using the Internet," Goldman said. "But we shouldn't do it all at the risk of privacy."

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.