Edited version of the author's testimony, including answers to committee members' questions. Protection of privacy means preventing the surreptitious acquisition of personal information. The author suggests that the committee consider legislation to (1) protect personal information against electronic eavesdropping, (2) safeguard the information that communication or recordkeeping networks create for their own operational needs, (3) punish the use of electronic media to commit fraud, and (4) assure that subscribers to a network do not receive unsolicited information. The vendors of communication systems or computers should be responsible for providing a variety of safeguards against unauthorized release of personal information, but the end-user (communication network, payment-exchange network, etc.) should be responsible for misuses of the equipment that infringe on privacy and for selecting the safeguards to be implemented. It is appropriate for the government to impose performance standards on the end-users, and they will signal the vendors through the marketplace what safeguards are required.