Personal Information & Privacy-II
Tuesday, March 26, 1991
Lance Hoffman, Chair
Copyright (c) 1991 IEEE. Reprinted, with permission, from The First Conference on Computers, Freedom and Privacy, held March 26-28, 1991, in Burlingame, California. Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the IEEE copyright notice and the title of the publication and its date appear, and notice is given that copying is by permission of the Institute of Electrical and Electronics Engineers. To copy otherwise, or to republish, requires a fee and specific permission.
Published in 1991 by IEEE Computer Society Press, order number 2565. Library of Congress number 91-75772. Order hard copies from IEEE Computer Society Press, Customer Service Center, 10662 Los Vaqueros Circle, PO Box 3014, Los Alamitos, CA 90720-1264.
HOFFMAN: ... Welcome to the session on Personal Information and Privacy, Part Two. ...
[Here are some observations, just to set the stage.] I think we're going to see several issues coming up in the '90s. ...Most of them are not new issues but privacy problems which have been exacerbated and which we're going to have to deal with. ...
One of these is Personal Number Calling. With PNC, Personal Number Calling, you get one phone number permanently assigned to an individual. No longer do you have fixed-location telephone numbers. So you have benefits, like instant communications while travelling. But you also have the possibility of more invasions of privacy. This is going to be introduced in major Japanese cities next year by Nippon Telegraph and Telephone.
Point two: The recent withdrawal of the Lotus Marketplace Households Product is symptomatic of a growing issue - that of what I will call "data mining," mining the data for more and better information than it originally had. I think we're going to see as we get into the future more people looking at more organizations before they do something like this. Equifax, to their credit, did this. It didn't turn out as well as they might have hoped.
You're going to see more developers doing privacy audits that look into data mining - database mining. We're not going to be able to strip-mine the data any longer. We're going to get into something like royalties [as previously discussed].
There are a number of network issues coming up. Some of them were mentioned earlier. The gatekeeping issue: Who, if anybody, should do gatekeeping before people are allowed to connect to a network? ... We're in a situation now where anybody can go down to the local computer store and for under a thousand dollars purchase a computer with a modem and the appropriate manuals and such.
If they're diligent in reading and ... invoking the appropriate commands, they can bring down a number of systems around the world, just like with the Internet worm. In essence, we still allow the sale of electronic "Saturday Night Specials." [some laughter and boos.] Well, these are meant to be provocative. I'm sure I'll get my share of brickbats as we go along. [laughter]
We may see more regulation of users because, if we don't, who is going to take the rap for bad things that happen? Are the network operators going to be liable for legal damages if data subjects are wronged? We really don't have clear law on this right now - on the legal liability of sysops.
Finally, we may start seeing more systems built to some sort of "standard of due care," as Donn Parker suggested years and years ago. We already have the concept of houses built to a housing code. Why not software which is built to code? - if you'll pardon the pun. The problem is, "Who gives the seal of approval?" ... Some organization probably has got to be empowered and respected enough to give a believed seal of approval.
Finally, we will maybe see more [privacy] incentives in the years to come. Are we going to get more teeth in the ethics codes of the ACM and the IEEE, for example, which really are, I think, paper tigers right now - even though I chair one of the IEEE's subcommittees on this topic? Are we going to see awards for socially responsible systems? Nobody ever got the Turing Award by doing something in this area for the computer scientists. Nobody ever got the Turing Award for doing a socially responsible system. The rewards system, I believe, has got to be changed.
Or do you have to go to negative reinforcement and produce something like a "dirty-dozen list" of the most reprehensible data-mining systems? I don't know, but my job is to ask questions and not give answers - fortunately. [laughter]
So I will stop there ... and go on to the first of our panelists, Evan Hendricks. Evan is Editor and Publisher of the Privacy Times, published out of the Washington [D.C.] area. He's the author of, Your Right to Privacy and, Former Secrets. Evan's a graduate in political science from Columbia University. Evan?
HENDRICKS: Thanks very much, Lance. My newsletter is an objective reporting service, so it's a real pleasure to be with you today - because I actually get to sort of speak my mind and editorialize a little bit. ...
I think it's important we spend some time defining privacy this morning, because oftentimes the word can be distorted and misused. When I first came to Washington in 1977 - this is a story I tell very often but I've never told it in San Francisco before, so I'm going to proceed [laughter] - Joe Califano was the Secretary of HEW [U.S. Department of Health, Education and Welfare, Health and Human Services]. And, he had an anti-smoking campaign which most people admired and thought was a good thing.
But he was testifying before a Senate committee and, sure enough, all the senators took their turn and here comes the tobacco-state senator, and he tried to turn it into a privacy issue. He said, "Mr. Califano, you're trying to interfere in personal choices in people's lives and you're intervening and interfering in their private choices. And I think, Mr. Califano, if you had the power, you would try and regulate sex!"
The whole room went hush. And Califano thought about that and said, "Well, we considered that, senator, but we didn't know where to put the warning labels." [laughter] So, I was glad to see the time [being spent on] defining privacy, 'cause what we're really talking about is information privacy.
And I think, really, where do we start? I'd like to talk a little about reality, and what's happened, and where we are, and where the rubber meets the road. You start in the 1976 Supreme Court decision which was called United States v. Miller - because, you say, "How did we get in this mess where we don't have adequate protections? We're the home of privacy." In that decision, the Supreme Court held that we don't have an informational right to privacy.
This case involved bank records. The court reasoned that, once you open a bank account, you're voluntarily surrendering your information to the bank. The information is about you, but it belongs to the bank and the bank is free to give it to whoever they want. This message from the Supreme Court was, "If you want privacy, take the cash and stick it under a mattress." This evolved and very much figured in the debate of the Privacy Protection Study Commission.
In 1977 or so, they came out with over 100 recommendations, calling for several new laws across the board, to counter the effects of the Miller decision - because you had to have statutory protections if you didn't have it under the Constitution.
The Carter administration started proceeding on those recommendations, and they actually were moving legislation forward. But the combination of the bureaucracy taking so long to get the proposals on the table, and then industry moved on its own front. They had came out with voluntary policies, slick brochures, assurances to Congress - but actually formed what I consider was an anti-privacy lobby working behind the scenes to stifle the legislative proposals that were proceeding through Congress. Time ran out on most of those proposals.
[Then], Ronald Reagan's elected. He comes to town, Yee-haw! [laughter] ... I don't have time to go into detail, but this is the beginning of what I call the cowboy atmosphere. Just like you saw an explosion in junk bonds in the '80s and all these financial shenanigans - in the same way there's an explosion in the use of personal information. What it involved was [that] personal information became very valuable and ... institutions wanted to use it for marketing. And, the government always had a track record of often misusing personal information and having weak laws.
Now there were also laws passed during the '70s. You've heard the cable-TV law [that] was mentioned. And there was a serious and substantial revision of our wiretap laws - ECPA, the Electronic Communications Privacy Act. Also, you've heard about the video-rental law, so that's protected.
What's not protected are things like our medical records. There was a serious proposal in 1980. It died on the vine. There's still not yet a serious proposal moving in Congress to protect something so sensitive as medical records.
The Fair Credit Reporting Act is 20 years old right now, and that is before Congress. There's going to be serious debate going on for the next two years to amend that law.
Caller ID and communications privacy is going to be a very ongoing concern.
And you heard Professor Flaherty talk about the Data Protection Board and Congressman Wise's proposal. The other issues relate to direct marketing, which we dwelled on in the last panel.
One of the things that industry did a lot during the '70s [was to] sort of say, "Well, let's go slow; let's have reasoned debate." They kept saying, "There's not enough evidence of abuse." They really kept hitting congressmen over the head with this: "If it ain't broke, don't fix it."
"The camel's nose might not be under the tent but I sure can smell the camel." You had to sit back and report on these comments. In fact, with the cowboy atmosphere that I mentioned earlier, examples of abuse are coming out of the woodwork.
If you're here in the [San Francisco] Bay area, you might have seen some of KTVU's (the Fox affiliate) reports on privacy. Typical with credit reports, ... they focused on a former PUC [Public Utilities Commission] chairman who kept trying to get - I believe it was TRW - to correct his credit report. This is a common problem all consumers have. He kept trying and they wouldn't do it and the thing kept surfacing with the wrong information.
But he happened to be a friend of Congressman Rick Lehman [D-CA], who was the chairman of the subcommittee who was hearing the Fair Credit Reporting Act amendments. When he finally wrote to his friend, Congressman Rick, then all of a sudden his credit report got cleaned up. The problem is not everyone is a personal friend of the congressman, and you shouldn't have to make a major case out of it to clean up your credit report. But that typifies what happens to consumers when they run into these problems.
There was a man who was hired for a $50,000 to $70,000 job in D.C., pending a background check. Equifax provides a report that says he's convicted of cocaine. This man's name is James R. Wiggins, and they turned up a record on that man. Of course the man with the conviction was another man with another middle name, different date of birth, the whole works, but they didn't dig in far enough. So he lost the job. He went to Equifax and said, "It's not me." And the guy said, "No, you're the guy. We know it's you." And he's got a million-dollar lawsuit pending. It goes on.
Great Western Bank is here. They did a promotion where they pulled consumers' credit reports because they wanted to sell their debt- consolidation loans. They had two people - a man and woman living at the same address - so they figured if they weren't married they were a significant-other situation. So they sent them both a letter listing each other's debts from their credit reports saying, [audience noise.] "Look at all the debts you have. Wouldn't it be great to take out a debt- consolidation loan from Great Western?"
Of course they weren't related at all. It was landlady and tenant. And that's probably the last situation you want to have. [audience noise, some applause] And let's credit the San Jose Mercury News for breaking that story.
The media - the Wall Street Journal and the New York Times - have done some incredible work on privacy. ... For some of these bad practices I think sunshine is the best disinfectant.
... There was a secret matching program ... behind closed doors, between the Social Security Administration and TRW. Citicorp had a separate line going where they ... wanted to verify Social Security numbers. So they would slip their database of people to to SSA. SSA would run a tape, and then they'd say, "Your numbers for these people are wrong."
Once the New York Times exposed this ... they halted the program - and the SSA Commissioner at that time; [it] actually coincided with her resignation. What was not noticed too deeply in there - we picked it up - is that 30 percent of the Social Security numbers in somebody's database is inaccurate, probably. TRW's and Citicorp: TRW submitted 150,000 names. They came up with close to 50,000 that are inaccurate. Citicorp had a 3-million-name database; almost a million of them were inaccurate.
Along these lines, there's another group in the southeast called EIS that does a database of people who file workmans compensation claims. So employers can go behind their backs, and usually without telling them say, "Check people who legally file a workman's comp claim" - and basically blacklist them and not hire these kind of people.
There are solutions. The Fair Credit Reporting Act requires that legislation would go through which would fix a lot of these things. But sometimes I feel [that], without the heat, the legislation won't move forward. The squeaky wheel does get greased.
The problem with all these abuses ... is - to this day, at least as of a month ago - the Associated Credit Bureaus is still coming up and saying, "We think Congress struck the appropriate balance 20 years ago when they enacted this law." Come on!
Technology has gone forward. The practices have gotten out of hand. We need a new law. And I think this is where industry can get on board and really make a difference. ...
The medical-records issue: Most people don't have a legal right- of-access to their medical records.
The issue of authorization: You sign an authorization form which has no meaning because you sign away your life, and you have to do it to get health insurance. A good privacy proposal, which is pending in Congress - it's just not moving - would affect that.
The other thing ... is that the Human Genome Project is a situation [where] we should bar any information on genetic information going into private databases that can be used for employment and insurance decisions. Right now, there are cases piling up. There's a doctor here in San Francisco that's documenting where people are finding that not only if you have a gene, we're not going to give you this job; we're not going to give you this insurance, but if your mother had it, or anyone in your family had it, that means you're too much of a risk [and] we've got the data to prove it. That's another form of a hit list that's forming.
And this is how serious the issue is, and I think this is why we need a stronger privacy movement to get the laws that we deserve. Thanks very much. [applause]
HOFFMAN: ... Our next speaker is Tom Mandel. Tom is Director of [the] Leading Edge Program in SRI's International Values and Life Styles program. [VALS] It was founded 13 years ago and it's the premier ongoing study of consumer beliefs, values and behavior in the United States. Tom has worked as a professional futurist at SRI for 17 years. His current areas of focus include the future of the United States society and the social impacts of emerging interactive and multimedia technologies. In Tom's spare time, he also manages computer conferences on the WELL [a popular electronic conferencing system in Sausalito, California], and is a co-organizer of the annual Hackers Conference. Tom?
MANDEL: Thank you. Seventeen years as a professional futurist means I have to get out of this business fairly shortly. Most of the things that we've been talking about are going to become true or false soon, and I don't want to be around for that. [laughter]
I want to tell you a little bit about the VALS program, which is a part of this world of consumer-information services, although it's in a funny, different part of it. Indeed, we would benefit by an increase in privacy laws rather than a weakening of them or them staying the same they are today. Then I want to talk a little bit about some general future trends that I think are impacting on this issue.
I'm not going to take a position on privacy. Some of you who know me from the WELL know that I argued in favor of the Lotus Marketplace device in the EFF [on-line discussion] conference there. But I have diverse views on different privacy topics.
The VALS program - Values and Life Styles - has been around us 13 years or so. It's an ongoing study of psychological profiles of consumers; groups of consumers. We study the American population. We look at the psychological motivations that lead people to buy things - what people want; why they want them; why they buy things. It's used widely in marketing and advertising, and in direct mail. It's also cross-linked with many of the consumer databases that worry you, including Equifax's NDL database, which we have a joint venture with. (Lotus, which was based on that [Equifax] database, did not use the VALS Psychographic System.)
Our purpose is to help clients better understand consumer psychology and the needs, wants, styles of the consumers. Frankly, we're in the business of helping companies understand you better and learn how to sell to you better.
We have our own little problems with privacy. We used to have a system called "VALS-1." Well, it used to be called VALS. We now have "VALS-2." And we had [data from] a general survey of the U.S. population, about 2,500 to 3,000 people nationally. We used to have a question in there that helped us put people in categories.
We asked people if they smoked marijuana. Back in 1978, this is a very hip question to ask. About 1984 or so - the right year - we started getting a lot of complaints about that. In our new survey we don't ask that question at all. We now ask people if they like to skin dead animals. [laughter] The different lifestyle groups.
My view is that the privacy issue is going to become much more complex and not clearer, as time goes along. There are a variety of social trends that contribute to this. One a lot of people talk about is social fragmentation or, on the consumer-businesses side, market segmentation.
Basically, we're moving towards a world of much smaller market niches for particular products and services. More important, we're moving toward one in which people are going to expect - and companies are going to be delivering - much more personalized products and services; things made for you and me; things made for very small groups of people.
We expect that in the 1990s businesses are going to shift much more towards not just trying ... to sell us things, but towards building closer, more intimate, more active relationships. There'll be more of a "family relationship" between a business that you ... like to buy things from; a kind of a partnership. We're moving back in some ways towards the corner store, the general store of the past in which you'd go in and the person behind the counter knew you, knew all about you, had known you for 20 years, knew everything you liked, knew what was going on in your personal life.
People are going to accept - [to get] the things that they want ... - lots of knowledge about each other. You'll want to know a lot about the company. The company's going to want to know a lot about you, and you'll start exchanging this more frequently. That doesn't mean that there's going to be greater acceptance of the resale of data.
Second: People talk about the future being a "networked society." I'm not really thinking in terms of the global, universal computer networks with everyone participating. That may happen but I rather doubt it. Rather, the networked society is going to be, in the 1990s, collections of people - these little groups of people committed to very specific issues.
An example of that is what happened with Lotus Marketplace: 30,000 people complained. But if you read the articles closely, you'll notice that those 30,000 people got together on computer networks and computer conferencing systems, things like that. That is not representative of the U.S. population. That's a very small group of people with a lot of leverage because they talk to each other.
The kinds of things that people know about in these collections of networks - social networks - are going to be increasingly fragmented. Some people are going to know about this; other people are going to know about that. There's too much information around. Indeed, the most educated people are likely to be the most information-overloaded.
What this means in this kind of a society is much more leverage to very small groups of people on very big issues. Privacy is not a big national concern at this point, but a small group of people can make a lot of difference in it. It's going to give increasing leverage to people who are media sophisticates, ... people who are computer-literate, people who understand how to use media. It turns out to have been Republicans to start with.
Much of the battle is going to take place outside of the mainstream media. In this kind of a networked society, in which people are clustered together in different groups with different concerns, it's going to raise lots of questions about what kinds of privacy for what kind of people. There are a lot of ideas that are going to pop up, and they're going to diffuse slowly or they're going to diffuse rapidly. The Lotus Marketplace idea [finger-snap!] happened just like that. A small group of people complained; the product was stopped.
We've gone through a period ... where everybody believes that credit information should be handled in a certain way. Maybe that's not done well, but it should be done that way. Now we're concerned about the resale of consumer data. But what is personal information in this kind of a society?
People were concerned a few years ago about the rental of lists of sex videos that people rented - resale of those lists of information. It's still a privacy issue. And [at] the same time in the same society you have a growing, strange little subculture which is producing amateur sex-video tapes, and there's this whole network of people that like to show themselves on videotapes. So you've got these two things going on at the same time, and you ... usually understand what people mean by privacy in that context. [laughter]
The third thing is that we have a more slowly growing consumer economy in the 1990s. [There are] a lot of reasons for that. But the point is that there's going to be more pressure on companies to find other sources of income and revenues. ... We're not going to be buying less, ... the economy is not going to be growing as rapidly.
There is going to be more value to good information about consumers. Companies are going to pay much more attention to the effectiveness of their marketing and to maintaining that relationship with people they're selling to. There's going to be more selling and more value- adding of information. Whether this is personal information or information about groups - like VALS is - or other kinds of information about consumers, [such as] their actual purchase patterns, remains to be seen.
It will probably be collections of all those things. But the pressure to increase revenues by selling information about consumers, and to have more information so you know your consumer better, is inevitably going to grow. And, this is going to become more internationalized [with] more foreign businesses coming into the United States, coming from countries with different ideas about privacy, as well.
You're going to see, in this setting, very confusing things to deal with. I hear talk, here, about legislational rules to restrict the resale of data about consumers. And yet in the 1990s we're going to see companies, especially bigger companies, consolidating more rapidly, getting bigger and getting much more concerned about how they're organized. They want to move information; they want to run their businesses more effectively.
And they're global businesses, global operations. They're going to reorganize to shuffle things around more effectively. They're also going to be bigger. So, you might have sold your data to one company, but it happens to be part of another company - of a magazine conglomerate for example - and it's going to end up over there. You won't even get caught on the resale of data.
A lot more joint ventures and strategic alliances [are] confusing this picture. The VALS program has a joint venture with Equifax, [yet] in a sense, Equifax is our competitor in some markets. Equifax has a joint venture - or had one - with Lotus. Lots of strange relationships going around to keep track of.
Let me close by giving you three quick implications. In the 1990s and beyond that, ... there's probably going to be not much stability to the meaning of privacy, of what "privacy issues" are. It's going to be easiest to sort out the "Us versus Them" issues - really clear political issues, conflicts, mistakes, issues that impact a few people a lot. The general issue is going to be harder to deal with.
Number two: In this era of growing relationships between buyers and sellers, honest disclosure will become more important and more valuable. It'll probably become a selling point for many businesses. So it may be difficult to legislate on this, but it may be easier to convince businesses that this is a good way to do business.
Third, I think that if you're dealing with privacy issues, while there are some general, broad issues, it's going to make a lot more sense to look for leverage to focus on particular educated media- and technology- sophisticated consumers. This is not likely to emerge as a mass issue for most consumers unless something goes very wrong. It's something that's going to impact different groups of people in different ways. Thank you. [applause]
HOFFMAN: Thank you. Our next speaker is Willis Ware. Dr. Ware was trained as an electrical engineer and, while there were a few papers and articles written on computer security and privacy before the time, it might be said that he launched the computer-security field in a sense, with the definitive DoD [Department of Defense] report on security, then classified, in 1970, later unclassified.
Willis chaired the HEW (now HSS Committee), the Department of Health, Education and Welfare, at the time; a committee whose report led to the Privacy Act of 1974. Willis was a member and the Vice- Chairman of the Privacy Protection Study Commission and is still very active in both computer security and privacy on public-policy issues and on technology developments. He also serves as Chairman of the Computer Systems Security and Privacy Advisory Board to the National Institute of Science and Technology [NIST], the major civilian technical policy- making agency at this time on this topic. Willis?
WARE: To be honest with you, I don't know whether I'm in the middle of a minefield or a swamp. [laughter] Or maybe it's both. Let me get this one out of the way first. If some of these thoughts that we've heard expressed about consensual databases and royalties to data subjects materialize, data-processing costs will go up like you can't imagine. But that's OK, go ahead and do it. The computer industry will love you forever. [laughter] The implications of some of those suggestions are rather extensive.
I want to talk about information privacy. I don't want to talk about security, which has to do with protecting information and controlling certain attributes of it such as confidentiality, integrity, and so on.
Let me remind you first that this country has ... addressed the privacy issue piecemeal. Unlike the European countries, which tended to pass a law and that was it, we fiddled around and passed a Fair Credit Act. Then we passed a Fair Billing Act. Then we got the Privacy Act in. And we've done educational records. We've nickel-and-dimed it to death over a period of a dozen or so years.
The Privacy Act - the content of it ... - was based on the HEW Report that you've heard referred to today. It created the Privacy Protection Study Commission, which you've also heard referred to. The latter did look extensively at the private sector with the intent of ensuing legislation, but of course none of that ever materialized.
The point of this brief history is to underscore the observation that the privacy movement commenced with a concern about the private sector, namely the credit industry. Then it moved over to worry about the federal government with the Privacy Act, and it's bounced back and forth. But through the '70s and into the '80s, the government was considered to be "the threat." The government was considered to be "the enemy" when it came to privacy on any of our parts.
The privacy issue developed as an information-use issue, not an information-protection issue. There are only a couple of instances in which personal information has been declared to be confidential, therefore to be protected. Census data is one. Tax information is another, and that only since 1976.
Now, there's a new player on the scene. ... In the early '70s, there was no "information industry" that dealt with personal information, outside of credit reporting, which we understand. This [information industry] is new and if there truly is a change, as has been suggested, then it may be the presence of the private-sector information industry that's driving it. It becomes questionable whether the government is still the enemy.
While the practices of government have changed somewhat - most notably the more explicit and sanctioned matching of computer records - the private-sector practices have changed and broadened extensively. There are exceptions, of course. We've referred repeatedly today to the Lotus Marketplace incident. So it's probably time that we add the private sector to the federal - to all governments - as opponents in terms of worrying about the privacy issue. [applause]
There is a deeper issue, though, that I want to flag. I believe that an axiom of arguing the situation has to be the following: I believe that personal information cannot reside as the sole property of the individual.
An information industry such as exists in the private sector - whose stock-in-trade is sale, manipulation, etc., of personal information - has a right to exist under the laws and heritages of this country. Businesses have a right to conduct their affairs in economical ways so long as they remain within the law. Government has genuine need for information to conduct its affairs. So, I think personal information cannot be the sole property of the individual, But, it has to be shared in some, let me say, equitable fashion.
There is no doubt that there are benefits for widespread use of personal information for some people. There is no doubt that some people get harmed from that practice. And occasionally there are serious consequences, up through and including murder. The question becomes, "How do we sort this all out; how do we zero in on some solution?"
I've thought about that question for a long time, and I have only one new thought to offer to you. The new view that I would like to [put on the] table is that we consider the privacy issue as one of social equity. Equity issues in society are well known; well perceived. We don't normally call them that. Frequently the equity issue is between some industry and organized public-interest groups. The obvious one, being here in California, are the logging interests versus the conservation groups.
Privacy is an especially tricky equity issue because it has different dimensions. Notably, it's very pervasive. It doesn't trouble just one little corner of this state. It troubles everybody in the country. And the reason it's more pervasive, of course, is because of the widespread role of information in everything that we, our organizations and our society, do. The obvious stakeholders in such an equity statement of the issue would include certainly all of business and industry, as consumers of personal information; the information industry explicitly as a purveyor of personal information; the government as a user of personal information; and certainly all of us, as individuals impacted by those other stakeholders.
There are some new and different twists, also, in the current statement of the privacy issue - relative to what it was, say, 15 years ago.
Then the focus tended to be on abuse. It was OK to use information about people so long as the data subject was treated fairly and in ways that he knew about. A more explicit consideration of use, and especially socially accepted uses, must be a component of the privacy debate today. With regard to this issue, the private sector is largely unchecked in what it does or what it's used to doing - again, with some exceptions.
The second new twist, it seems to me, is that of protecting information - whether it must be explicitly protected or not.
A third [is] really created by the existence of all of those databases that [have] accumulated as a result of doing business. I have in mind the databases that sit behind point-of-sale systems, that sit behind pharmacy systems, that surround us, that sit behind airline systems. Those are databases that are part and parcel of being in some business. What about all of them? Do they need protection? Who may access those records? How long shall they be kept around? I would be especially concerned about access to those, let's call them "incidental databases," by the enforcement community - the tax authorities, drug enforcement, welfare authorities and on and on. It seems to me that ... the privacy debate as it's shaping up will have new dimensions.
I respect Alan Westin and the surveys that he's done. I also am willing to believe that Equifax is born-again, again. [laughter] The first time was in 1970 when the FCRA [Fair Credit Reporting Act] was passed.
But the Equifaxes of the country are a small part of all of the information-consuming assets of the country. What about the telephone industry? What about the retail industry? And all the information either of them hold about us?
I'm personally not nearly so optimistic as I've heard some people express today. For 17 years I have watched nothing happen. It's like the drought that we have out here. Are we in the 17th year of a 17-year period of nothing? Or are we in the 17th year of a 25- or 30-year period of doing nothing?
So I personally will refrain from being euphoric [laughter] until I see a lot more cleanly stated and clearly evident signals that, indeed, the public attitude is changing in important ways about privacy.
But I will continue to look for that elusive solution. I will continue to look for some scheme which hopefully will give us a broad way to look at the issue. Thank you. [applause]
HOFFMAN: Thank you, Willis. Last but not least of our panelists here is Simon Davies. Simon is an Australian journalist who became involved in privacy four years ago when he founded and directed the national campaign against the Australian government's proposed identification card.
The campaign was one of the biggest in Australia's history, and succeeded in defeating the plan. Since then, as Director of the Australian Privacy Foundation, Simon has forced the introduction of a national privacy law, the establishment of a Privacy Commissioner, the passing of credit-reporting legislation and numerous other initiatives. He's Convener of the newly established world organization entitled Privacy International, which apparently has branches in 40 countries including the United States, and I'm sure he'll tell us something about that. Simon?
DAVIES: Thanks, Lance. I came here with a really cute, set speech, but under the circumstances I've thrown it away. And the reason is that I think the environment here deserves a little criticism.
I hope you don't get the wrong impression when I say that this is a "nice" conference. Everybody is "nice" to each other. Even when speakers get hissed, they're hissed in a sort of conciliatory way. [laughter, hissing and laughter]
But I come here with an understanding that privacy is an adversarial issue.
Willis set the stage beautifully for me. I thought I'd have to apologize for this. Willis says he's depressed about the whole situation - 17 years and nothing happens. The U.S. is an embarrassment to the privacy movement overseas. With the exception of advocates such as Marc Rotenberg who have done excellent work of an international standing, the U.S. stands alone as an example of what a super power should not do in privacy.
I find myself making excuses for the U.S. wherever I go, which is unfortunate. That's not to demean the goodwill that's here, because the goodwill in this room could fill a mountainside.
What worries me is that this "niceness" that this conference represents is undermining the whole privacy debate. In fact, there is no debate, because the privacy issue has become characterized by "the reasonable ground." I keep hearing this "reasonable middle ground," the "reasonable balance" between those nasty extremes. I should preface my remarks by saying I represent what Equifax would call an "unreasonable extreme." [laughter]
And I'm proud of it [applause] because I believe that the American corporate sector is very cleverly and professionally "white- anting" [erode invisibly; Australian termites] the privacy issue. ... Speakers have stood up here and said, "There are people going to Congress, going to the White House, and lobbying very professionally." Yet they'll come here with a different face. The "reasonable" face. This worries me a great deal because I wonder, "Will America ever get privacy legislation with real teeth?"
So here I am, the unreasonable extreme. I wanted to say a few things about that. One of the great developments in any social movement, in any campaign, is that the ground does become reasonable and balanced and well-considered, and everybody stops using adjectives. The speeches become more colorless - they are passed over to lawyers who are very cautious about their phrasing.
Because no one wants to get picked up, do they, for making such a thing as a generalism?
What concerns me is that there is a new breed of privacy advocate surfacing. You can see this breed in this room. And here, I'll become personal and break one of the great rules of conferencing. We have an animal called the "prag-vocate" - the "pragmatic advocate."
I'll explain what the prag-vocate is, because you see him in all areas of human rights, in all countries. He's the slick professional, the man who is well-trained, who might or might not have vested interests. He says the right things and he denounces the extremes. He says, "Aww, look, this debate has matured. We're adults here. Let's talk about pragmatism here. Let's talk about the reasonable middle ground."
There's a few of them that have become very professional in the environmental movement. In Australia, for instance, it's become such an industry, this "prag-votism," that we now have what's called "sustainable development legislation" to protect the environment. A few other countries have got it, too. Yeah, well, forget the environmental movement; let's legislate for industrial development in sensitive environmental areas. That was pushed by this new breed of advocate.
We're seeing it in privacy. We've seen it in other areas of human rights also.
This deeply concerns me and deeply concerns many other people around the world. America, I suppose, should maybe think in terms of adversarial privacy debate rather than that cute middle ground. We haven't resolved the cute middle ground yet. ... When it comes down to it, it's - if you like - autonomy versus the power of the state or the power of the corporation. Surely it still is that one fundamental issue that we're talking about: "The right of the individual over the right of the state," however you define the state.
So I come here and I find that that's no longer a kosher position - that when you stand up in front of a conference, everything has to be reasonable. Even [in] the debate this morning, I could see Marc Rotenberg sort of champing at the bit. He wanted to say something, but maybe Marc just felt that he'd be a little bit out of place. I don't know. It would be rare for you, Marc. [laughter]
This brings us to the position of opting-out, right? I didn't think that the opt-in, opt-out thing had reached such a controversial point here, but it has. I can't understand why opting-out has received such serious attention, because the whole base of the American legal system is based on universalities. You know..., "Dear Los Angeles Police Department: Please don't beat me up tonight." [laughter and applause] [Note: The videotaped police beating of Rodney King was widespread in the news at the time of this comment.]
So the question becomes: "Is privacy part of the legal system or is it not?" If it is then it's universal. There's no opting-out involved. You forget that. It's a "furphy" [false or misleading story] introduced by these prag-vocates. I hope we've dispensed [with] that one. [laughter] ...
I should say, things are about to change tomorrow because the U.S. Privacy Council is going to be born. People such as Marc and Evan Hendricks and numerous others are going to form what I believe is going to be a new dawning for privacy. Hopefully it will resurrect the whole issue as an issue; not just as a sort of piecemeal jigsaw thing. The Privacy Council will be able to take some of the workload from the ACLU and become a full-time activist in this area. So all power to them. And certainly I'll do my best in the international arena to help whatever they're doing.
I've got to say one final thing, and this relates to the international privacy situation, because it hinges directly on attitudes in America. I've just come from Southeast Asia where American technology and American computer expertise is developing the most repressive surveillance systems the world has ever seen. I spent seven weeks in Thailand trying to convince the military-backed government there to back down on its new "Smart ID Card" - complete with digitized thumb prints and digitized face prints and digitized everything, linking up all ministries and controlled by the Ministry of the Interior.
I find, however, that every time I criticize the system I would be reminded that the Smithsonian Institute - on behalf of the American people - had awarded the government of Thailand this magnificent trophy for heroic use of technology. So whenever someone like me, an advocate like me, comes along and criticizes this Southeast Asian government, they raise this award aloft like some holy grail and say, "Look! The American people says it's OK."
I feel that action by the Smithsonian Institute was reprehensible. They had no right to award a military government, on behalf of the American people, a prize for their use of surveillance technology. I believe that the American computer industry right now is active in promoting the same technology to the governments of Indonesia and the Philippines, which currently have bills before their parliaments to pass similar systems.
If there's one final thing I'd like to say, it's that this conference should abhor that process, and should call on the American computer industry to show a little spine and perhaps develop some ethics in this area. Thank you very much. [long applause]
[Note: In June, 1990, the jointly sponsored ComputerWorld-Smithsonian Award for Innovative Information Technology in the Governmental Sector was awarded to the Thailand Ministry of Interior for its centralized citizen database system. The system tracks 55 million Thai citizens, includes a required ID card with embedded personal data, and tracks personal information including family make-up, ancestry, voting patterns and foreign and domestic travel. Two of the three judges making the award have major computing responsibilities in the U.S. government.. -JW]
QUESTION & ANSWER PERIOD
HOFFMAN: OK. ... We'll take some questions. [I'm inviting John Baker and Janlori Goldman from the Privacy-I session to also be available to respond from the audience.]
First question is from Jeff Johnson of CPSR, for all panelists: "In an increasingly global information network, won't privacy protections enacted in the United States, based on the Bill of Rights, become increasingly irrelevant because of the availability of information to people in countries having no Bill of Rights? Will unethical United States businesses or agencies be able to buy the information they want from foreign governments, companies or affiliates?" ...
HENDRICKS: The answer is yes and no. This is what the whole EC [European Community] debate is about. Privacy is seldom for privacy's sake. Oftentimes it's to increase the free flow of information. That's why you have [lawyer-client and doctor-patient privileged relationships].
I say that, because the EC wants to have strong privacy protection in all the member countries - so they can easily share information without worrying that ... personal information can be abused in one of the other countries that doesn't have adequate legal protection. That's why they have the standards for countries outside the EC, so that they will not permit the transfer of personal data to countries with inadequate legal protections. That's why the [EC] Directive shines a very bright spotlight on our privacy laws and their inadequacy.
And that's why you're seeing so much attention to the issue, because it's economic now.
The answer to that question is, "No, the trend is going the other way." But obviously when you look at Guatemala, Salvador, the Philippines and all the incredibly oppressive countries around the world in which we've helped install dictatorships throughout the last several decades, you're not going to find a great deal of privacy protection in those places. But you have "privacy haves" and "privacy have-nots." You have a developed world and an underdeveloped world, and in the developed world, the trend is going against that. Obviously in the underdeveloped world, we have a long way to go. And Simon just came back from Thailand.
HOFFMAN: ... From Charles Wood ... [and others]: "Given the vast number of trees that are destroyed in the interest of direct-mail campaigns, [some laughter and applause] should consumers not have the right to define what type of information they receive, not just what type of information they will disclose?"
JOHN BAKER: ... The use of resources as far as trees and direct mail is concerned is a very serious problem. And you can compare that to the use of resources for selling goods and services in other ways. You use a lot of gasoline when you drive to shopping malls. You really should ... think about how the different processes [such as] opt-in and opt-out processes might be better than traditional ways of advertising and of distributing goods and services that people go shop around for.
WARE: What's behind that question? Do you want to put calling-number identification on the mailboxes? Mandel, are you going to be speaking pragmatically?
HOFFMAN: If you're not careful, we're going to make you state your Social Security number, too. [laughter]
CHARLES WOOD: I thought it would be expedient if people would say, "I'm interested in computer-related material but I'm not interested in pornography. So don't send me any porno in the mail." We would significantly reduce the junk mail we would receive. Does that answer your question, Willis?
MANDEL: At a societal level, that is what's going on. People are sorting through direct-mail lists and cutting them back to what people really want. The problem is it's happening perhaps more slowly than you'd like to see it happen.
There are all sorts of forces on the direct-mailing industry that are going to push them to do exactly that. You're going to get stuff [where] people test things out on you. But if you don't respond to it you're not going to get it back again. That process will take probably four or five years to work out to the point where there will be a significant slowdown in this increase of junk mail. [laughter]
HENDRICKS: For junk mail, they should have a requirement that it all be done on recycled paper, and that the privacy movement should align with the environmental movement and let's get some serious coalitions going on defining what a progressive direct-mail national policy should be. [applause]
BAKER: It just seems to me that the thrust of the things you're concerned about with privacy and targeted marketing is to try to cut down on mail, and to try to send it to the place [where] it's probably going to be used, or to send it to people who are probably going to be interested in it. If you argue against that, then you're arguing for much more mail proliferation, indiscriminate mailing to everybody...
Think about it: Everybody will mail their catalogs to everybody. Isn't that a lot more use of resources when you don't have that information [about personal preferences] to try to make those cuts and segments?
ESTHER DYSON: Not if I have the right to my name, and I charge you $5 or $10, or whatever I think it's worth, for you to send me your stuff. ...
BAKER: But ... if I just ... send you and every other American what I want to send you, I don't need to buy anything from you. I have the right to send that to you.
DYSON: Yeah, that's why I want my privacy. I want to be able to charge you. ... If I own my name and I feel like it I can sell him my name. If I don't want to get his mail, then it's going to end up not being cost effective for you to send to me. ... That's what I want. I want the economic right. I'm not a pragmatist. I'm [for] "strict property in my name."
BAKER: I don't ... know that it's realistic to think that you have a right to keep everybody from sending you anything if they didn't get anything from you, and they're just trying to market goods and services to you. ... I think that's a little different from someone buying and selling her name that was acquired somehow - [different from] picking a name out of, let's say, a phone book and sending something to you ... .
AUDIENCE MEMBER: How can opt-in work for .. aggregated or value- added personal information? [On] the question of opt-in, ... giving affirmative permission to use the name, I have a fear that that particular solution - though it sounds really attractive in the context of the debate - will be limited only to direct use of information. The way around it that corporations will find is that they will do something to the information and say, "Now we own it. ... That's ours now." ...
BAKER: If ... there is a mechanism for opt-in, then you opt-in under the rules of that mechanism. One of the rules of that mechanism might well be that information that you provide in opting-in is used for that purpose and can't be used for other purposes.
MARC ROTENBERG: The short answer is that we have a wonderful example of opt-in that we're all very familiar with, and that's the phone book. When you subscribe for telephone service, you make a decision to have your name listed in the phone book. Not only do you make a decision about whether to have your name listed in the phone book, but you decide what aspects of your name, address and phone number you want to disclose.
Many people choose not to disclose their first name, and protect their gender identity in that way. Many people choose not to disclose their street address, but make their phone number available so people can reach them. If you want an instructive lesson in how well an opt-in mechanism can work to protect privacy, pick up the phone book. [applause]
WARE: I just want to throw a seed out there, because it might grow someplace. I can make an observation about this problem but I can't do anything with the observation having made it.
The problem is that it's not a neutral game. People are forced into playing a game that, given an absolutely free choice, they might not wish to be in. The game is disadvantaged toward the person who has to take the positive action to get out. Now, where to go from there with that observation, I'm sorry, I don't know. [applause]
HOFFMAN: [Here's a question for Janlori] from Todd Newman of CPSR. Why does the ACLU sell its mailing list? [crowd noise and applause]
GOLDMAN: Thank you, Todd, wherever you are.
Why does the ACLU sell its mailing list? Before I get defensive and tell you that we don't sell our mailing list, which is true, I will tell you that our mailing list practice is not one that I support, and one that I have been working for a number of years to change. A number of people in this room have been helping me in this effort. We, as many other organizations, are not born enlightened. In fact when I have talked to a number of people in my organization about this what they say is, "We never thought it was a privacy issue."
So even within an organization where you've got members who are particularly sensitive to this issue [it's unresolved]. People write in and say, "I know you're doing this, because I got this letter from a magazine or another political organization, and it had the same name, the same way that I use my name when I applied to the ACLU. Everyone knows how to create their own personal audit trail.
I have raised this issue. We do provide - and again I am not being defensive, I am reporting, first to tell you that I don't agree with it - a negative check-off option to members. Where people say that they don't want their name exchanged, that's how it's done, it's exchanged through [mailing list] brokerage houses so there's no one who actually gets your name. What they get is a mailing label [from the list broker].
Where people want to opt-out, they can opt-out and then ... they're not part of this exchange. But it is not a practice that I support, and one that I've been working hard to change. Someone else asked me this question earlier, and what I suggested to them I would suggest to you. If you are a member or you're thinking of becoming a member, write in on your membership that you do not want your name exchanged, and also protest that we only provide the negative check-off and not an affirmative opt-in.
HOFFMAN: ... [A question to John Baker]: The other Marketplace product, ... business data provided by TriNet, is now being offered on CD by another vendor. Will the same thing happen with the individual data?
BAKER: ... No. The business data that TriNet provided ... after the Marketplace product ceased [was] acquired by another provider of business information called American Business Lists. They have used some of the technology in Lotus Marketplace Business to sell their own business information directly to their customers. There's been no ... activity on our part or, to my knowledge, on Lotus' part to revive a Marketplace Households type of product. And we don't intend to be involved in one.
May I? As a prag-vocate, I'd like to ask a question. [laughter]
HOFFMAN: Who do you want to address it to?
BAKER: Simon, I think. I have no problem with extremists, and I have no problem with getting into arguments. But what I'd like to hear instead of ... generalized arguments and frustration are specific proposals on how to make things better, and ones that you can weave in some realism - or not as you see fit. But those are the things we'd like to respond to.
DAVIES: That's just the sort of language that I was referring to. [laughter] ... I'll remember this wherever I go. You see his is a problem that privacy is very much an issue of unrealism as it is of realism. If the people of America have a bad feeling, they surely shouldn't be forced to quantify that feeling just because lawyers or people with vested interests decide that that is going to be the arbitrator of whether the feeling is right or wrong. [applause]
And I know I personally am tired of people trying to justify their ... anti-privacy position by saying, "Oh, well, if you're so good, if you're so right, then be realistic about it. Quantify your concerns."
What I would like to say - [from] my so-called extreme position - is that principles of privacy will hold even if the heavens fall. ...As far as I'm concerned, privacy is a cornerstone of human rights and it will stay that way and I don't care about financial interests. I'm sorry about that, John. [applause]
BAKER: It's not financial interests I'm speaking of, and I don't disagree that privacy is going to be an important cornerstone issue in any case. What I want to know is, "What are the specific proposals to right the wrongs in the various areas where you see ... privacy principles have not been applied properly?"
HOFFMAN: OK. Audience, we're going to let you make up your mind on this particular sub-debate amongst yourself. Marc, since you're a panelist, I give you 20 seconds to say whatever you're going to say.
ROTENBERG: Three things quickly. One, I share Willis Ware's frustration but I also have a sense of optimism about the ability to make change if people are willing to make change. That's the first point.
The second point is that tomorrow night we will have a chance to discuss these issues in more detail when the U.S. Privacy Council meets for the first time publicly. We hope many of you will be there.
Third, for Mr. BAKER: "What are your plans for using the Social Security number in the 1990s?"
HOFFMAN: OK, if you want to get an answer to that, you'll have to do it in the hall because I consider that in the "Have you stopped beating your wife?" category. [laughter] But let's go on. Evan?
HENDRICKS: ... First of all, I disagree with a lot of what Equifax does, but I think we should salute at least John Baker [and] Marty Abrams of TRW for coming here and at least having the guts to address the issues. [applause]
The real problem is, "Where's the rest of [the personal information] industry?" What do we have to do to get them to pay attention to this issue? You have to have some sort of regulation pending that's going to hit them in the pocketbook and that's the only way you get them active. Other than that, they're just not going to give a damn.
HOFFMAN: ... Thank you very much. You've been a great audience. [applause] .
Return to CFP'91 Index page.
Return to the CPSR home page.
Send mail to webmaster.
Created before October 2004