ARTS & FARCES internet

While it’s clear that our current American president has no privacy, Web privacy in America is quickly boiling down to two competing proposed standards: the Platform for Privacy Preferences (P3P) and the Open Profiling Standard (OPS). Microsoft and Netscape have each endorsed both technologies. Designed to allow individual users to determine how much personal information they disclose to Web sites, both technologies were developed in response to the American government’s policy of industry self-regulation with regard to personal privacy on the Internet.

On May 19, 1998, the World Wide Web Consortium (W3C) released its P3P working draft. P3P enables Web publishers to declare data-collection policies while allowing users to control the amount of personal information they disclose.

When a user visits a P3P-enabled Web site, the site’s data collection and privacy policies are displayed in the user’s browser. Based on the browser’s settings, the Web site automatically logs the user’s privacy preferences regarding what information can be gathered, whether the site is allowed to track the user’s activity, and whether the site is allowed to share the user’s information with third-parties. Each preference is negotiated between the user and the site.

Pasadena, California-based Free PC, Inc. wants to give you a free computer and free Internet connectivity. Like most offers, if it sounds too good to be true, it probably is.

In this case, a “free” PC actually comes at a stiff price—if you value your personal privacy or control of your attention.

Picture yourself in front of your new 333 MHz Compaq Presario with 32 Mb of RAM and a 4 Gb hard disk (plus CD-ROM), connecting to the Net with integrated 33.6 Kbps modem, all displayed on a 15-inch monitor.

All for free.

Well, not really.

We are by nature, curious animals. But what happens when this natural human instinct endowed by our creator to perpetuate the species, now results in employees accessing co-workers’ personnel files simply because they are curious? And perhaps, because they can?

“I’ll keep it confidential, of course,” sounds only too trite for any consolation in an era when privacy is assaulted from so many directions. When information is used in ways other than those for which it was intended and collected, it can more than symbolize information as power.

Middle managers with access to Enterprise Resource Planning (ERP) applications (like those produced by PeopleSoft, SAP, and Baan), are in a position to access fellow employees’ files—and they are appearing to be rather cavalier about it. In the month of August, I actually witnessed an employee of a prominent Twin Cities health care provider inform a fellow employee, that she had accessed her co-worker’s personnel file, via PeopleSoft.

Public outrage has a way of knocking the wind out of misguided misanthropes whenever our collective privacy is threatened. Remember when Lotus quickly withdrew its Marketplace CD-ROM product after thousands of citizens let the company know what it could do with the disc?

A few months ago Lexis-Nexis thought it would be a good idea to let anyone find anyone else’s Social Security number simply by entering a name in a search form within the company’s P-TRAK Personal Locator service. In addition to Social Security numbers, P-TRAK provides up to three addresses, all known aliases, telephone numbers, and maiden names. While there are restrictions on how the government can use Social Security numbers, there are no regulations over private use by organizations or individuals.

It didn’t take long for folks to realize that this was a Bad Idea and let Lexis-Nexis know about it in no uncertain terms. It doesn’t take an advanced degree in rocket science to see immediately just how bad of an idea this is. With someone’s name and Social Security number just about any sort of identification fraud is possible.

In a front page article on July 7, 1996, the Washington Post reported that the use of federal electronic surveillance in general, and telephone wiretaps in particular has nearly doubled during the Clinton administration. In the past, the high cost of wiretaps—more than US$70,000 per month for a federal wiretap—has deterred their use, but in recent years, spending levels on federal law enforcement has risen to levels that remove the cost concerns.

Jim McGee, the Washington Post staff writer who authored the article, quotes the person responsible for approving wiretap applications for the Justice Department as saying that wiretaps rose 32 percent in 1993 and between 30 percent to 40 percent in 1996. By way of contrast, there were 340 federal court orders issued allowing electronic surveillance in 1992—the last year of the Bush administration—and 672 in 1995. Estimates for 1996 are above 700 and the Justice Department has been on something of a shopping spree, adding more electronic equipment (including a US$33 million program to replace single-line wiretapping equipment with new devices that can monitor up to 40 lines at once), surveillance techniques, and personnel.

Alarmingly, these figures do not include any electronic surveillance court orders with regard to “national security” that have also risen at a sharp rate. According to a 1995 report by the administrative office of the U.S. Courts, governmental requests for electronic surveillance have become so commonplace that it’s been years since a prosecutor’s application for a wiretap order has been denied.