THIS SEARCH THIS DOCUMENT THIS CR ISSUE GO TO Next Hit Forward Next Document New CR Search Prev Hit Back Prev Document HomePage Hit List Best Sections Daily Digest Help Doc Contents
He's demanding language that would mean a Citigroup banker, say, couldn't tell a Citigroup insurance agent that Mr. Jones is a hot insurance prospect--unless Mr. Jones gives his permission in writing first. Mr. Shelby threatens to withhold his crucial
[Page: S14539] GPO's PDF
To inflict this inconvenience on Mr. Jones is weird enough: He has already volunteered to have a relationship with Citigroup. But even weirder is the urge to cripple a law whose whole purpose is to modernize an industry structure that forces consumers today to chase six different companies around to get a full mix of financial services. In essence, financial products all do the same thing: shift income in time. You want to go to college now based on your future earnings, so you take out a loan. You want to retire in 20 years based on your present earnings, so you get an IRA. And if a single cry goes up from modern man, it's ``Simplify my life.''
A vote last Friday seemed, to put Mr. Shelby's peeve to rest. Under the current language, consumers would have an ``opt out'' if they don't want their information sh ared. But Mr. Shelby won't let go, and joining his chorus are Ralph Nader on the left, Phyllis Schlafly on the right and various gnats buzzing around the interest-group honeypot.
He claims to be responding to constituent complaints about telemarketing, not to mention a poll showing that 90% of consumers respond favorably to the word ``privacy.'' Well, duh. Consumers don't want their information mad e available indiscriminately to strangers. But putting up barriers to free exchange inside a company that a customer already has chosen to do business with is a farfetched application of a sensible idea.
Mr. Shelby was a key supporter of language that would push banks to set up their insurance and securities operations as affiliates under a holding company. Now he wants to stop these affiliates from talking to each other. Maybe he's just confused, but it sounds more like a favor to Alabama bankers and insurance agents who want to make life a lot harder for their New York competitors trying to open up local markets.
--
Growing Compatibility Issue: Computers and User Privacy San Francisco, March 2--The Intel Corporation recently
blinked in a confrontation with privacy
adv ocates protesting the company's plans to ship its newest generation
of microprocessors with an embedded serial number that could be used to identify
a computer--and by extension its user.
But those on each side of the dispute acknowledge that it
was only an initial skirmish in a wider struggle. From computers to cellular
phones to digital video players, everyday devices and software programs
increasingly embed telltale identifying numbers that let them interact.
Whether such digital fingerprints constitute an imminent
privacy thr eat or are simply part
of the foundation of advanced computer systems and networks is the subject of a
growing debate between the computer industry and privacy gro ups. At its heart is a
fundamental disagreement over the role of electronic anonymity in a democratic
society.
Privacy gro
ups argue fiercely that the merger of computers and the Internet has brought the
specter of a new surveillance society in which it will be difficult to find any
device that cannot be traced to the user when it is used. But a growing alliance
of computer industry executives, engineers, law enforcement officials and
scholars contend that absolute anonymity is not only increasingly difficult to
obtain technically, but is also a potential threat to democratic order because
of the possibility of electronic crime and terrorism.
``You already have zero privacy--ge t over it,'' Scott McNealy,
chairman and chief executive of Sun Microsystems, said at a recent news
conference held to introduce the company's newest software, known as Jini,
intended to interconnect virtually all types of electronic devices from computer
to cameras. Privacy adv ocates
contend that software like Jini, which assigns an identification number to each
device each time it connects to a network, could be misused as networks envelop
almost everyone in society in a dense web of devices that see, hear, and monitor
behavior and location.
``Once information
bec omes available for one purpose there is always pressure from other
organizations to use it for their purposes,'' said, Lauren Weinstein, editor of
Privacy For um, an on-line
journal.
This week, a programmer in Massachusetts found that
identifying numbers can easily be found in word processing and spreadsheet files
created with Microsoft's popular Word and Excel programs and in the Windows 95
and 98 operating systems.
Moreover, unlike the Intel serial number, which the
computer user can conceal, the numbers used by the Microsoft programs--found in
millions of personal com
puters--cannot be controlled by the user.
The programmer, Richard M. Smith, president of Phar Lap
Software, a developer of computer programming tools in Cambridge, Mass., noticed
that the Windows operating system contains a unique registration number stored
on each personal com puter in a
small data base known as the Windows registry.
His curiosity aroused, Mr. Smith investigated further and
found that the number that uniquely identifies his computer to the network used
in most office computing systems, known as the Ethernet, was routinely copied
to, each Microsoft Word or Excel document he created.
The number is used to create a longer number, known as a
globally unique identifier. It is there, he said, to enable computer users to
create sophisticated documents comprising work processing, spreadsheet,
presentation and data base information.
> Each of those components in a document needs a
separate identity, and computer designers have found the Ethernet number a
convenient and widely available identifier, he said. But such universal
identifiers are of particular concern to privacy adv ocated because they could be
used to compile information on
individuals from many data bases.
``The infrastructure relies a lot on serial numbers,'' Mr.
Smith said. ``We've let the genie out of the bottle.''
Jeff Ressler, a Microsoft product manager, said that if a
computer did not have an Ethernet adapter then another identifying number was
generated that was likely to be unique. ``We need a big number, which is a
unique identifier,'' he said. ``If we didn't have, it would be impossible to
make our software programs work together across networks.''
Indeed, an increasing range of technologies have provisions
for identifying their users for either technical reasons (such as connecting to
a network) or commercial ones (such as determining which ads to show to Web
surfers). But engineers and network designers argue that identify information is a vital aspect of modern
security design because it is necessary to authenticate an individual in a
network, thereby preventing fraud or intrusion.
Last month at the introduction of Intel's powerful Pentium
III chip, Intel executives showed more than a dozen data security uses for the
serial number contained electronically in each of the chips, ranging from
limiting access to protecting documents or software against piracy.
Intel, the largest chip maker, had recently backed down
somewhat after it was challenged by privacy adv ocates over the identity
feature, agreeing that at least some processors for the consumer market would be
made in a way that requires the user to activate the feature.
Far from scaling back its vision, however, Intel said it
was planning an even wider range of features in its chips to help companies
protect copyrighted materials. It also pointed to software applications that
would use the embedded number to identify participants in electronic chat rooms
on the Internet and thereby, for example, protect children from Internet
stalkers.
But in achieving those goals, it would also create a
universal identifier, which could be used by software applications to track
computer users wherever they surfed on the World Wide Web. And that, despite the
chip maker's assertions that it is working to enhance security and privacy, ha s led some privacy adv ocates to taunt Intel and
accused it of a ``Big Brother Inside'' strategy.
They contend that by uniquely identifying each computer it
will make it possible for marketers or Government and law enforcement officials
to track the activities of anyone connected to a computer network more closely.
They also say that such a permanent identifier could be used in a similar
fashion to the data, known as ``cookies,'' that are placed on a computer's hard
drive by Web site to track the comings and goings of Internet users.
PUTTING PRIVACY ON
THE DEFENSIVE
Intel's decision to forge ahead with identity features in
its chip technology may signal a turning point in the battle over privacy in the electronic age. Until now,
privacy con cerns have generally
put industry's executives on the defensive. Now questions are being raised about
whether there should be limits to privacy
in an Inernet era.
``Judge Brandeis's definition of privacy was `the right to be left alone,'
not the right to operate in absolute secrecy,'' said Paul Saffo, a researcher at
the Institute for the Future in Menlo Park, Calif.
Some Silicon Valley engineers and executives say that the
Intel critics are being naive and have failed to understand that all devices
connected to computer networks require identification features simply to
function correctly.
Moreover, they note that identifying numbers have for more
than two decades been a requirement for any computer connected to an Ethernet
network. (Although still found most widely in office settings, Ethernet
connections are increasingly being used for high-speed Internet Service in the
home via digital telephone lines and cable modems.)
All of Apple Computer's popular iMac machines come with an
Ethernet connection that has a unique permanent number installed in the factory.
The number is used to identify the computer to the local network.
While the Ethernet number is not broadcast over the
Internet at large, it could easily be discovered by a software application like
a Web browser and transmitted to a remote Web site tracking the identities of
its users, a number of computer engineers said.
Moreover, they say that other kinds of networks require
identify numbers to protect against fraud. Each cellular telephone currently has
two numbers: the telephone number, which can easily be changed, and an
electronic serial number, which is permanently put in place at the factory to
protect against theft or fraud.
The serial number is accessible to the cellular telephone
network, and as cellular telephones add Internet browsing and E-mail
capabilities, it will potentially have the same
Other examples include DIVX DVD disks, which come with a
serial number that permits tracking the use of each movie by a centralized
network-recording system managed by the companies that sell the disks.
FEARING THE MISUSE OF ALL THOSE NUMBERS
Industry executives say that as the line between
communications and computing becomes increasingly blurred, every electronic
device will require some kind of identification to attach to the network
Making those numbers available to networks that need to
pass information or to find a
mobile user while at the same time denying the information to those who wish to gather
information int o vast data bases
may be an impossible task.
Privacy adv
ocates argue that even if isolated numbers look harmless, they are actually
harbingers of a trend toward ever more invasive surveillance networks.
``Whatever we can do to actually minimize the collection of
personal dat a is good,' said
March Rotenberg, director of the Electronic Privacy Inf ormation Cen ter, one of three groups
trying to organize a boycott of Intel's chips.
The groups are concerned that the Government will require
ever more invasive hardware modifications to keep track of individuals. Already
they point to the 1994 Communications Assistance for Law Enforcement Act, which
requires that telephone companies modify their network switches to make it
easier for Government wiretappers.
Also, the Federal Communications Commission is developing
regulations that will require every cellular telephone to be able to report its
precise location for ``911'' emergency calls. Privacy gro ups are worried that this
feature will be used as a tracking technology by law enforcement officials.
``The ultimate danger is that the Government will mandate
that each chip have special logic added'' to track identifies in cyberspace,
said Vernor Vinge, a computer scientist at San Diego State University. ``We're
on a slide in that direction.''
Mr. Vinge is the author of ``True Names'' (Tor Books,
1984), a widely cited science fiction novel in the early 1980's, that forecast a
world in which anonymity in computer networks is illegal.
Intel executives insist that their chip is being
misconstrued by privacy gro ups.
``We're going to start building security architecture into
our chips, and this is the first step,'' said Pat Gelsinger, Intel vice
president and general manager of desktop products. ``The discouraging part of
this is our objective is to accomplish privacy. > That
quandry--that it is almost impossible to compartmentalize information for one purpose so that it
cannot be misused--lies at the heart of the argument. Moreover providing
security while at the same time offering anonymity has long been a technical and
a political challenge.
``We need to find ways to distinguish between security and
identity,'' said James X. Dempsey, a privacy exp ert at the Center for Democracy
and Technology, a Washington lobbying organization.
So far the prospects are not encouraging. One technical
solution developed by a cryptographer, David Chaum, made it possible for
individuals to make electronic cash payments anonymously in a network.
In the system Mr. Chaum designed, a user employs a
different number with each organization, thereby insuring that there is no
universal tracking capability.
But while Mr. Chaum's solution has been widely considered
ingenious, it has failed in the marketplace. Last year, his company, Digicash
Inc. based in Palo Alto, Calif., filed for bankruptcy protection.
``Privacy nev
er seems to sell,'' said Bruce Schneier, a cryptographer and a computer industry
consultant. ``Those who are interested in privacy don 't want to pay for it.''
Privacy Isn
't Dead Yet
It seems self-evident that information abo ut your shoe size does not
need to be as well guarded as information
abo ut tests ordered by your doctor. But with the Federal and state
governments' piecemeal approach to privacy pro tection, if we release information abo ut one facet of our lives,
we inadvertently expose much about the others.
During Senate hearings in 1987 about Robert Bork's fitness
to serve as a Supreme Court justice, a reporter found out which videotapes Mr.
Bork rented. The response was the enactment of the Video Privacy Pro tection Act. Another law
prohibits the Social Security Administration (but hardly anybody else) from
releasing our Social Security numbers. Still other laws limit what states can do
with information tha t we provide
to motor vehicle departments.
Congress is now seeking to add some more panels to this
crazy quilt of narrowly drawn privacy
law s. The House recently endorsed a bill to prohibit banks and
securities and insurance companies owned by the same parent corporation from
sharing personal med ical
information. An d Congress is
grappling with laws to prevent some information abo ut our mutual-fund holdings
from being sold and bought as freely as hot dogs.
But with superpowerful computers and vast databases in the
private sector, personal inf
ormation can 't be segmented in
this manner. For example, in 1996, a man in Los Angeles got himself a store
card, which gave him discounts and allowed the store to trace what he purchased.
After injuring his knee in the store, he sued for damages. He was then told that
if he proceeded with his suit the store would use the fact that he bought a lot
of liquor to show that he must have fallen because he was a drunkard.
Some health insurers try to ``cherry pick'' their clients,
seeking to cover only those who are least likely to have genetic problems or
contract costly diseases like AIDS. Some laws prohibit insurers from asking
people directly about their sexual orientation. But companies sometimes refuse
to insure those whose vocation (designer?), place of residence (Greenwich
Village?) and marital status (single at 40-plus?) suggest that they might pose
high risks.
Especially comprehensive privacy inv aders are
``cookies''--surveillance files that many marketers implant in the personal com puters of people who visit
their Web sites to allow the marketers to track users' preferences and
transactions. Cookies, we are assured, merely inform marketers about our wishes
so that advertising can be better directed, sparing us from a flood of junk
mail.
Actually, by tracing the steps we take once we gain a new
piece of information, co okies
reveal not only what we buy (a thong from Victoria's Secret? Antidepressants?)
but also how we think. Nineteen eighty-four is here courtesy of Intel, Microsoft
and quite a few other corporations.
All this has led Scott McNealy, the chairman and chief
executive of Sun Microsystems, to state, ``You already have zero privacy--ge t over it.'' This pronouncement
of the death of privacy is
premature, but we will be able to keep it alive only if we introduce
general, all-encompassing protections over segmented ones.
Some cyberspace anonymity can be provided by new
technologies like anti-cookie programs and encryption software that allow us to
encrypt all of our data. Corporate self-regulation can also help. I.B.M., for
example, said last week that it would pull its advertising from Web sites that
don't have clear privacy pol
icies. Other companies like Disney and Kellogg have voluntarily agreed not to
collect information abo ut
children 12 or younger without the consent of their parents. And some new
Government regulation of Internet commerce may soon be required, if only because
the European Union is insisting that any personal inf ormation abo ut the citizens of its
member countries cannot be used without the citizen's consent.
Especially sensitive information sho uld get extra protection.
But such selective security can work only if all the other information abo ut a person is not freely
accessible elsewhere.
[Page: S14540] GPO's PDF
--
--
THIS SEARCH THIS DOCUMENT THIS CR ISSUE GO TO
Next Hit Forward Next Document New CR Search
Prev Hit Back Prev Document HomePage
Hit List Best Sections Daily Digest Help
Doc Contents