Kathleen Hughes

Surveillance Society

"Privacy" makes me think about those diaries that used to come with locks -- my sister had one under all the other papers in her desk. You could jigger them with a safety pin, paper clip or nail file, anything, actually. But the concept was nice. Or I think of how much I hated going door-to-door selling popcorn, cheese, and chocolate to strangers for my elementary school. I think of trying on bathing suits at a skateboard shop while in high school, and the rumor that the guys who owned the shop had planted cameras in the dressing rooms. In other words, privacy was literal and seemed tangible.

Privacy now means that whole companies of strangers know that I, myself, am not apt to buy popcorn, although perhaps cheese and chocolate; they know if they really want to get me, offer the new Patty Griffin CD or a good deal on Adidas Poseidon running shoes, and they'll peg my size. What about the places where privacy is still rather literal, such as the doctor's office or pharmacy? It wouldn't be unprecedented if a non-profit cancer organization started sending solicitations based on prescriptions or records. Or how about this -- when was the last time you looked up some disease or ailment in an online medical encyclopedia, for your own personal use or for, say, a newspaper article? Take leprosy, for example. Unseen Web bugs, cookies, and click-stream monitoring all report that you've been there, and they don't ask why.

Even if you don't use the Internet and thus aren't subject to the surveillance technology that helps e-merchants sell things, a 1993 federal law regulating credit bureaus allows the sale, to anyone, of your name, age, address, phone number, Social Security number, and your mother's maiden name. A new federal law allows banks, insurers, brokers and investment banks to share client information. These same laws help information brokers, with slogans like "No more secrets!," to sell anyone the details of your bank account, unlisted phone number, place of employment, and more. The headline-making consequences of this -- harassment, stalking, murder -- are rare enough that politics and law have yet to catch up with localized outrages.

The far more common result of compromised information, both on the Internet and off, is identity theft, worth about $745 million nationwide in 1997, according to the Secret Service, and credit card fraud. As a result, "privacy" itself is now a hot e-commerce product on Wall Street and in Silicon Valley. Consider the competition among encryption technologies: American Express' disposable credit cards, called Private Payments, and iPrivacy, the transaction-privatizing software start-up staffed by scientists, a venture capitalist, and former Citibank credit card managers.

It's clear that consumers want safe, private on-line credit card transactions. And it's clear, given the growing prominence of anonymous e-mail and Web surfing tools that we're beginning to appreciate the porousness of the Internet. The polls, by Harris, Scripps-Howard, and the Pew Internet and Family Life Project, argue that Americans care more about privacy now than ever before. The topic has become so prevalent in the zeitgeist that the main quest in a fluffy movie like Charlie's Angels is to protect the identity of Charlie, that very secretive man somewhere beyond the speakerphone, and to save "privacy as we know it." Indeed, thanks to Drew, Lucy, and Cameron, privacy has gone Hollywood.

But then there's the presence of Oprah, The Real World, The Truman Show, and their numerous imitators, all evidencing Americans' congenital nosiness and obsession with personal disclosure. Add to this Monicagate, the monitoring of public places by surveillance cameras, and the tenuousness of a woman's right to chose -- which is based on a constitutional right to privacy -- and one wonders if Americans are truly concerned about privacy, in principle, as a civil right. Or is it just our credit cards and bank accounts?

Civil libertarians and privacy advocates are pushing for the former. "We are gradually entering a surveillance society where our innermost thoughts, medical, and financial data are subject to collection and publication and misuse," says Barry Steinhardt, associate director of the American Civil Liberties Union. Providence-based lawyer Robert Ellis Smith, dubbed "the Ralph Nader of privacy," by another watchdog group, the Privacy Foundation, has plenty to write about these days in his portentous, 26-year-old monthly newsletter on privacy issues, Privacy Journal, which, in only a decade's time has seen the number of peer publications triple, from two to six. In Denver, Stephen Keating, executive director of the Privacy Foundation, which monitors privacy-impacting technology, compares the emerging privacy movement to the infancy of environmentalism in the '60s, when consciousness about industrial contamination and gas-guzzling, polluting cars was raised by grassroots organizers before becoming a wider concern.

If the erosion of privacy threatens people's sense of wellness and civil rights in the same way as toxic waste, cars without catalytic converters, and smokestacks without scrubbers, Americans may have to reconsider the way we shop, communicate, and do business. At stake, arguably, is not just our privacy, but the way we understand ourselves, one by one, and in total, as a culture.

The current state of privacy in America results from our obsession with convenience, curiosity, and vanity, each of which we choose over privacy.

Aggressive, privacy-impacting marketing and technology arise in part because we tolerate and even enjoy it. In a contemporary twist on the charming old Main Street grocer who thoroughly knew customers' weekly requirement for provisions, as well as the names, ages, and accomplishments of their children, we are flattered by the personal care and addicted to the convenience spawned by targeted marketing, such as amazon.com's personal recommendation list, even if these are enabled by cookies and click-stream monitoring. Says Amazon's vice president of entertainment, Jennifer Cast, "We continue to focus a lot of development time and effort on improving recommendations and other personalized features, because customers like, value, and use them."

Convenience also ensures the presence in our lives of cordless phones, which are highly susceptible to transmission over other people's phones, radios, CBs, and similar devices. In New York City, a baby monitor inside an apartment will often pick up a cordless telephone conversation in a neighboring apartment, no matter how thick the brick walls. Convenience also prompts people to spy on friends and acquaintances with new tools like Evite, Web bug-equipped electronic invitations that tell a host when guests open e-mail invitations. Despite the discomfort of being intrusive, some users can't resist the technology. "It's something I feel uncomfortable with as a consumer," Jad Duwaik, a networking party organizer, recently told the New York Times. "But as an organizer it's just too useful to give up." Web bug software is also available that can be used by people applying for jobs via e-mail, or anyone else, to know when their electronic messages are opened by a recipient.

In general, as Smith argues in his book, Ben Franklin's Web Site (Privacy Journal), modern technology and the convenience and/or pleasures it provides have come at the cost of privacy. Consider, over the last century, the arrival of the instamatic camera, the telephone, the tape recorder, the moving picture, the computer database, and now, the Internet. What has driven these inventions and their invasive uses, apart from convenience? Curiosity, in part. "We seem to be enamored with the idea of privacy," Smith writes, "but probably more enamored with the idea of learning more and more about our friends and neighbors -- and about the celebrities among us."

To the extent that we satisfy this curiosity in others, via Oprah, chat rooms, and tabloids, we don't mind others' curiosity about ourselves. In fact, says Joshua Gamson, a Yale University sociology professor, we crave such attention. "This is an extraordinarily ocular culture, and one that rewards the looked-at, so it ought not be surprising that lots of people are ready to be watched," Gamson wrote in the American Prospect in November 1998. "Being looked at, being visible, being known about, is a currency."

Another reason that convenience, curiosity, and vanity come before privacy is because the average threat of compromised privacy is so diffuse. All of us who surf the Web are victims of the advertising and marketing technologies that quietly observe surfing and purchasing activity. The most common tool, a "cookie," is a small text file which a Web site deposits on your computer as an identifier (of the computer) and a recorder of preferences and other data while you are on the site. The cookie, once imprinted, customizes subsequent site visits. Navigation and click-stream data are gathered by a third-party computer watching your computer online, following the sites and pages it visits, and tracking the time you spend at each place. These tools keep track of your computer as a number in cyberspace, which connect to an e-mail address. A relatively new technology, a "Web bug," appears as a graphic on a Web page, or in an e-mail message, that is designed to monitor who's reading the Web page or e-mail message -- as with Evite. These bugs, often invisible, can be bought as software and used by anyone. Each of these technologies aim, primarily, to discern how best to market to you.

Outcry tends to arise when the data collected by a particular Web site is then sold to a third party, unbeknownst to the user. A particularly bothersome, yet legal, example would be buying condoms in bulk on a pharmacy Web site and subsequently finding yourself on an S&M solicitation list. To calm consumers, many Web sites now formulate privacy policies, which state how data is gathered, used, and sold. There are also Good Housekeeping-like seals of privacy approval for Web sites, meant to (further) assure consumers of the value and sincerity of the site's privacy statement. The Web sites are periodically monitored to measure their performance. Prices for the seals sold by the two largest privacy seal companies, TrustE and the BBBonline, range from a few hundred to several thousand dollars.

TrustE, whose corporate sponsors are AOL, Excite, Intel, and Microsoft, gives personal information to third-party vendors to help maintain the Web site and it asks those vendors to not use the personal information for anything beyond the TrustE site, with the caveat, "Of course, we cannot guarantee their compliance with these restrictions."

Despite the annoyance of cookies, there's a sense of safety in numbers for the millions of us who surf the Web on a regular basis. This is also the country of Willy Loman, so our principles aren't typically offended by someone simply trying to sell us something. We might find telemarketers and others terribly annoying, even infuriating, yet we accept that aggressiveness is a given in business.

It's similarly difficult for Americans to perceive much of a threat from the use of our Social Security numbers as identifiers, given the population of 262 million Americans, most of whom have these nine-digit numbers. Still, this number links together a large amount of sensitive information -- your medical, insurance, financial, military, legal, and student records -- and is a password for obtaining all this information.

This fact, plus the federal law that allows banks, insurers, brokers and others to share customer information, means a long-term illness could be taken into account when your mortgage is reviewed. In addition, the Federal Trade Commission's 1993 approval of the sale of Social Security numbers made this sensitive information accessible through "information brokers" like find-someone.com and docusearch.com. A blurb for the latter asserts, "This is the information age, and information is power! Controversial? Maybe; but wouldn't you sleep easier knowing a little bit more about a prospective business partner, employee, babysitter, neighbor, or significant other?" Docusearch.com brags that its searches are totally passive -- the person whose information is sought won't have a clue. Given a name, address, SSN, and $249, you can find someone's bank accounts and balances. If you have an actual bank account number, it costs $45 to learn the balance or $99 to get a record of account activity. Driving records, which, they say, "may provide identifying information and insight into a person's character," can be had for $39. For $179, you can find out where someone works.

These information brokers have aided the work of thieves, harassers, and stalkers, as well, of course, of licensed detectives and investigators. For a worst-case scenario, consider what happened to Amy Boyer, a 20-year-old from Nashua, New Hampshire, whose stalker, former high school classmate Liam Youens, used docusearch.com to discover her place of employment. On October 15, 1999, he followed her out of her office parking lot, fatally shot her at close range, and then killed himself. "It's actually obscene what you can find out about a person on the Internet," Youens wrote. Privacy Journal's Smith notes that Boyer's death sparked outrage in New Hampshire about information brokers, yet Congress responded with "a weak bill that would permit the practices to continue."

A more common threat, as newscasts began reminding us in time for holiday shopping, is identity fraud. This occurs when a name, address, and Social Security number are used to get credit cards, driver's licenses, even bank accounts, unbeknownst to the person whose credit is being hemorrhaged. Straightening out the resulting fraud can take years. Citing government estimates, the Associated Press reports that 500,000 Americans are affected each year by identity theft. Perpetrators dig through trash to find credit card offers, buy Social Security numbers from the information brokers, or hack into databases and steal SSNs in quantity. The result? Victims like Shon Boulden, of Hillsboro, Oregon, whose credit was ruined, the AP says, when his Social Security number was illicitly tapped to open numerous bank and retail accounts, and to get car loans, by people using 12 different names.

As troubling as these stories are, the average American may not see them as reason to disrupt our established system of using Social Security numbers. As we appreciate convenience, we also appreciate efficiency. And if there's even a chance that protecting Social Security numbers could decrease the efficiency of the government and increase our taxes, we'd be apt to go with the flow, barring an epidemic of Boyer cases.

So what should we care about, if it's not these rare, catastrophic examples of compromised privacy? Try the Constitution, for starters.

"The Constitution does not explicitly mention any right of privacy," goes the opening line of Section VIII in the Roe v. Wade decision. And yet, the court's opinion continues, there is an innate right to privacy in the Bill of Rights. This innate rights' reinforcement in the First, Fourth, Fifth, Ninth, and Fourteenth amendments might make one feel secure in privacy's protection. But if Roe v. Wade, in 1973, was a high point for the federal assurance of privacy, the decline was quick to come. The 1974 Privacy Act ostensibly protects privacy, for example, but ACLU officials note that the act was weak at the outset and has only grown more so since then.

The Privacy Act came about because of growing recognition of the risks posed by computer databases, and the multipurpose use of SSNs, which wasn't envisioned when the program began 62 years ago. In brief, the law was supposed to prevent secondary uses of personal data, and to mandate measures by data collection businesses to prevent misuse. But since the act became law, the number of official uses for Social Security numbers -- the key to a trove of personal information -- has continued to grow, says Steve Brown, executive director of the Rhode Island ACLU. And, says Brown, the Privacy Act applies only to government agencies. This means that private Web information merchants can sell data, however sensitive, to third parties without explanation or disclosure.

A huge new loophole, and a technology with distinctly Orwellian overtones, is the FBI's new Internet wiretapping program, Carnivore, which takes the form of a black box installed on an Internet service provider (ISP). The program reads every piece of e-mail transmitted through the ISP, although agents are directed, by court order, to only examine a specific user's activities, which could include incoming and outgoing e-mail, surfing, and shopping transactions. The FBI says Carnivore is necessary because of the speed of crime, whether planned or executed, on the Internet.

The problem with Carnivore -- and plenty of people, civil libertarians and politicians, alike, are emphasizing the problems -- is its potential for abuse, because it makes vulnerable each and every piece of e-mail going through, say, America Online or brown.edu. "The bad news is . . . nobody knows that [Carnivore] does what the government claims it would do," James Dempsey, an analyst with the Washington-based Center for Democracy and Technology, told the Washington Post. In July, the House Judiciary committee held related hearings, with testimony from the FBI, Justice Department, and privacy advocates, including Steinhardt and Smith. "I think it's outrageous overkill and arrogance for the FBI to assume they can read masses and masses of e-mail," Smith says. Opponents also note that e-mail is eminently traceable and collectable without such a powerful system.

Carnivore is currently being reviewed by an academic panel, comprised of lawyers and scientists from the Illinois Institute of Technology and the Kent School of Law in Chicago. Other, more prestigious institutions, including MIT, considered participating in the review, but passed because of concerns about possible FBI oversight. Preliminary findings were announced November 21, and, according to National Public Radio, found that Carnivore was effective and safe, but calls for better safeguards against abuse. At stake, Smith says, is nothing less than the Fourth Amendment protection against unreasonable search and seizure. However, given the difficulty of finding someone sufficiently harmed by FBI agents reading e-mail, Smith says, "Political pressure, more than a lawsuit, will coral this thing."

Of course, there are Americans for whom privacy is more of a real and constant concern, and they aren't alarmists, criminals, or privacy professionals. They practice unpopular free speech, such as homosexuality or sadomasochism, or maybe they just prefer to remain sheltered from view. For these Americans, privacy remains truly contested ground. And since the inception of our culture, it has been a basic assumption that law-abiding citizens should not have to worry about unnecessary or excessive invasions, nor about what we say and do in the privacy of our own homes. It's called freedom from unreasonable search and seizure, as well as freedom of speech. These protections are for all of us. And we're choosing, in small yet meaningful ways, to forfeit them.

If it's a stretch to equate a Web site cookie with an unreasonable search and seizure, let's at least understand why. Orwell's 1984 is considered a vital text at a lot of high schools across the country, which suggests we understand the principles that are at stake. We simply have not, in any real plurality, realized that these principles have been at stake, and losing ground, for better than 20 years.

With the Internet, compromises in privacy are happening so much faster -- we entirely miss the stranger coming into our house. If there's an upside to "privacy" as a profitable new business, peddled by American Express, iPrivacy, Hushmail, anonymizer.com, zeroknowledge.com, Microsoft, AOL, and others, it's this: perhaps privacy will become enough of a household commodity that we actually start considering it.

Kathleen Hughes can be reached at khughes@phx.com.