The Hundredth Window: Protecting Your Privacy and Security in the Age of the Internet

Overview

Privacy, whether we like it or not, has gone public. We are only just beginning to recognize how the Internet has redefined the relationship between our private lives and the public sphere. Every time we personalize a Web site, join a mailing list, or purchase a book or CD online, we open our lives to an ever-widening data network that offers us scant protection from the prying eyes of corporations, governments, insurance companies, or criminals. Has the e-commerce revolution permanently eroded all personal ...

See more details below
Other sellers (Paperback)
  • All (10) from $14.45   
  • New (8) from $14.45   
  • Used (2) from $18.67   
Sending request ...

Overview

Privacy, whether we like it or not, has gone public. We are only just beginning to recognize how the Internet has redefined the relationship between our private lives and the public sphere. Every time we personalize a Web site, join a mailing list, or purchase a book or CD online, we open our lives to an ever-widening data network that offers us scant protection from the prying eyes of corporations, governments, insurance companies, or criminals. Has the e-commerce revolution permanently eroded all personal boundaries, or is it still possible to protect one's personal information in an increasingly wired world?
Charles Jennings and Lori Fena have devoted their careers to this question, most notably as the founders of TRUSTe, the leading privacy assurance and monitoring organization on the Internet. They have been instrumental in developing standards for judging how Web sites use and protect the personal information they collect, and they have advised numerous corporations who recognize that trust is the key to economic growth and expansion in the e-commerce world.
Security experts often say that if you put bars across ninety-nine of your windows but leave the hundredth window open, the invaders can still get in. For computer privacy, then, the question becomes, How can you best monitor that hundredth window? Jennings and Fena answer that question by providing a comprehensive guide to privacy and security in today's fast-moving online world, identifying winning and losing strategies for users and businesses alike. They argue that with so much information about us accessible through the Internet, we now need to think of privacy less as an inalienable right and more as a personal skill to be practiced and sharpened regularly. And for companies doing business on the Web, they demonstrate the critical importance of ensuring a private and secure environment for one's customers.
The Hundredth Window is also an invaluable source of useful information for every citizen of the World Wide Web. Jennings and Fena offer their readers:

  • An unsparingly honest assessment of how many popular Web sites handle privacy protection
  • Guidelines for evaluating a site's trustworthiness
  • Tips and tricks for protecting your private information while surfing online
  • Strategies to avoid being followed on the Internet
  • An advance look at likely new technologies that could put your privacy at risk

Far from predicting the death of privacy, Jennings and Fena provide the tools and the perspective that will enable us all to preserve our privacy as we enter the twenty-first century, enabling us to enjoy the many benefits that the Internet can offer.
Read More Show Less

Editorial Reviews

From the Publisher
Esther Dyson From the Foreword [The Hundredth Window] lays out, eloquently and in detail, the range of issues that comprise personal privacy in the age of the Internet. It is clear that the concept of privacy, the threats to it, and the means to achieve it are all changing as a result of our new computer-based lives. The world will never be a perfect place, but with the kinds of warnings and solutions that Charles Jennings and Lori Fena describe, we will be able at least to move it in the right direction.

Francis Fukuyama author of The Great Disruption and Trust: The Social Virtues and the Creation of Prosperity The Hundredth Window will make you sit up and realize that the Internet, like all highways, can convey bad things as well as good, and that your privacy and security may well be in jeopardy as you browse. Charles Jennings and Lori Fena show that trust in cyberspace is ultimately a matter of people, not technology, and they give readers loads of practical advice on how to use the Internet safely.

N.J. Nicholas, Jr. former chief executive officer, Time Warner Charles Jennings and Lori Fena call for a new kind of integrity in our new information economy — integrity in the use of personal data. They show how vulnerable we all are in this age of the Internet and why it is essential that businesses develop new and higher standards of privacy protection. Every business leader should read this book.

Topher Neumann chairman, Center for Trust Online, Ernst & Young, LLP The Chinese have a saying: "The sky is high and the emperor is far away." This is not true on the Internet. The Hundredth Window challenges us to consider how close the emperor is to our every move and how powerful are compounding data overlays of our lives. Charles Jennings and Lori Fena give us the tools to think critically about the new challenges of living in the connected age.

Christine A. Varney, partner, Hogan & Hartson, LLP; former commissioner, Federal Trade Commission Charles Jennings and Lori Fena have provided the first roadmap to navigating the digital age without unknowingly compromising your privacy. They help us understand the trade-offs between privacy and personalization, and how to make choices that work. In what is likely to be the most important work you'll read on privacy on the Net, you'll be frightened, excited and empowered, and you'll never surf the same again.

Trudy Pelzer

The Hundredth Window, by Charles Jennings and Lori Fena, tells Internet end users what they can do to protect their own privacy, and what they can pressure others to do. Alas, the answer in both cases is "not a heck of a lot." Jennings and Fena have some clear and good ideas, but they involve compromises or concessions. I don't know how they keep their enthusiasm bubbling.

Here's the problem:

"So this brings us to the jumbled state of the Internet privacy game board as we find it today: public concern about privacy is rising; privacy advocates are working hard to build flexible new privacy protection schemes into the grid; some merchants are posting and adhering to clearer, stronger privacy policies and moving toward higher standards of privacy protection in their internal systems; other merchants are going for all the PII [Personally Identifiable Information] they can get, inside the law; and true bad actors are secretly stealing data and lying (if they say anything at all) about their PII collection and distribution practices."

That sentence is too long, and too general. This sort of bumf appears several times in the book, but we just have to tolerate it. When Jennings and Fena get down to cases and names, they supply enough to convince us that things are bad and could get worse. The cases include Newham (a London borough monitoring public areas with closed circuit TVs coupled to facial recognition software), Hotmail (an Internet service whose security holes affected millions of emails), Voyeur Dorm (the Tampa "co-eds" who exchange their privacy for a fee), and a dozen more.

The common case is the Internet user who blunders blissfully through a world of cookies, come-ons, snoopers, and PII sellers or buyers. Several chapters end with tips for such users. For example: with Netscape, use control-O rather than the top-of-window form to insert a new URL -- that way Netscape won't track the history. Hmmm, actually that tip didn't work with my Netscape copy. I guess I should have followed another tip first: Update Your Browser.

The other way to attack the problem is to force ISPs or browser-makers or web-site suppliers to upgrade their privacy rules. Jennings and Fena discuss some of the US legislation in this field, such as the Child Online Protection Act. In the end, though, they prefer cooperation to legislation. They say we should place our faith in voluntary initiatives by an industry that's goaded by its consumers' pressures. That's a controversial point, because Jennings and Fena have associations with TRUSTe.

TRUSTe is a non-profit organiztion that takes money from major industry players like Microsoft and RealNetworks. In return, TRUSTe is supposed to certify that these players adhere to agreed standards. Self-policing is fine, the American Medical Association or the Better Business Bureau work on similar principles. What's not so good is that TRUSTe is so small, it can't afford to lose individual members. As a result, TRUSTe has been the victim of a few well-reported embarrassments. Jennings and Fena don't mention them. And yet, there is no evidence that their positions influence their point of view. I know they could benefit from their beliefs, but I can't see what else they could believe, given the evidence.

Some trivial errata: Al Gore invented the Internet but not the term "information superhighway", an English village's commons field was not at its public square, voyeurdorm.com wasn't "sent packing" and is still in business, and J. Crew's privacy policy looks as good as Land's End's (probably they updated it since the book went to the printer). Finally, I'll gripe that the World Wide Web's P3P initiative deserved more coverage.

For an alternative view, you could try Simson Garfinkel's Database Nation (O'Reilly & Associates, 2001). Garfinkel would prefer to see more government action, and has a somewhat darker view of the corporate world. Trying to pick whose predictions are better is somewhat like picking whether Huxley's Brave New World predicted better than Orwell's 1984 -- a topic that all privacy discussions must bring up. I pick The Hundredth Window over Database Nation, because it's less gloom-and-doomy. Even so, it's no fun reading. If democracy and freedom don't affect your work, feel free to skip it.
Electronic Review of Computer Books

Publishers Weekly - Publisher's Weekly
Despite the increasingly sophisticated software designed to insure privacy online, there is an astonishing lack of security, report Jennings and Fena, cofounders of Truste, a company involved in promoting Internet privacy. According to the authors, any information transferred over the Internet can easily be accessed by hackers, criminals and private businesses. (The hundredth window refers to the notion that if you lock 99 out of 100 windows, a thief will enter the 100th.) The book explains in detail how Web site marketers, service firms and recreational sites obtain and use consumer information. While future federal legislation may provide more protection, it is up to consumers to actively protect their personal data for now. According to the authors, the Web sites with the best privacy policies include Yahoo, Excite, IBM and Playboy, while sites such as J. Crew and Penthouse do little to reassure online visitors that their privacy is being protected. Jennings and Fena suggest looking for Web sites that prominently display their privacy policies and advise against posting full names in e-mail addresses. While it offers a solid overview on the issue of online privacy, the book is likely to be more valuable to consumers than companies. (May) Copyright 2000 Cahners Business Information.|
Kirkus Reviews
A well-meaning but ultimately sketchy study that tackles the problem of maintaining privacy in the ever-developing world of the Internet. The title refers to the theory that, even if you have bars and locks on 99 of your 100 windows, only one left open and unguarded will put you at risk. The authors, cofounders of the Internet watchdog group TRUSTe, paint a scary portrait. Individuals are being monitored electronically every minute of the day, they claim, via e-mail, chat groups, cellular telephones, and illicit spy-cams that feed unauthorized video onto the Net. The Internet has evolved from a noncommercial arena into one that is largely driven by e-commerce, and this has led to the growing importance of data collection on individuals—known as PII ("personally identifiable information")—in order to capture tastes, values, and behavior of consumers. Anyone can click onto a website and thus unwittingly become an identifiable piece of data—to be passed around and used by companies, the government, or individuals. While PII collection has enabled e-commerce to offer helpful customized goods and services, the relatively easy access to personal information can lead to harassment, identity theft, online fraud, racial profiling, and other dangers. Because of modern computing systems' flaws and the rapid development of the Internet, the authors admit that it is hard to offer solutions to the privacy issue. They do offer some useful tips and tricks (such as suggesting that you create an online identity that is separate from your e-mail address and do not reply directly to spammers), and there is a chapter that ranks the ten companies with the best privacysites.Articles in the appendix show how Big Brother is indeed watching over us. A warning and a foreshadowing of what will ultimately be a major issue in the years to come within the electronic world.
Read More Show Less

Product Details

  • ISBN-13: 9780743254984
  • Publisher: Free Press
  • Publication date: 4/7/2003
  • Pages: 304
  • Product dimensions: 5.90 (w) x 9.00 (h) x 0.80 (d)

Meet the Author

Charles Jennings is the co-founder of TRUSTe and of the Internet firms Preview Systems, GeoTrust, and Supertracks. He lives in Portland, Oregon.

Read More Show Less

Read an Excerpt

Chapter One: Invasion of the Data Snatchers
I fear the loss of my obscurity. Genuineness grows best in the dark.
Aldous Huxley
A generation or two ago, the data of daily life, to the extent that it was recorded at all, was "entered" on file cards and bond paper, stored in snap-ring binders and file cabinets, and kept under lock and key. Copying information required the use of carbon paper — and considerable human effort. A real-time commercial transaction meant pulling cash from your wallet and collecting the change. The only identifying number the typical American had was a social security number — a nine-digit code that was generally kept in strictest confidence, in accordance with the strong privacy guarantees of the initial social security program. Even as late as the 1960s, before computers were networked, the only individual transactions recorded on a daily basis were ones that involved financial credit, taxes, or governmental benefits.
Today, social security numbers are used everywhere, from schools to stock brokerages, to track you through life. Credit cards leave a wide trail of purchase records. Copying information is as easy as point and click, cut and paste. The data of daily life — your daily life — is collected at supermarkets, at the workplace, over phone networks, at the drugstore, and at every website you visit. And these are just the hot spots.
List marketers, credit profilers, information brokers, and other legal vendors make a business out of collecting and trading electronic data profiles of you. They participate actively in what amounts to a thriving online flea market for PII. It is your data — personal facts about you — that are being bought and sold. That's the best-case scenario. The worst case is that the information in your personal data profiles is not really about you, but accidentally about someone else. If that person has a criminal past, a poor credit history or a habit of posting hate messages on the Web, you are in for trouble.
There is so much electronic information collection going on in our lives that we have become quite accustomed — even numb — to it all. But recall your grandparents' lives for a moment, lives lived without direct mail, e-mail, or credit cards; lives lived in an era when personal behavior was at most a matter of local gossip, not a widely accessible public record. And then join us as we imagine a typical day in your thoroughly modern life.
7:00 a.m. Wake up, turn up heat, take shower, dry hair, make and drink coffee, use up remaining milk in refrigerator.
You can still wake up at home with some expectation of privacy. You know that your shower, at least, is private. Chances are no one is monitoring the simple tasks you perform in order to get ready for the day.
7:47 a.m. Log onto the Internet to check news and stock portfolio; check e-mail on personal account.
Now you have plunged into the data zone, where every move you make will be captured in a computerized system. Your identity travels the Net with you, leaving a solid, easily traceable trail. Every click of your mouse is being recorded somewhere far, far from your hard drive, and every transaction you complete will be stored and analyzed.
8:31 a.m. Turn down heat, open/close garage door, depart house.
The local utility may be specifically monitoring your heat consumption in order to run its systems more efficiently and to anticipate high-load periods. If you use an electronic garage door system, anyone with appropriate equipment can monitor its use — from a distance — to determine when you leave home, though this requires hard-core electronic surveillance. As you drive off from your house, your car's trip computer records the start of today's journey.
9:10 a.m. Drive into the city, use E-ZPass automatic toll payment to make commute faster.
In New York as well as many other major metropolitan areas, toll collection has become automated through systems such as E-ZPass. However, as this system speeds you through the toll booth, your car is being identified and information about your whereabouts is being collected and stored. New York City police detectives have successfully subpoenaed this information and used it as evidence in court. (Cars are moving billboards containing a critical piece of PII — your license plate number.)
9:12 a.m. Answer cell phone in car regarding a hot new business deal.
At first the cell phone cuts out, of course, as you cross the bridge. But then you reconnect, perhaps aware that cell phone transmissions and receptions are recorded for billing purposes, but probably not caring in the least. But then you realize that cell phone calls can be intercepted. While that possibility is somewhat remote, you shudder at the thought that a business reporter might be lurking in the sea of traffic alongside you, ready to eavesdrop on your call. The thought passes, and you hit the speed dial to return the call.
9:30 a.m. Have breakfast meeting with prospective customer; pick up the bill with a credit card.
The credit card companies — the banks as well as the payment processors — are some of the biggest collectors of personal data about you. Plastic is often handier than cash, and sometimes it is essential, but it is never anonymous. Credit card data warehouse operators are expert at mining information about what you buy to better understand your behavior as a consumer. This can result in directing marketing efforts that target your likes and dislikes — but this information is not in any way regulated, and nothing precludes it from being sold to whoever wants to buy it. The biggest privacy leak in most people's lives can be found in their wallets, where they keep their credit cards.
10:46 a.m. Go into office building, use electronic badge to enter parking area, building, restroom, and work area.
Electronic badges, like E-ZPass and cell phones, can locate you in a particular place at a particular time. So can the video cameras in the parking lot, elevator, and building lobby, all of which are now online in a closed-circuit network, with feeds to both a security control room and the executive suites. Ostensibly, this data is owned and held in confidence by your employer for security purposes only. But this data can be used for other purposes as well, such as in job reviews and employee disputes. Incidentally, alarm systems that require you to punch in a specific personal identification number, or PIN, to gain entrance also store a record of your coming and going.
11:10 a.m. Check/send e-mail from work account; log onto Internet to research the competition and gain access to analyst reports.
Not only are Internet access providers collecting information about your every online click, your employer may also be doing the same — and legally it is within his or her rights to do so if you are using your system at work. So beware! (And please stay off those porno sites when you're at work — it could be embarrassing when the boys in the server room check your log sheets.) Also, e-mail records have been used extensively in legal actions — and have even bitten the grand titan of software, Bill Gates — so understand that what you dash off in an electronic note lingers on, perhaps forever.
1:38 p.m. Go to Amazon.com to buy a book, and recommend it to a client's management team.
Amazon.com has established itself as the premier online vendor of books, in part by offering personalized service. This is accomplished by collecting information about your likes and dislikes regarding particular titles and comparing these with the likes and dislikes of the countless others who frequent their site. (The process is known as "collaborative filtering" and involves a set of cutting-edge technologies that are being used increasingly in e-commerce.) The Amazon folks do post a privacy policy on their site and try for the most part to behave like a responsible, privacy-sensitive merchant, but nonetheless, the company's databases contain a great deal of personal information about the subject matter that most interests you and stimulates you. This information in some ways is even more sensitive than the more generic payment data that a credit card company records — and in at least one controversial program, Amazon did use this information to disclose publicly what books were most popular among employees of certain well-known companies.
2:00 p.m. Participate in business alliance conference call using a teleconference service bridge.
Many of the phone companies that provide this type of teleconferencing service require you to provide your identity to access the call — for security reasons. It is worth noting that this information is logged into these companies' database systems and can be accessed if required by the purchaser of the service or by law enforcement officials.
4:10 p.m. Use your always-on Internet access at work to visit an online wedding registry, in order to make it easy for friends and family to buy gifts online for the big wedding.
Getting married soon? No problem — there are many websites ready to come to your rescue and help you prepare all the details. Many such sites require that you enter virtually your whole life story before you can be listed in their nuptial registry. Moreover, when people purchase gifts for you via the registry, the site operators get a very accurate profile of your friends and family as well. Whenever entering detailed personal information via the Internet, regardless of how seemingly innocuous the purpose, be sure to read the site's privacy policy to understand how the information you are providing is to be used. The way to do this is to search for a link (usually on the home page) that says "privacy policy." Read this policy! If it claims that the site operators can, essentially, do whatever they please with your data, you might be well advised to look for an alternative. (Here's the kind of language in a privacy policy to avoid: "In an effort to bring you more exciting offers from our partners, we reserve the right, from time to time, to share information about you with these partners....")
6:15 p.m. Log onto favorite travel site to purchase tickets and select seat for upcoming business trip.
The proliferation of new travel services on the Internet is a direct result of the low cost of entry into this field and the relatively low cost to operate and maintain such a site, compared to a bricks-and-mortar travel agency. In this highly competitive arena, the ability of travel retailers to gather and analyze information about your travel patterns is an important competitive asset. This information is often resold to carriers within the travel industry but can also be used to gauge your relative wealth and amount of leisure time. This kind of information is gold to the direct marketing industry — and online travel agencies can and do trade this gold in order to expand their margins. Traveler, beware.
7:30 p.m. Review, edit, and put final touches on upcoming speech; e-mail presentation to conference organizers for reproduction.
Companies that run conferences generally keep copies of your presentation for their files and distribute them to conference attendees as well. Some conferences actually publish presentations on their website. This may not be a problem, but it is helpful to remember that your ultimate audience could include competitors or investors.
8:17 p.m. Exit building, using badge to exit prepaid underground parking.
It's the end of another high-voltage day. Somewhere, someone knows what time you left the building. In fact, he or she may even have noticed how tired you looked as you passed the networked security camera.
8:35 p.m. Stop in at grocery store to pick up milk and Häagen-Dazs ice cream; use discount card and make a quick cash purchase.
Many people don't realize that a supermarket discount card is more than just a convenient substitute for coupons. The computerized scanning systems linked to your personal discount card capture information that your grocery can use to maintain a profile of you and your family — one that includes all your eating and drinking habits. This information is valuable to others as well, such as insurers, employers, and direct marketers. Do you really want total strangers to know about that fondness of yours for pinot noir?
9:10 p.m. Collapse in easy chair; order dinner from Waiters online.
You should not be surprised when your friendly gourmet delivery service addresses you by name when they pick up the phone, anticipates your usual order, and offers to bill it to your Visa card (which they have on file). The incredible convenience of instant, customized service comes to you courtesy of the caller ID feature in the phone system, which in turn is hooked up directly to Waiters-on-Wheels's customer file and credit card billing system. They know your dinner routine better than you do. Tonight, when the waiter arrives, he asks, "Would you like us to call your cell phone at the usual time while you're on your way home, just to make it a little easier?" Over the seared ahi and saffron rice, prepared just the way you like it, you begin to wonder if perhaps these waiters know you a bit too well.
10:43 p.m. Log onto an Internet health site to research father's illness; request information.
Although you know the information you are requesting is for your father, the site owners don't. The pharmaceutical company that sponsors the site receives your information and sends the materials you requested to your postal address. What you don't realize is that you are now entered in their records as a person who possibly has a troublesome illness and, therefore, may be a potential customer. If the pharmaceutical company also resells its database to insurance companies, they and other data brokers may miss the nuance inherent in the phrase "may have this illness." They might not even have any idea of how the information in the database was compiled. Two months later, though you are a healthy thirty-seven-year-old woman, you receive a free sample of an herbal supplement that is reputed to help treat prostate cancer.
11:34 p.m. Call your phone message service to arrange a 7:00 a.m. wake-up call; turn in for the night.
Your first data log of the day ahead has already been recorded.

The modern information landscape has indeed changed greatly from that of our grandparents. Try as we might, we can no longer avoid the scrutiny of the data collectors, even if we avoid using that most obvious of data-entry tools, the computer keyboard. Computers and sensors are now embedded in the most mundane environments, and data is frequently collected about us without our volunteering it. To the many skills required to successfully make your way on life's journey, add one more: personal privacy protection.
Every day, millions of everyday people — the amateurs, let's call them — willingly provide personally identifiable information about themselves to the data collection pros. This information may include a name, a phone number, an address (home, business, or e-mail), and any number of other unique identifiers (social security number, credit card number, driver's license number, even the image of a face, retina, or set of fingerprints) — but it must have at least one such identifying element to be useful. To be true PII, the information must always contain a hook — a way to snag and reel in the unique identity of an individual human being.
PII hooks can be found in all sorts of information files. Imagine a massive computer directory, with thousands of electronic file folders, each containing a specific PII profile. The information in the files could be about anything from college grades to stock trades — but every scrap of data in the files would come with a PII string attached. In this meta-directory, you might find, in a random perusal, such folders as Driving Records, Reading Habits; Gambling Histories; Records of Disciplined Soldiers, Attitudes about Abortion; Telephone Records; Airline Travel Preferences, Genetic Profiles, Conference Attendees, Asthma Sufferers, Purchasers of Palm Pilots, Mortgage Holders, Subscribers to Playboy Magazine, and on and on. When we speak of PII profiles, these are the kinds of categories that such profiles contain (though not all categories will be found in each profile).
While there is no single PII profile system, the advent of electronic computer networks is currently creating something quite similar: linked access among the many different computer directories that currently store PII. More and more PII-tagged information is being entered, stored, and traded via a common electronic grid. And the pros — along with another group we'll meet later, the cons — are getting better and better at using this grid for all kinds of purposes.
The real news about PII — about the collection and use of information about you — is that its use is compounding. Like the interest on a long-term debt, personal information that has made its way into the hands of the data collection pros feeds upon itself and grows exponentially. The more that is known about you — and the more pros who know about you — the easier it is for the next pro to learn still more. Connect the dots between the PII folders labeled "Home Phone Numbers," "Buyers of Outdoor Clothing," "Websites Visited," and "Truck Owners," and a gun merchant is able to build a new file called "Potential Buyers." Soon he is on the phone, calling people whom he suspects support the Second Amendment, drive pick-ups, and wear "camo" windbreakers. And this is a relatively benign example. Connect the dots between "Women Drivers Under Twenty-One" — a database that contains home addresses — with "Lingerie Buyers" and "Online Sex Chat Visitors," and you get quite a different picture. It is this ability to connect, with electronic ease, dozens to literally thousands of isolated bits and pieces of information about an individual human being that is dramatically changing the rules and raising the stakes of privacy protection in modern society.
Exchanges of PII take place via a variety of electronic and nonelectronic means, in virtually every segment of modern life. Amazingly, they often happen almost subconsciously. We want money from a cash machine; we want service from a doctor; we want product warranty protection for a new purchase; we want to visit a news site on the Web; we want a discount on groceries — so we provide information about ourselves. We barely stop to think about where this information about us is going, who will get it, where or how long it will be stored, what it will be used for, or generally what the consequences may be.
Yet make no mistake: there are consequences — potentially serious ones. Such as when personal, private, confidential financial information obtained from information brokers is used by phone solicitors to convince elderly citizens they need phony annuities. When the mother of a stillborn child receives birthday greetings from direct marketers for several years on the anniversary of her child's death. When the age and e-mail address of a ten-year-old is obtained online by a convicted sex offender. When detailed home phone records of a CEO are purchased over the Internet by a competitor. Or when a youthful indiscretion, a past disease, a reckless e-mail, or even a data-entry error by some unseen, unknown person enters the public digital record forever, and brands someone, accurately or inaccurately, for life.
Perhaps you are aware of the risks of modern society's ravenous hunger for facts about you. After all, you have chosen to read a book about privacy, so your awareness of privacy issues is likely well above average. But even so, do you, practically speaking, know how to manage your own personal privacy in the data exchanges of everyday life? Do you know how to take advantage of the growing online marketplace for goods, services, information, and entertainment, without being compromised by the equally robust online market for personal data?
These are the horns of the modern privacy dilemma. Privacy matters — but how much? Personal data is sensitive, but where are the lines to be drawn between privacy and accountability? Information is power, and information about specific people is very powerful, but what precisely should be the limits of its use in business and trade? No one knows, and few agree.
There is little true consensus in the business and technology world about how matters of personal privacy should be handled, and there are no simple answers to the tough privacy questions being raised by new information technology. The sooner a common consensus is reached, however, the better. Without one, privacy issues will become a major obstacle to continued growth in the electronic marketplace.
The payoffs of privacy policy consensus, and the risks of not achieving one, are compounding almost daily. Indeed, the whole personal privacy landscape has as least temporarily turned into a kind of shambles — an Alice in Wonderland game that nearly everyone plays, but according to a hodgepodge, random set of rules. Perceptive observers — a group that includes the CEOs of Microsoft, IBM, and McGraw-Hill and the chairman of the Federal Trade Commission — understand that this state cannot continue. It's far too unstable.
Consider the following data points:

  • Polls are showing privacy concerns at an all-time high. (See box, pages 37-38.)
  • The United States and Europe are in the midst of a serious trade disagreement over how personal data is to be collected and managed.
  • Privacy policies of individual companies vary tremendously, as does compliance with these policies (largely self-generated and self-enforced).
  • Privacy preferences vary tremendously among individuals as well (the Internet spectrum is from the cleverly anonymous to people who proudly webcast their entire lives — including their most personal moments — on their sites).
  • Courts around the world are awarding significant damages to consumers and Internet users over claims of privacy violation. (See the article on US Bancorp in Appendix B.)
  • Over one hundred new privacy laws were introduced in the 105th (1997-98) U.S. Congress, nearly four times the number introduced in the 1993-94 session.
  • New technologies of data collection, Internet monitoring, online surveillance, data mining, automatic mailing, personal searching, and identity spoofing are rolling out into the electronic marketplace every month.
  • Personalized, customized products and services over the Internet — most of which require users to provide more personal information than they ever have given to companies before — are creating one of the hottest growth sectors in the entire economy.
  • Networked databases, the applications that store and manage personal information, are becoming more powerful, more intelligent, and more interoperable. But much more significant is the fact that PII is moving from proprietary databases out into the clear on the Internet — a trend that may have profound privacy implications.
  • The rising use and increased durability of private company e-mail is creating both serious human resource concerns and significant legal liabilities for corporations.
  • "Legitimate" information brokering — the buying and selling of personal information — is now a billion-dollar industry in the United States.
  • Illegitimate identity theft aided by online technologies has been cited by the FBI as one of the fastest-growing white-collar crimes in America.
  • Parents, students, law enforcement officials, AIDS and cancer patients, gynecologists, politicians, film stars, multimillionaires, and anyone ever divorced — to name just a few special categories of note — are becoming increasingly sensitive about specific privacy risks they now face because of electronic data sharing.
  • And not surprisingly, public polling also shows that average citizens are becoming extremely confused and anxious because of all of the above.

If you are dealing with privacy issues today in business, you and your company should understand that privacy can no longer be ignored. Governments are getting restless, consumers are strongly pro-privacy in opinion polls (if not yet consistently in the voting booth or the marketplace), and many of your competitors will likely be using privacy positioning soon as a competitive advantage. Internal privacy policies governing company-to-employee relations will also become increasingly important for employee recruiting and retention and for legal risk management. Over 80 percent of Net users in a recent survey said they would like to see companies require privacy training for all employees. Bottom line: privacy management is a new core competency you must have. If your company does not yet have a privacy policy "owner" who is knowledgeable about privacy issues and empowered to manage them, get one soon.
For government officials, our advice is: keep one foot on the gas and the other on the brake. Continue to respond to rising public concern about privacy by focusing on the most obvious problem areas — such as children's privacy and identity theft. Rattle the saber of regulation, but use it sparingly. Avoid slowing down Internet commerce, which is much more dependent than you might realize on free-flowing, chaotic marketplace experimentation. Before thinking too seriously about managing privacy in the marketplace, manage it first in all government operations (government databases often being the easiest, cheapest source of personal information). But understand that personal privacy will continue to be a major social and political issue in the decades ahead. And stay up to date — privacy is a dynamic, evolving field.
If you are collecting PII as an Internet outlaw, hacker, con man, or online peeping tom, look out. As the privacy heat rises, you'll be the first to pay the price. Fun-and-games time is over. Expect a massive new commitment to fighting info-terrorism and cyber-crime in the very near future. Even minor data thieves may get swept up in the net.
For everyone else — consumers, citizens, Net surfers, parents, etc. — the first thing to realize is that, for all practical purposes, personal privacy is no longer a right, but a skill. Your government — even if you live in privacy-sensitive Europe — will fall far short of offering full protection. Technology is moving too fast. When you interact with an electronic network, you are venturing into strange new territory where facts about you stick like flies to flypaper. Read the signposts — especially company privacy policies as posted on the Internet. If you find your personal privacy being attacked by some online menace, look for help.
Learn as much as you can about how data is collected and used in this new online environment: from now on it's going to be an increasing part of your life. Never give out personal information frivolously — unless you like having companies and people know as much as possible about you. And especially, "vote" for privacy whenever possible by supporting trustworthy merchants with strong, clear privacy policies and practices.
There. That's the easy part.

Tips and Tricks for Chapter 1
Lie. When in doubt about the trustworthiness or integrity of a website operator, if user registration is required, lie. A survey by Boston Consulting Group for TRUSTe revealed that fibbing tended to be a very popular response from users when they were asked to give PII to a website. Although we don't endorse wholesale lying as a practice, we do believe it is a good strategy when you are uncertain of a site's policies. And don't feel too bad if you do fudge your identity a bit — you will not be alone: 30-40 percent of online registration info given over the Web is bogus!
Tell the truth. When you do find a company or website you trust, be as open and honest as you can, especially when such information can help provide you with better, more personalized service. MyExcite or MyYahoo, for example, have a great deal of information about the authors' highly personalized needs for information about privacy and technology — and even know our zip codes (in order to personalize our weather reports). Failing to give correct information to Excite or Yahoo! — known to us to be trustworthy information partners — would be foolish.
Create an alias. The same Boston Consulting Group survey cited above also revealed that many Internet users had set up a system of false identities for e-mail purposes. The idea was to give out one particular e-mail-address alias whenever registering at a website (especially when registering at a site likely to do considerable direct marketing), while keeping another main identity for friends, family, and business associates. As this e-mail box fills up with promotional inquiries, you can track how companies use and resell the addresses they collect.
Seed the market. "Seeding" is a monitoring practice used by privacy assurance organizations such as TRUSTe. The idea is to seed the marketplace with a specific set of unique identities that can be uniquely traced to a single information transaction. If Bill Gates wanted to see if America Online really protected his personal privacy, what he might do is register only at AOL as Willie X. Gates, while putting in correct data everywhere else. In this way, whenever he encountered this particular name — in spam e-mail, in junk mail, or in a telemarketer's call — he would know precisely where it came from. This can be a good way to discover the sources of your own PII leaks, online or otherwise.
Firewalls: they aren't just for geeks anymore. In the corporate computing world, firewalls are security systems intended to protect an internal company network against unauthorized entry from the outside. Now firewalls are available for your home computer, too.
Some security suites, including WRQ's AtGuard 3.1 and Aladdin Knowledge Systems' eSafe Protect Desktop 2.1, come equipped with firewall capabilities that let you control access to your PC from other computers. To activate these firewalls, these programs will ask you to create rules describing who can have access to your computer, when they can use it, and what types of activities are permitted.
Erase your steps. Most modern Web browsers store a list of the Web pages you've recently visited. This information is stored in the History files and cache. Maybe you want to keep this info away from snoops.
Here's how to erase these entries:
Netscape Communicator. Go to the Edit menu and click Preferences. Then click again on Preferences, and an expanded menu will appear. Choose Cache. Select Clear Disk Cache, and all URLs in the cache will be erased. To clear the History window, choose Preferences from the Edit menu, click the Navigator category, and then click Clear History.
Microsoft Internet Explorer. To empty the History folder, go to the Tools menu. Choose Internet Options, and then click on Clear History. To clear the cache, open Windows Explorer and access the directory C:files and mark all files for deletion.

Read More Show Less

Table of Contents

Contents
Foreword by Esther Dyson
Introduction

1 Invasion of the Data Snatchers
2 The Hundredth Window
3 Something Digital This Way Comes
4 Privacy and Net Culture: Sex, Spies, and Video-Scrape
5 The Datanet Rules
6 From E-Commerce to Information Economies
7 Who Can You Trust?
8 The Privacy Game
9 Private Lives, Public Networks: The Next 500 Years
Appendix A:
Playing It Safe on the Web: Consumer Dos and Don'ts
Appendix B:
Online Privacy Violation Incidents
Notes
Glossary
Index

Read More Show Less

First Chapter

Chapter One: Invasion of the Data Snatchers I fear the loss of my obscurity. Genuineness grows best in the dark.
-- Aldous Huxley

A generation or two ago, the data of daily life, to the extent that it was recorded at all, was "entered" on file cards and bond paper, stored in snap-ring binders and file cabinets, and kept under lock and key. Copying information required the use of carbon paper -- and considerable human effort. A real-time commercial transaction meant pulling cash from your wallet and collecting the change. The only identifying number the typical American had was a social security number -- a nine-digit code that was generally kept in strictest confidence, in accordance with the strong privacy guarantees of the initial social security program. Even as late as the 1960s, before computers were networked, the only individual transactions recorded on a daily basis were ones that involved financial credit, taxes, or governmental benefits.

Today, social security numbers are used everywhere, from schools to stock brokerages, to track you through life. Credit cards leave a wide trail of purchase records. Copying information is as easy as point and click, cut and paste. The data of daily life -- your daily life -- is collected at supermarkets, at the workplace, over phone networks, at the drugstore, and at every website you visit. And these are just the hot spots.

List marketers, credit profilers, information brokers, and other legal vendors make a business out of collecting and trading electronic data profiles of you. They participate actively in what amounts to a thriving online flea market for PII. It is yourdata -- personal facts about you -- that are being bought and sold. That's the best-case scenario. The worst case is that the information in your personal data profiles is not really about you, but accidentally about someone else. If that person has a criminal past, a poor credit history or a habit of posting hate messages on the Web, you are in for trouble.

There is so much electronic information collection going on in our lives that we have become quite accustomed -- even numb -- to it all. But recall your grandparents' lives for a moment, lives lived without direct mail, e-mail, or credit cards; lives lived in an era when personal behavior was at most a matter of local gossip, not a widely accessible public record. And then join us as we imagine a typical day in your thoroughly modern life.

7:00 a.m. Wake up, turn up heat, take shower, dry hair, make and drink coffee, use up remaining milk in refrigerator.
You can still wake up at home with some expectation of privacy. You know that your shower, at least, is private. Chances are no one is monitoring the simple tasks you perform in order to get ready for the day.

7:47 a.m. Log onto the Internet to check news and stock portfolio; check e-mail on personal account.
Now you have plunged into the data zone, where every move you make will be captured in a computerized system. Your identity travels the Net with you, leaving a solid, easily traceable trail. Every click of your mouse is being recorded somewhere far, far from your hard drive, and every transaction you complete will be stored and analyzed.

8:31 a.m. Turn down heat, open/close garage door, depart house.
The local utility may be specifically monitoring your heat consumption in order to run its systems more efficiently and to anticipate high-load periods. If you use an electronic garage door system, anyone with appropriate equipment can monitor its use -- from a distance -- to determine when you leave home, though this requires hard-core electronic surveillance. As you drive off from your house, your car's trip computer records the start of today's journey.

9:10 a.m. Drive into the city, use E-ZPass automatic toll payment to make commute faster.
In New York as well as many other major metropolitan areas, toll collection has become automated through systems such as E-ZPass. However, as this system speeds you through the toll booth, your car is being identified and information about your whereabouts is being collected and stored. New York City police detectives have successfully subpoenaed this information and used it as evidence in court. (Cars are moving billboards containing a critical piece of PII -- your license plate number.)

9:12 a.m. Answer cell phone in car regarding a hot new business deal.
At first the cell phone cuts out, of course, as you cross the bridge. But then you reconnect, perhaps aware that cell phone transmissions and receptions are recorded for billing purposes, but probably not caring in the least. But then you realize that cell phone calls can be intercepted. While that possibility is somewhat remote, you shudder at the thought that a business reporter might be lurking in the sea of traffic alongside you, ready to eavesdrop on your call. The thought passes, and you hit the speed dial to return the call.

9:30 a.m. Have breakfast meeting with prospective customer; pick up the bill with a credit card.
The credit card companies -- the banks as well as the payment processors -- are some of the biggest collectors of personal data about you. Plastic is often handier than cash, and sometimes it is essential, but it is never anonymous. Credit card data warehouse operators are expert at mining information about what you buy to better understand your behavior as a consumer. This can result in directing marketing efforts that target your likes and dislikes -- but this information is not in any way regulated, and nothing precludes it from being sold to whoever wants to buy it. The biggest privacy leak in most people's lives can be found in their wallets, where they keep their credit cards.

10:46 a.m. Go into office building, use electronic badge to enter parking area, building, restroom, and work area.
Electronic badges, like E-ZPass and cell phones, can locate you in a particular place at a particular time. So can the video cameras in the parking lot, elevator, and building lobby, all of which are now online in a closed-circuit network, with feeds to both a security control room and the executive suites. Ostensibly, this data is owned and held in confidence by your employer for security purposes only. But this data can be used for other purposes as well, such as in job reviews and employee disputes. Incidentally, alarm systems that require you to punch in a specific personal identification number, or PIN, to gain entrance also store a record of your coming and going.

11:10 a.m. Check/send e-mail from work account; log onto Internet to research the competition and gain access to analyst reports.
Not only are Internet access providers collecting information about your every online click, your employer may also be doing the same -- and legally it is within his or her rights to do so if you are using your system at work. So beware! (And please stay off those porno sites when you're at work -- it could be embarrassing when the boys in the server room check your log sheets.) Also, e-mail records have been used extensively in legal actions -- and have even bitten the grand titan of software, Bill Gates -- so understand that what you dash off in an electronic note lingers on, perhaps forever.

1:38 p.m. Go to Amazon.com to buy a book, and recommend it to a client's management team.
Amazon.com has established itself as the premier online vendor of books, in part by offering personalized service. This is accomplished by collecting information about your likes and dislikes regarding particular titles and comparing these with the likes and dislikes of the countless others who frequent their site. (The process is known as "collaborative filtering" and involves a set of cutting-edge technologies that are being used increasingly in e-commerce.) The Amazon folks do post a privacy policy on their site and try for the most part to behave like a responsible, privacy-sensitive merchant, but nonetheless, the company's databases contain a great deal of personal information about the subject matter that most interests you and stimulates you. This information in some ways is even more sensitive than the more generic payment data that a credit card company records -- and in at least one controversial program, Amazon did use this information to disclose publicly what books were most popular among employees of certain well-known companies.

2:00 p.m. Participate in business alliance conference call using a teleconference service bridge.
Many of the phone companies that provide this type of teleconferencing service require you to provide your identity to access the call -- for security reasons. It is worth noting that this information is logged into these companies' database systems and can be accessed if required by the purchaser of the service or by law enforcement officials.

4:10 p.m. Use your always-on Internet access at work to visit an online wedding registry, in order to make it easy for friends and family to buy gifts online for the big wedding.
Getting married soon? No problem -- there are many websites ready to come to your rescue and help you prepare all the details. Many such sites require that you enter virtually your whole life story before you can be listed in their nuptial registry. Moreover, when people purchase gifts for you via the registry, the site operators get a very accurate profile of your friends and family as well. Whenever entering detailed personal information via the Internet, regardless of how seemingly innocuous the purpose, be sure to read the site's privacy policy to understand how the information you are providing is to be used. The way to do this is to search for a link (usually on the home page) that says "privacy policy." Read this policy! If it claims that the site operators can, essentially, do whatever they please with your data, you might be well advised to look for an alternative. (Here's the kind of language in a privacy policy to avoid: "In an effort to bring you more exciting offers from our partners, we reserve the right, from time to time, to share information about you with these partners....")

6:15 p.m. Log onto favorite travel site to purchase tickets and select seat for upcoming business trip.
The proliferation of new travel services on the Internet is a direct result of the low cost of entry into this field and the relatively low cost to operate and maintain such a site, compared to a bricks-and-mortar travel agency. In this highly competitive arena, the ability of travel retailers to gather and analyze information about your travel patterns is an important competitive asset. This information is often resold to carriers within the travel industry but can also be used to gauge your relative wealth and amount of leisure time. This kind of information is gold to the direct marketing industry -- and online travel agencies can and do trade this gold in order to expand their margins. Traveler, beware.

7:30 p.m. Review, edit, and put final touches on upcoming speech; e-mail presentation to conference organizers for reproduction.
Companies that run conferences generally keep copies of your presentation for their files and distribute them to conference attendees as well. Some conferences actually publish presentations on their website. This may not be a problem, but it is helpful to remember that your ultimate audience could include competitors or investors.

8:17 p.m. Exit building, using badge to exit prepaid underground parking.
It's the end of another high-voltage day. Somewhere, someone knows what time you left the building. In fact, he or she may even have noticed how tired you looked as you passed the networked security camera.

8:35 p.m. Stop in at grocery store to pick up milk and Häagen-Dazs ice cream; use discount card and make a quick cash purchase.
Many people don't realize that a supermarket discount card is more than just a convenient substitute for coupons. The computerized scanning systems linked to your personal discount card capture information that your grocery can use to maintain a profile of you and your family -- one that includes all your eating and drinking habits. This information is valuable to others as well, such as insurers, employers, and direct marketers. Do you really want total strangers to know about that fondness of yours for pinot noir?

9:10 p.m. Collapse in easy chair; order dinner from Waiters online.
You should not be surprised when your friendly gourmet delivery service addresses you by name when they pick up the phone, anticipates your usual order, and offers to bill it to your Visa card (which they have on file). The incredible convenience of instant, customized service comes to you courtesy of the caller ID feature in the phone system, which in turn is hooked up directly to Waiters-on-Wheels's customer file and credit card billing system. They know your dinner routine better than you do. Tonight, when the waiter arrives, he asks, "Would you like us to call your cell phone at the usual time while you're on your way home, just to make it a little easier?" Over the seared ahi and saffron rice, prepared just the way you like it, you begin to wonder if perhaps these waiters know you a bit too well.

10:43 p.m. Log onto an Internet health site to research father's illness; request information.
Although you know the information you are requesting is for your father, the site owners don't. The pharmaceutical company that sponsors the site receives your information and sends the materials you requested to your postal address. What you don't realize is that you are now entered in their records as a person who possibly has a troublesome illness and, therefore, may be a potential customer. If the pharmaceutical company also resells its database to insurance companies, they and other data brokers may miss the nuance inherent in the phrase "may have this illness." They might not even have any idea of how the information in the database was compiled. Two months later, though you are a healthy thirty-seven-year-old woman, you receive a free sample of an herbal supplement that is reputed to help treat prostate cancer.

11:34 p.m. Call your phone message service to arrange a 7:00 a.m. wake-up call; turn in for the night.
Your first data log of the day ahead has already been recorded.


The modern information landscape has indeed changed greatly from that of our grandparents. Try as we might, we can no longer avoid the scrutiny of the data collectors, even if we avoid using that most obvious of data-entry tools, the computer keyboard. Computers and sensors are now embedded in the most mundane environments, and data is frequently collected about us without our volunteering it. To the many skills required to successfully make your way on life's journey, add one more: personal privacy protection.

Every day, millions of everyday people -- the amateurs, let's call them -- willingly provide personally identifiable information about themselves to the data collection pros. This information may include a name, a phone number, an address (home, business, or e-mail), and any number of other unique identifiers (social security number, credit card number, driver's license number, even the image of a face, retina, or set of fingerprints) -- but it must have at least one such identifying element to be useful. To be true PII, the information must always contain a hook -- a way to snag and reel in the unique identity of an individual human being.

PII hooks can be found in all sorts of information files. Imagine a massive computer directory, with thousands of electronic file folders, each containing a specific PII profile. The information in the files could be about anything from college grades to stock trades -- but every scrap of data in the files would come with a PII string attached. In this meta-directory, you might find, in a random perusal, such folders as Driving Records, Reading Habits; Gambling Histories; Records of Disciplined Soldiers, Attitudes about Abortion; Telephone Records; Airline Travel Preferences, Genetic Profiles, Conference Attendees, Asthma Sufferers, Purchasers of Palm Pilots, Mortgage Holders, Subscribers to Playboy Magazine, and on and on. When we speak of PII profiles, these are the kinds of categories that such profiles contain (though not all categories will be found in each profile).

While there is no single PII profile system, the advent of electronic computer networks is currently creating something quite similar: linked access among the many different computer directories that currently store PII. More and more PII-tagged information is being entered, stored, and traded via a common electronic grid. And the pros -- along with another group we'll meet later, the cons -- are getting better and better at using this grid for all kinds of purposes.

The real news about PII -- about the collection and use of information about you -- is that its use is compounding. Like the interest on a long-term debt, personal information that has made its way into the hands of the data collection pros feeds upon itself and grows exponentially. The more that is known about you -- and the more pros who know about you -- the easier it is for the next pro to learn still more. Connect the dots between the PII folders labeled "Home Phone Numbers," "Buyers of Outdoor Clothing," "Websites Visited," and "Truck Owners," and a gun merchant is able to build a new file called "Potential Buyers." Soon he is on the phone, calling people whom he suspects support the Second Amendment, drive pick-ups, and wear "camo" windbreakers. And this is a relatively benign example. Connect the dots between "Women Drivers Under Twenty-One" -- a database that contains home addresses -- with "Lingerie Buyers" and "Online Sex Chat Visitors," and you get quite a different picture. It is this ability to connect, with electronic ease, dozens to literally thousands of isolated bits and pieces of information about an individual human being that is dramatically changing the rules and raising the stakes of privacy protection in modern society.

Exchanges of PII take place via a variety of electronic and nonelectronic means, in virtually every segment of modern life. Amazingly, they often happen almost subconsciously. We want money from a cash machine; we want service from a doctor; we want product warranty protection for a new purchase; we want to visit a news site on the Web; we want a discount on groceries -- so we provide information about ourselves. We barely stop to think about where this information about us is going, who will get it, where or how long it will be stored, what it will be used for, or generally what the consequences may be.

Yet make no mistake: there are consequences -- potentially serious ones. Such as when personal, private, confidential financial information obtained from information brokers is used by phone solicitors to convince elderly citizens they need phony annuities. When the mother of a stillborn child receives birthday greetings from direct marketers for several years on the anniversary of her child's death. When the age and e-mail address of a ten-year-old is obtained online by a convicted sex offender. When detailed home phone records of a CEO are purchased over the Internet by a competitor. Or when a youthful indiscretion, a past disease, a reckless e-mail, or even a data-entry error by some unseen, unknown person enters the public digital record forever, and brands someone, accurately or inaccurately, for life.

Perhaps you are aware of the risks of modern society's ravenous hunger for facts about you. After all, you have chosen to read a book about privacy, so your awareness of privacy issues is likely well above average. But even so, do you, practically speaking, know how to manage your own personal privacy in the data exchanges of everyday life? Do you know how to take advantage of the growing online marketplace for goods, services, information, and entertainment, without being compromised by the equally robust online market for personal data?

These are the horns of the modern privacy dilemma. Privacy matters -- but how much? Personal data is sensitive, but where are the lines to be drawn between privacy and accountability? Information is power, and information about specific people is very powerful, but what precisely should be the limits of its use in business and trade? No one knows, and few agree.

There is little true consensus in the business and technology world about how matters of personal privacy should be handled, and there are no simple answers to the tough privacy questions being raised by new information technology. The sooner a common consensus is reached, however, the better. Without one, privacy issues will become a major obstacle to continued growth in the electronic marketplace.

The payoffs of privacy policy consensus, and the risks of not achieving one, are compounding almost daily. Indeed, the whole personal privacy landscape has as least temporarily turned into a kind of shambles -- an Alice in Wonderland game that nearly everyone plays, but according to a hodgepodge, random set of rules. Perceptive observers -- a group that includes the CEOs of Microsoft, IBM, and McGraw-Hill and the chairman of the Federal Trade Commission -- understand that this state cannot continue. It's far too unstable.

Consider the following data points:


  • Polls are showing privacy concerns at an all-time high. (See box, pages 37-38.)
  • The United States and Europe are in the midst of a serious trade disagreement over how personal data is to be collected and managed.
  • Privacy policies of individual companies vary tremendously, as does compliance with these policies (largely self-generated and self-enforced).
  • Privacy preferences vary tremendously among individuals as well (the Internet spectrum is from the cleverly anonymous to people who proudly webcast their entire lives -- including their most personal moments -- on their sites).
  • Courts around the world are awarding significant damages to consumers and Internet users over claims of privacy violation. (See the article on US Bancorp in Appendix B.)
  • Over one hundred new privacy laws were introduced in the 105th (1997-98) U.S. Congress, nearly four times the number introduced in the 1993-94 session.
  • New technologies of data collection, Internet monitoring, online surveillance, data mining, automatic mailing, personal searching, and identity spoofing are rolling out into the electronic marketplace every month.
  • Personalized, customized products and services over the Internet -- most of which require users to provide more personal information than they ever have given to companies before -- are creating one of the hottest growth sectors in the entire economy.
  • Networked databases, the applications that store and manage personal information, are becoming more powerful, more intelligent, and more interoperable. But much more significant is the fact that PII is moving from proprietary databases out into the clear on the Internet -- a trend that may have profound privacy implications.
  • The rising use and increased durability of private company e-mail is creating both serious human resource concerns and significant legal liabilities for corporations.
  • "Legitimate" information brokering -- the buying and selling of personal information -- is now a billion-dollar industry in the United States.
  • Illegitimate identity theft aided by online technologies has been cited by the FBI as one of the fastest-growing white-collar crimes in America.
  • Parents, students, law enforcement officials, AIDS and cancer patients, gynecologists, politicians, film stars, multimillionaires, and anyone ever divorced -- to name just a few special categories of note -- are becoming increasingly sensitive about specific privacy risks they now face because of electronic data sharing.
  • And not surprisingly, public polling also shows that average citizens are becoming extremely confused and anxious because of all of the above.

If you are dealing with privacy issues today in business, you and your company should understand that privacy can no longer be ignored. Governments are getting restless, consumers are strongly pro-privacy in opinion polls (if not yet consistently in the voting booth or the marketplace), and many of your competitors will likely be using privacy positioning soon as a competitive advantage. Internal privacy policies governing company-to-employee relations will also become increasingly important for employee recruiting and retention and for legal risk management. Over 80 percent of Net users in a recent survey said they would like to see companies require privacy training for all employees. Bottom line: privacy management is a new core competency you must have. If your company does not yet have a privacy policy "owner" who is knowledgeable about privacy issues and empowered to manage them, get one soon.

For government officials, our advice is: keep one foot on the gas and the other on the brake. Continue to respond to rising public concern about privacy by focusing on the most obvious problem areas -- such as children's privacy and identity theft. Rattle the saber of regulation, but use it sparingly. Avoid slowing down Internet commerce, which is much more dependent than you might realize on free-flowing, chaotic marketplace experimentation. Before thinking too seriously about managing privacy in the marketplace, manage it first in all government operations (government databases often being the easiest, cheapest source of personal information). But understand that personal privacy will continue to be a major social and political issue in the decades ahead. And stay up to date -- privacy is a dynamic, evolving field.

If you are collecting PII as an Internet outlaw, hacker, con man, or online peeping tom, look out. As the privacy heat rises, you'll be the first to pay the price. Fun-and-games time is over. Expect a massive new commitment to fighting info-terrorism and cyber-crime in the very near future. Even minor data thieves may get swept up in the net.

For everyone else -- consumers, citizens, Net surfers, parents, etc. -- the first thing to realize is that, for all practical purposes, personal privacy is no longer a right, but a skill. Your government -- even if you live in privacy-sensitive Europe -- will fall far short of offering full protection. Technology is moving too fast. When you interact with an electronic network, you are venturing into strange new territory where facts about you stick like flies to flypaper. Read the signposts -- especially company privacy policies as posted on the Internet. If you find your personal privacy being attacked by some online menace, look for help.

Learn as much as you can about how data is collected and used in this new online environment: from now on it's going to be an increasing part of your life. Never give out personal information frivolously -- unless you like having companies and people know as much as possible about you. And especially, "vote" for privacy whenever possible by supporting trustworthy merchants with strong, clear privacy policies and practices.

There. That's the easy part.


Tips and Tricks for Chapter 1
Lie. When in doubt about the trustworthiness or integrity of a website operator, if user registration is required, lie. A survey by Boston Consulting Group for TRUSTe revealed that fibbing tended to be a very popular response from users when they were asked to give PII to a website. Although we don't endorse wholesale lying as a practice, we do believe it is a good strategy when you are uncertain of a site's policies. And don't feel too bad if you do fudge your identity a bit -- you will not be alone: 30-40 percent of online registration info given over the Web is bogus!

Tell the truth. When you do find a company or website you trust, be as open and honest as you can, especially when such information can help provide you with better, more personalized service. MyExcite or MyYahoo, for example, have a great deal of information about the authors' highly personalized needs for information about privacy and technology -- and even know our zip codes (in order to personalize our weather reports). Failing to give correct information to Excite or Yahoo! -- known to us to be trustworthy information partners -- would be foolish.

Create an alias. The same Boston Consulting Group survey cited above also revealed that many Internet users had set up a system of false identities for e-mail purposes. The idea was to give out one particular e-mail-address alias whenever registering at a website (especially when registering at a site likely to do considerable direct marketing), while keeping another main identity for friends, family, and business associates. As this e-mail box fills up with promotional inquiries, you can track how companies use and resell the addresses they collect.

Seed the market. "Seeding" is a monitoring practice used by privacy assurance organizations such as TRUSTe. The idea is to seed the marketplace with a specific set of unique identities that can be uniquely traced to a single information transaction. If Bill Gates wanted to see if America Online really protected his personal privacy, what he might do is register only at AOL as Willie X. Gates, while putting in correct data everywhere else. In this way, whenever he encountered this particular name -- in spam e-mail, in junk mail, or in a telemarketer's call -- he would know precisely where it came from. This can be a good way to discover the sources of your own PII leaks, online or otherwise.

Firewalls: they aren't just for geeks anymore. In the corporate computing world, firewalls are security systems intended to protect an internal company network against unauthorized entry from the outside. Now firewalls are available for your home computer, too.

Some security suites, including WRQ's AtGuard 3.1 and Aladdin Knowledge Systems' eSafe Protect Desktop 2.1, come equipped with firewall capabilities that let you control access to your PC from other computers. To activate these firewalls, these programs will ask you to create rules describing who can have access to your computer, when they can use it, and what types of activities are permitted.

Erase your steps. Most modern Web browsers store a list of the Web pages you've recently visited. This information is stored in the History files and cache. Maybe you want to keep this info away from snoops.

Here's how to erase these entries:

Netscape Communicator. Go to the Edit menu and click Preferences. Then click again on Preferences, and an expanded menu will appear. Choose Cache. Select Clear Disk Cache, and all URLs in the cache will be erased. To clear the History window, choose Preferences from the Edit menu, click the Navigator category, and then click Clear History.

Microsoft Internet Explorer. To empty the History folder, go to the Tools menu. Choose Internet Options, and then click on Clear History. To clear the cache, open Windows Explorer and access the directory C:\\windows\\temporaryinternet files\\, and mark all files for deletion.

Some software programs go even further. Weberaser (http:// www.weberaser.com/) allows you to specify any file or the contents of any folder on your computer for deletion, erase the most recently used document list from the Start menu, and remove all entries from the Windows Start menu's Run and Find command pull-down lists.

List your phone number, but not your address. When your street address is listed in the phone book along with your phone number, you're leaving the door wide open for junk mailers, pesky phone solicitors, and even more mischievous types. That's because most Internet-based people finders and their CD-ROM-based cousins simply copy telephone directory listings into their databases. Once your name, phone number, and address are stored in such fashion, it's a simple matter for a computer program to gather all names and addresses by zip code and then move it to a mailing list. Combined with Internet dynamic map systems and a GPS-locator in a car, anyone could beat a path to your door in no time.

If you want people to be able to contact you without making your home vulnerable, ask the phone company to list only your phone number in the next edition of their book. Be aware that this may take a while: most phone books come out only once a year, and the cut-off date for listings changes is usually three or four months before new volumes are distributed.

Use a "human" anti-spam cop. Bright Mail is a free spam filtering service that uses a combination of software and real people to evaluate and detect spam being sent to your e-mail box. It shunts offending mail into a Gray Mail folder on your e-mail utility, which you can then read if you wish. More information is available at http://www.brightmail.com/requirements.html.

Copyright © 2000 by Charles Jennings and Lori Fena
Foreword copyright © 2000 by Esther Dyson

Read More Show Less

Reading Group Guide

1. What is your company's policy for personal data collection and usage?

2. Is there an officer of your company responsible for the development and implementation of the company's privacy (or fair information practices) policy?

3. Is there a map or diagram of what personal information is collected or purchased in the course of doing business, where it is stored, who has access, and for what purposes they may access the data?

4. Are all employees aware that the data collection/usage policy exists and trained on what their responsibilities are with respect to the policy?

5. Is there a procedure in place to deal with customer inquiries (or law enforcement inquiries) regarding collection and use of personal data?

6. Are processes in place to communicate your corporate privacy policy to customers, employees, vendors, and marketing partners?

7. Is responsible customer data collection practices part of the product management and marketing program checklist?

8. Is responsible customer data practices part of the due diligence checklist when your company considers acquiring, merging, or a strategic partnership with other companies?

9. How well would you rate your company on fair information practices of notice, consent, access and recourse?

10. Now that you've had a chance to think about personal data collection, what do you think about the current division of responsibility between consumers, companies, and governments?

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)