FOR EDUCATIONAL USE ONLY
Virginia Journal of Law & Technology
Spring 2000
BETWEEN BIG BROTHER AND THE BOTTOM LINE: PRIVACY IN CYBERSPACE
Seth Safier [FNa1]
Copyright © 2000 Virginia Journal of Law & Technology; Seth Safier
I. Introduction
*1 On January 25, 1994, in the prepared text of his first State of
the Union Address, President Clinton declared,
We must work with the private sector to connect every classroom, every clinic,
every library, and every hospital in America to a national information
superhighway by the year 2000. Instant access to information will increase
productivity, help educate our children, and provide better medical care and
create jobs, I call on Congress this year to pass legislation to establish the
information superhighway.
*2 In the speech, President Clinton formally introduced the population
to what academics, computer scientists, techies and digerati call
"Cyberspace and the Information Age." Over six years later, as the
technology at the heart of the "information superhighway" continues
to develop at exponential rates, cyberspace, the information age, and the
information superhighway are not so easily defined, [FN1] established or developed, nor
technically or sociologically understood.
II. Cyberspace and The Digital Revolution [FN2]
*3 In the mid-1960s, around the time that the first commercially
successful computer, the IBM 360, was introduced, the business world was one of
file cabinets, carbon copies, Dictaphones, ribbon typewriters and handwritten
receipts and ledgers. Customers primarily bought goods and services with cash
drawn from neighborly tellers on wages earned from local employers. Research
and development were patriotic and the IBM man de rigeur.
*4 Gradually, the research and development began to pay
dividends, and rudimentary photocopiers replaced carbon paper, and cumbersome,
incipient computers and printers replaced ribbon typewriters. File cabinets
eventually gave way to databases, and cash transactions evolved to charge. By
the late 1970s, computers were fixtures in most businesses, and growing numbers
of consumers were buying home computers such as the Apple II, TRS-80 and
Commodore PET. By the 1980's, new computer chip driven technologies were
exploding and heralding the information age. Cellular phones, fax machines,
powerful personal computers, digital databases, electronic cash registers, and
intricate interoperable networking systems bombarded businesses and consumers
alike. By the early 1990s, mail had gone electronic, computing went super,
voice went digital, cable went fiberoptic and "surfing" went from a
board on the ocean to a mouse on a desktop. [FN3]
*5 In a 1992 opinion survey, 79% of Americans agreed that
"computers have improved the quality of life in our society." [FN4] The ubiquity of computers and
networks had drastically affected daily existence in Western societies. Whether
it be computer aided drafting, word processing, just in time manufacturing,
finding point to point directions in less than 30 seconds on the World Wide Web
("Web" or "WWW") or visiting the ATM machine, computers
enhanced efficiency, and consumers understood and appreciated it. Computer
chips had established themselves as the engines driving the age.
*6 With the same speed, however, these technologies and resultant
social changes began to precipitate challenges to individual privacy. [FN5] Just as the advent of the wiretap
created a dilemma for Fourth Amendment jurisprudence in 1928, [FN6] the digitization of records,
parabolic microphones, remote sensing satellites, smartcards, lie detector
tests, genetic fingerprinting, caller-identification, cookie.txt files, [FN7] clickstream data collection, [FN8] "push technologies" and
"intelligent agents" are similarly forcing us to take pause and ask
fundamental questions about cyberspace and the limits of individual privacy.
*7 Due to enhanced processing, retrieval and storage power,
intricate networks and the ubiquity of chip driven technologies, 68% of
Americans surveyed in the same 1992 opinion poll, also agreed that "the
present use of computers represents an actual threat to personal privacy,"
an increase from 1974 and 1978, when only 38% and 37% of Americans,
respectively, agreed with the statement. [FN9] A 1993 public opinion survey
subsequently revealed that 83 percent of Americans were "concerned"
with threats to personal privacy. [FN10] And, a 1995 Louis Harris poll
illustrated that the number of people who were "very concerned" about
privacy had increased almost 50% between 1978 and 1995. [FN11] In recent years, numerous
corporations and governmental organizations, including Lexis-Nexis, [FN12] Blockbuster, [FN13] Lotus Development Corporation,
Equifax Marketing Decision Systems, [FN14] America Online [FN15] and the Social Security
Administration, [FN16] have changed policies, or altered
business decisions, in reaction to public outcry over privacy concerns.
*8 While the collection, processing, use and storage of personal
information in cyberspace may raise pivotal concerns about privacy, if numbers
are accurate indicators, personal information primarily raises revenue. Venture
capitalists are betting big dollars on cyberspace's potential in markets such
as banking, wholesale business transactions, entertainment, retail, investment,
marketing and, even, universal currency. The Internet [FN17] economy is estimated to grow to past
the $1 trillion mark in 2001 and then to $2.8 trillion in 2003. [FN18] A recent study from Ciemax-WEFA, an
economics consulting group, commissioned by the Direct Marketing Association,
indicated that one of every 13 jobs in the United States was the result of
direct marketing sales activity, including jobs designing and selling
advertising, supplying or delivering goods, and selling other support services,
such as customer lists and consumer profiles to direct-response businesses. The
same study revealed that direct marketing sales to consumers reached $630
billion in 1996, up from $458 billion in 1991. Business to business sales were
another $540 billion in 1996, up from $349 billion in 1991. [FN19]
*9 Other than remarkable profit potentials, the common
denominator of these chip-driven technologies--simultaneously improving our
daily lives and threatening our privacy--is that they all function as gateways
to cyberspace. Essentially, cyberspace is the space where digitized information
lives, works and dies. More fundamentally, cyberspace knows few if any physical
limitations; inherently, it is a social construct. Physics does not exist in
cyberspace. Rather, the most comprehensible and malleable limitation in
cyberspace is technology or, in Harvard Law School Professor Lawrence Lessig's
terminology, code. [FN20] Thus, unless it is prohibitively
expensive in terms of cost of storage, time or effect on customer relationships
or unless the cyber transaction has been technologically secured, [FN21] in theory every purchase, page
turned, call made, e-mail sent and key stroked can be archived, stored,
filtered, correlated, networked, regressed, matched, connected, catalogued,
categorized, compared and/or labeled.
*10 As computers and advanced telecommunications networks
increasingly render cyberspace the least restrictive or most efficient medium
in which to collect, process and utilize personal information the world has
ever known, the fundamental concern about privacy in cyberspace becomes the
manner in which the medium, and the technologies driving the medium, permit,
enable and enhance the collection, processing, use and storage of vast amounts
of in-depth, and potentially sensitive, personal information. One need not
think long nor hard regarding the possibilities and implications of new
technology to develop Orwellian visions regarding the capacity of the
Government and, ever increasingly, the private sector to gather, sort and
process massive amounts of information regarding ourselves. Yet, the futility
of eliminating all the information or the efficient means of collecting and
sifting it, must serve as the impetus for a fuller understanding and
potentially more efficient shaping and, perhaps, regulating of the people and
technologies collecting the data, employing the information, and shaping,
building and dreaming about the next technology with which to do so. As always,
the potential is simultaneously exhilarating and terrifying.
III. The Reagan Revolution
*11 As the digital revolution rendered life more efficient, and
traditionally private domains less and less existent, a parallel ideological
revolution was occurring in the minds of the American polity and halls of
government. Arguably, since independence the American political and social
milieu has been ideologically characterized by forceful arguments for
decentralization of government power. Whether the arguments took the Federalist
[FN22] or laissez faire form, historically
Americans have been ill at ease with centralized authority. In practice and
rhetoric, market and individual freedom have been inextricably linked.
*12 However, because of the severity and length of the Great
Depression in the 1930s, government welfare programs and government
intervention in the market both increased significantly. The suffering
experienced in the Great Depression further reinforced popular support for
social welfare programs. For many, the recovery attributable to Franklin D.
Roosevelt's New Deal initiatives established a new found faith in government
regulation of market mechanisms and political support for the establishment of
a mixed economy and the institutionalization of government programs
guaranteeing social insurance and concomitant redistributive or transfer
payments to support those programs. [FN23]
*13 Where the Social Justice movement and the Progressive Era of
the early twentieth-century began to set the tone for liberalism, [FN24] the strong presidencies of Theodore
Roosevelt and Woodrow Wilson gave way to a burst of centralizing legislative
activity which also marked Franklin D. Roosevelt's New Deal, Harry Truman's
Fair Deal and John Kennedy's New Frontier. [FN25] During the period following World
War II, the American political and social order continued to be characterized
by a schizophrenia on a number of national issues such as the relationship of
government to the economy, the proper size of the welfare state, and the scope
of labor power in business. [FN26] But, with the support of the Truman administration,
increasingly labor began to hold sway in the debates surrounding economic
regulation such as tax reform, unemployment insurance, minimum wage and the
continued existence of the Office of Price Administration. [FN27]
*14 Where the post-war period was marked by a burgeoning economy,
[FN28] the 60's were marked by social and
political turmoil and activism. During both periods, government agencies were
established and reorganized at a brisk pace. [FN29] Government found itself funding
higher education through the GI Bill and health and social welfare through
Social Security payments, such as Old Age benefits, Survivors and Disability
insurance, Aid to Families with Dependent Children ("AFDC") and
school lunch programs. Consumer protection legislation spawned public and
private organizations for enforcement. In total, the initiatives, legislation
and government spending combined to cement the growth and institutionalization
of a massive administrative/regulatory state. [FN30]
*15 As Frances Fox Piven and Richard A. Cloward have convincingly
argued, the political and social turmoil and public aid revolt found its
response in Lyndon Johnson's Great Society program and War on Poverty, arguably
the apogee of government intervention. [FN31] Through a mix of new laws and
regulations, Johnson simultaneously gave previously unrecognized groups of
citizens new rights and entitlements and expanded the federal government's role
in protecting and administering those rights and entitlements. Johnson launched
a war on poverty that writer Nicholas Von Hoffman has referred to as the
nation's second Civil War and Reconstruction. [FN32] Johnson secured the passage of the
Voting Rights Act, a fair immigration law, legislation strengthening cancer and
strike research, installed the Medicaid and Medicare programs and tightened
pollution controls. [FN33] These initiatives built upon, and
furthered, the belief that government had a responsibility to protect and play
a larger role in the lives of its citizens. Although marginally diluted by
President Nixon, this basic liberal bent towards welfare interventionism and
market regulation remained extant through the Carter administration. [FN34]
*16 On January 21, 1981, in his inaugural address, President
Ronald Reagan stated, "government is not the solution to our
problem." [FN35] With those words, at a minimum,
Reagan set the stage for the predicament we currently find ourselves in with
regard to privacy rights in cyberspace. According to Reagan, "outside of
its legitimate functions, government does nothing as well or economically as
the private sector." [FN36] Ideologically, Reagan, and the men
around him, believed in rugged individualism, survival of the fittest and the
primacy of an unfettered and unregulated free market to solve the nation's
ills. [FN37] Not since the New Deal had a group
entered office with such a determination to remake the American political and
economic system. Their economic philosophy not only changed the way the economy
had been run in the United States since the New Deal, but was arguably the biggest
development in American economic philosophy since Keynesianism. Over the next
12 years, Reagan and Bush set about dismantling the web of regulation and
bureaucracy spun over the previous six decades.
*17 Throughout the 1980s, Reagan and Bush slashed funding and
curbed the regulatory power of many governmental agencies such as the E.P.A.,
S.E.C., F.C.C. and H.U.D. Reagan and Bush also deregulated and privatized a
number of industries including communications, utilities and transportation.
Rhetorically, at least, the Reagan/Bush era stood for a time of deregulation
and increased distrust of government. [FN38] More importantly, during the
Reagan/Bush era the ideological baseline returned to the laissez faire
individualism of the early twentieth century. Again, free markets were
trumpeted, a resurgence of Social Darwinism rationalized deregulation and
decentralization, and proposing a regulatory solution to negative externalities
became tantamount to political suicide.
IV. Digitarianism
*18 At some point in this narrative, the contemporaneous digital and
Reagan revolutions became intertwined. For better or worse, the confluence of
these revolutions, especially among Netizens and with regard to cyberspace, has
been marked by the emergence of a fervently libertarian political and
ideological culture that is increasingly rhetorically dominant. [FN39] John Gilmore's, "[t]he Net
interprets censorship as damage and routes around it," and Stewart Brand's
"[i]nformation wants to be free," statements became mantras for the
space. Several quotes from the January 1998 issue of Wired magazine, The State
of the Planet 1998, further illustrate the continuing trend and ideological
understanding: "Networks are inherently decentralizing and anti-
hierarchical .... Networks tend to leach power out of traditional institutions,
including electoral politics and the state." [FN40] According to the digitarians,
technology has evolved to the point where government regulation is superfluous.
[FN41] Moreover, in the eyes of both the
cyber-intelligentsia and the average citizen, Big Brother is not to be trusted,
especially, with personal information. At a minimum, it is apparent that
government is no longer welcome to protect personal information from private
entities through legislative initiatives. On a macro level, the conjunction of
the dawning digital revolution, as embodied by cyberspace, and the vestiges of
the Reagan revolution, reveals that the debate surrounding this particular
issue may be indicative of a larger debate surrounding the future of government
regulation in, for want of a better term, the post-technopolitical age. [FN42]
*19 As cyberspace presents so many new legal issues and problems,
it has quickly surfaced as the place where the regulatory debate is most
heated. Yet the traditional regulatory debate has become so recast that it appears
increasingly schizophrenic. For example, when the Clinton administration
attempted to extend government protection to intellectual property rights on-
line, sharp criticism rapidly descended from the both sides of the political
spectrum. Immediately, Wired folk, such as Stewart Brand and John Perry Barlow,
a former lyricist for the Grateful Dead, and right wing intellectuals like
George Gilder of the Manhattan Institute, and Newt Gingrich adviser, found
themselves in the oddest of alliances. [FN43] Even President Clinton, who three
years earlier brazenly called on Congress to pass legislation to establish the
information superhighway and wire every classroom, moderated his
interventionist position and announced a "hands off" policy for
cyberspace. [FN44] Governments, according to Clinton's
new understanding, should not "stand in the way" of the Internet, but
instead they should simply enforce "a predictable, minimalist, consistent
and simple legal environment for commerce." [FN45]
*20 Until this point in the United States, the libertarian
argument, embodied by the industry and digitarian understanding, has
successfully resisted the application of government regulation aimed at
enhancing informational privacy. There can be little doubt that relative to the
informational privacy rights of consumers, our legislators have assigned
greater value to the laissez faire principle and ideology. The comments of
Robert Potsch Jr., a Vice-President and Marketing Law specialist at Doubleday,
illustrate the common foundation of the industry's and legislators' baseline
positions on the existence of privacy rights in personal information. Posch
vehemently argues that protecting consumer privacy is antithetical to the
comprehensive development of cyberspace and the success of the information
intensive industries that support it. He states that "[t]hose advocating
the restriction of aggregate data to satisfy an imagined problem could take us
out of the leadership of the 21st century economy [because] reducing privacy
burdens on the free flow of information is the surest way to stimulate the
information economy." [FN46] Indeed Posch mockingly says
"[privacy is] the ultimate subjective, touchy-feely issue, ... just some
notion of the right to be left alone. Spare me." [FN47]
*21 While the rhetoric and practice of "self
regulation" has carried the debate, it comes at a price to informational
privacy. The result, at least for now, is that we find ourselves caught in a
straightjacket: on balance, we no longer trust government regulation to enhance
much of anything, [FN48] let alone privacy. And,
increasingly, we are rapidly discovering that private industry, and its bottom
line, is not much better. A study released in March 1997, by the Boston
Consulting Group, revealed that 41 percent of Internet users avoided sites that
requested personal information, out of a concern for how the data might be
used. [FN49] According to the 6th annual World
Wide Web survey run by the Graphics, Visualization and Usability Center of the
Georgia Institute of Technology (commonly called the Annual GVU Survey), 70% of
consumers surveyed cited privacy concerns as their primary reason for not registering
demographic information with Websites on the Internet, and 86% of consumers
surveyed expressed a desire to control the use of their demographic
information. [FN50] Another study commissioned by TRUSTe
confirmed these findings. In its study, TRUSTe learned that 78% of individuals
surveyed would feel more comfortable in providing information over the Internet
when visiting sites that provide privacy assurance. [FN51]
*22 Thus, as individuals become more opaque in cyberspace and
companies, employers and governments become more invisible and anonymous, we
begin to perceive and understand the effects of a demise of trust: gone are the
previous generations that grew to trust government and, increasingly, gone are
the consumers and employees that grew to trust corporations, employers and the
invisible hand of the market. As cyberspace is an inherently social construct, [FN52] the most frightening aspect of the
debate may well be that from our position on the cusp of the information age,
and at the end of the Reagan Revolution, where and how we find balance on these
continuums and issues, however, delicate they may be, descends to the level of
debating, defining and assigning value to personal privacy, technological
advancement, economic efficiency and profiteering. The decisions are ours alone
to make; the problems ours to solve.
*23 In a sense, the entire cyber debate might be recast into a
wider debate on post-technological politics. In that regard, any workable
solution to the problem of privacy in cyberspace must be free from the
rhetoric, fears and perceived realities of Big Brother and the bottom line. In
the following, I will argue that while the information we seek to protect may
be binary, the options for doing so are not. In particular, potential solutions
lie beyond the artificially limiting dichotomy that pits governmental
regulatory intervention against laissez faire market solutions. Until we shift
the contemporary debate away from that dichotomy, informational privacy will
erode at the pace of technological development.
*24 To facilitate this arguably more fruitful discussion, I will
begin with an in-depth analysis of the emerging technological methods for
collecting, storing and processing, and using personal information. [FN53] I then argue that the current
regulatory debate and attempts at enhancing informational privacy incorrectly
focus on regulating the use of information. I will use several statutory and
common law proposals and examples to illustrate the deficiencies of focusing on
data use. Thereafter, I will present a proposal for refocusing the regulatory
debate on the collection stage of personal information. By combining the
positive characteristics of market based and regulatory approaches, the
interaction between consumers and the personal information industry will
ideally lead to the realization of the commercial potential of cyberspace while
still maximizing informational privacy. Finally, I will suggest that the
privacy debate in cyberspace is a model for a wider reformulation of the
blurring polarities of governance.
V. A Digital Taxonomy
*25 The collection and use of personal information is not a modern
phenomenon. Historians document that as far back as the eleventh century,
monarchs collected information on their subjects for the purposes of planning
taxation and other state affairs. [FN54] William the Conqueror, for example,
collected information on his subjects in the Domesday Book. [FN55] First, William's assistants
collected information about the subjects via interviews and observation, and
stored this information in the Domesday Book using pen, ink and vellum. His
aides used a ledger system to organize the data. Because they had organized the
raw data, William's servants were able to levy taxes using the information in
the Domesday book. [FN56]
*26 Up until roughly twenty years ago, the collection,
processing, storage and use of personal information was similar to the method
used to compile the Domesday Book. It was time consuming, subject to broad
error and relatively expensive. In fact, other than the means of collection and
modes of processing, little has changed in the method of collecting and
utilizing personal information.
*27 Although modern processes remain similar, contemporary
technological advancements have resulted in greatly enhanced storage capacity,
retrieval speed, processing and utilization of personal information. In fact,
the whole process has become so efficient and integrated that it is often
impossible to separate it into its component parts. For example, online
technologies like Double Click network are capable of rapidly collecting
information (reading a Web site visitor's consumer information and preferences),
processing it (statistically correlating it with existing information), storing
it in databases and using it (supplying the Web site with advertising tailor
fitted to each user's personal profile). [FN57] Like the machine and programs at the
heart of data collection, filtration, storage and utilization, the process is
contingent and iterative, characteristically defying simplistic categorization.
However, analysis of each of the component parts of the personal information
system is still the best way to understand the entire process of information
collection and use.
A. Collection
*28 While the methods of collecting personal information, or data, are
complex and varied, there are essentially two modes by which information or
data is gathered.
1. Traditional Collection
*29 For lack of a better term, I call the first, and foundational,
method, traditional or "ask and answer" collection. Traditional collection
requires an affirmative step on the individual's behalf, which usually insures
that the individual is at least aware that information collection is occurring.
A consumer, employee or citizen, either voluntarily or necessarily, provides
personal information when she registers, applies, enrolls or requests
information, products, services or jobs. [FN58] Information is transferred via a
number of media and usually flows from the consumer, citizen or employee in
writing, orally or by depressing computer keys, telephone dialing pads or touch
screens, often in response to questions or requests for information. The nature
of the information collected and the methods of collection are numerous and
familiar and vary with collector and motivation.
*30 Government, [FN59] for example, gathers a tremendous
amount of information through the traditional method. Virtually all American
citizens and immigrants apply for a Social Security card, visa or green card.
It also assigns other numbers, locators and indicators. Most people over a
certain age have a driver's license, passport or some other form of official
identification. Taxpayers fill out tax forms such as the 1040EZ and W4.
Americans apply for tax extensions, food stamps, Social Security or disability
benefits, financial aid, GI benefits and disaster relief by filling out forms.
They apply to, and enroll in, public elementary schools, state universities and
community colleges. They register for the selective service and some register
to vote. In 2000, the federal government will conduct a census, which will
provide it with volumes of demographic information regarding the religion,
race, age, number of children, socio-economic status and geographic location of
the population.
*31 The government gathers information primarily for the purpose
of administering bureaucratic functions such as Social Security, taxation,
Medicaid, Medicare, transportation, commerce, national security, education and
welfare. A 1986 study by the U.S. Office of Technology Assessment (USOTA)
revealed that 12 government agencies maintained 539 records systems classified
under the Privacy Act, [FN60] which contained more than 3.5
billion records, 60 percent of which were computerized. [FN61]
*32 Private industry, usually corporate entities, also uses
traditional methods of collection. Consumers apply for credit cards, membership
in promotional programs and frequent buyer programs, subscribe to magazines,
register for access to websites and enter contests. Doing so inevitably
requires certain information such as name, address, Social Security number,
place of employment and/or a reference. Consumer surveys and warranty cards
request information about consumer preferences. Magazine subscriptions require
name, address and often age. Registering a new Web browser requires a name or
alias, e-mail address, age or date of birth and a password. Occasionally,
consumers answer long consumer surveys or participate in polls. Sometimes they
are paid for this information with coupons, free tee-shirts, prizes or money
back refunds. Usually, however, if consumers do not provide the information,
they will not be granted privileged use of the service or product.
*33 Moreover, products and services are increasingly becoming
contingent. Certain products and/or services are prerequisites for others,
making the cost of exit or foregoing the product or service higher. [FN62] For example, video rental stores
often require prospective members to provide a credit card number before they
will issue them membership cards. As a result, choosing not to provide
information to credit card issuers could mean that an individual not only does
not have access to a credit card, but also cannot rent movies. Video rentals
are but one example of a contingent service. Others can affect an individual's
career or health insurance.
*34 Until recently, perhaps, the greatest source of personal
information available to corporations and the government was the information
available to them as employers. Employers require employees to fill out
applications, reports, timesheets and surveys for health care, employment,
payroll purposes and employee performance and satisfaction. [FN63] Now, however, the greatest sources
of information are information clearinghouses, list brokers and the like. This
might indicate that buying and selling personal information has proven more
valuable than knowing your employees.
*35 Generally, traditional methods are slow and inefficient.
Filling out a card or bubble sheet and mailing it to an address to be processed
takes time and considerable expense. In addition, the information, or data, is
still raw, and for the most part worthless. After it has been processed,
digitized, or, that is, after it enters cyberspace, the information becomes
more valuable because it is "understood" and inexpensively and
efficiently transferable. Currently, information collected, even via the
traditional method, is rarely collected in raw form. Rather, the information
goes from the consumer's, employee's or citizen's possession directly to
cyberspace via some networked gateway technology such as a computer terminal,
telephone or other numeric keypad. More importantly, once it is digitized,
information derived from small or specialized applications, surveys or
registration forms is combined with more in-depth information previously
collected, such as census information or lengthy consumer surveys.
2. Transaction Generated Information
*36 The second, more efficient method piggybacks on traditional
collection methods. In this process, called transaction generated information
(TGI), the individual interfaces directly with cyberspace through one of a
variety of networked technologies. A person may establish a modem link via a
desktop computer, dial a telephone number, slide a bank card into an ATM,
purchase something such as gas or food with a credit, frequent shopper or debit
card, clock in at work, enter a library with a student identification or even
vote. In the vast majority of these situations, the user, consumer, employee or
citizen has already been through some strain of traditional information
collection. The person might have filled out an application to open a bank
account and received an ATM card, registered at a particular Web site and
received a cookie.txt file or filled out the preference information on their
Web browser, signed up for a frequent shopper, library or Diner's club card,
filed their W2 or Social Security application form, or agreed to have a Nielsen
rating box in their home. Just as each traditional method requires different
information, each transaction varies as to what information is collected, how
it is collected, and to whom or what the information is connected. While
nuanced, TGI is built on the concept of universal identification. [FN64]
*37 Just as consumers identify themselves through, or in contrast
to, certain causes, religions or ideologies, they are identified by much of
what they carry in their wallets, store in their computers and, eventually, by
their fingerprints. Ultimately, the "ask and answer" method of data
collection produces identifiers. Each new sign up, application or registration
creates new identification numbers or symbols like credit card numbers, Social
Security numbers or aliases and passwords. The human corpus does not currently
digitize well, but people are linked to identifiers that do. In sufficiently
complex networks, identifiers link individual transactions to a stored body of
previous transactions and information. Increasingly, one identifier links to
previous identifiers and the body of information grows with each successive
transaction. For example, imagine that Bob purchases a new maroon blazer from
the Gap with his recently acquired Gap charge card. Perhaps, Bob's first
identifier (the Gap identifier or charge account number) links to his bank
account number, which then links to his credit card number, and all the
corresponding information. The credit card identifier might, in turn, be linked
to a Social Security number, and, thereby, Bob's census, IRS, health,
insurance, spring break arrest and employer information. Although this
information may be linked using a single identifier or series of connected
identifiers, individual information providers, like the Gap, might not have
access to all the information contained in other information providers'
database. However, the more seamless the network is the more seamless the
ascertainable informational profile of Bob will be. From income to religion, as
long as the marginal utility of the information is more than the cost of
ascertaining it, the information can and will be collected and employed.
*38 Another example of TGI is known as telephone transaction-
generated information (TTGI), TTGI is information generated by telephone usage
and transactions related to telephone services. [FN65] In addition to information about
telephone subscribers generated by the application forms and billing
information, call-detail records provide comprehensive and potentially useful
information about individuals. Information generated by "exchange and
interexchange phone calls [includes] the date and the time of the call, the
number called, the calling number, the geographic location or address of caller
and call recipient, the duration of the call and the charge." [FN66] Consumers and businesses most
commonly make use of this information through caller-id.
*39 A routine cyberspace example of TGI helps to complete the
collection picture. The last time I visited the Center for Democracy and
Technology's Website at http://www.13x.com/cgi-bin/cdt/snoop.pl from a law
library computer, the exchange proceeded as follows:
*40 Hi! This is what we know about you:
*41 You are affiliated with Harvard University
*42 You are located around Cambridge, MA
*43 Your Internet browser is Mozilla/4.02[en]
*44 You are coming from langopen2-13973.law.harvard.edu
*45 I see you've recently been visiting this page at www.cdt.org
*46 Someone in the computer center input this information into
the Netscape browser on the library's computer network. When I visit the same
site from my laptop computer, the information known and, theoretically,
collected refers directly to my home address, personal e-mail, and other
personal data. Each time I enter and exit the site, the information bank grows
in direct relation with the sites previously visited.
*47 Of course, if you know that the information is being
collected, or generated by your transaction, you can thwart information
collection by visiting an anonymizing site [FN67] when you first login, by not filling
out, or filling out with false information, your browser preferences, [FN68] or by abstaining from the
transaction. Here the fundamental difference between TGI and the traditional
method becomes apparent in that the TGI is collected silently. Given the recent
flood of press attention devoted to this phenomenon, more and more people are
aware of the collection of TGI. Unfortunately, as users gain awareness and
engage in blocking or other techniques to avoid collection, the collection
technologies gain the equal and opposite sophistication. What results is a tug
of war, a technological arms race wherein capital remains elementary.
*48 Since the portals to cyberspace are currently varied,
identifiers are similarly varied. Eventually, all identifiers, and
identification technologies, might collapse into one. Perhaps it will be a
digital fingerprint or handshake. Placing your thumbprint to a screen might
allow you to pass your resume to a potential employer, purchase a smoothie with
funds automatically deducted from your checking account or make reservations at
your favorite trattoria. Until that time, we will continue to have many
identifiers, and a variety of technologies will be required to read and
digitize the information. Frequent shopping cards may continue to depend on bar
coding and UPCs, while credit cards continue to employ magnetized strips.
Certain supermarkets may also continue to be unlinked to popular (ATM) networks
such as Plus, Cirrus or Most. A greater number of dead-ends on the network may
mean greater information privacy for consumers since businesses will be unable
to link information that they have gathered with other information.
Unfortunately, dead-ends, or disconnects, also force consumers to carry many
cards in their wallets and PINs in their heads.
*49 Before moving on to processing, storage and use, it is
important to briefly elaborate on the other side of the collection coin--the
benefits to consumers of collection through identification. Primarily,
identification mechanisms enhance efficiency by saving consumers time in
situations which require screening and authentication. Instead of having to
produce your driver's license and a major credit card every time you go
shopping with a personal check or facing a teller every time you want cash, you
simply scan your shopper's card or insert your ATM card. Every time you revisit
www.thenewrepublic.com, you do not have to reenter your address, name, password
and age. Rather, the New Republic's server recognizes your cookie.txt file and
welcomes you back. With time, these technologies will only get better. One
really smart card might someday contain all the essentials, including passport,
credit cards, bank cards, frequent shopper's cards, driver's license, digital
cash, Social Security number, automatic tax deductions and exemptions,
bookkeeping functions and even pictures of the kids. Perhaps, more importantly,
the card may enjoy military strength encryption and a digital fingerprint,
rendering it useless to anyone other than its owner. Back in real space,
however, the principal dividends from direct marketing and advertising, such as
coupons and other incentives, are currently available to consumers only after
the information has been processed.
B. Storage and Processing
*50 As explained above, William the Conqueror understood that the
data he collected was essentially worthless until it was organized, processed,
sorted or understood. Organization adds value to raw data. A tidy, alphabetized
file cabinet is infinitely more valuable than messy, coffee stained stacks of
the same documents. Depending on use, the same principles apply to information
that is sorted according to age, name, zip code, religion and race. Data
correlated by the same factors would, in theory, be more valuable still.
*51 Typically personal information is processed and stored in
databases simultaneously. Personal information, or data, can be stored in any
number of forms and repositories. File cabinets, punch cards and ledgers were
rudimentary storage vessels. For the most part, they were relatively labor
intensive, slow and spatially inefficient. The data sector subsequently
embraced vast storage capacity and instantaneous retrieval. Magnetic tapes and
mainframes gradually replaced file cabinets and ledgers. Currently, the bulk of
information worldwide is stored in computerized database systems. A database is
nothing more than a horizontally structured and vertically integrated
collection of information. [FN69] Database management programs or
systems (DBMS) became readily available to large businesses in the late 1970's.
By the early 1980's, many of the programs were inexpensively available for
microcomputing systems. DBMS computer programs automated filing in virtual
cabinets inside computers with what seemed like endless capacity. Storage and
retrieval of data similarly became amazingly efficient. When a user retrieved
information, the computer provided her with a copy of it and the original data
remained safely in the database. Data and records could be used in several
locations simultaneously and, depending on the network, utilized worldwide.
Again, DBMS's were more than just storage units, because the programs could
collect information as well as process it.
*52 Increasingly, databases are networked. For example, the U.S.
Government has networked the databases of the Customs Service, the Drug
Enforcement Agency (D.E.A.), the I.R.S., the Federal Reserve and the State
Department. [FN70] Additionally, the Counter Narcotics
Center combines the database power of the F.B.I., C.I.A., D.E.A., National
Security Agency, the Department of Defense, State Department and Coast Guard. [FN71] The Treasury Department's Financial
Crimes Enforcement Network (FinCEN) has compiled a large and sweeping database
to combat money-laundering activities. [FN72] To some extent, market forces
delimit the networking of databases in the private sector. However, a great
deal of centralization has effectively taken place because of the tendency of
the industry to move toward oligopoly [FN73] and because almost all private
actors buy and sell information lists, archives and datasets with increasing
frequency. This creates, to the extent that public and private databases are
networked, the gradual ascendancy of one central database. This trend, in turn,
enhances the ability to assemble broad-based information selectively or to
correlate existing information. One author's description of this as
"functionally the equivalent to the ability to create new
information," illustrates the blurring of the lines between the storage,
collection and processing of personal information. [FN74]
*53 For data to be processed and stored electronically, it must
be readable. Thus, data that is collected in non-digital form must first be
digitized or turned into binary code--computer-readable bits of information.
Depending on end-use, digitizing proceeds upon a predetermined model or program
(DBMS). Utilizing any number of rubrics, technologies, processes, software
programs or hardware systems, raw information/data is assessed, labeled,
classified, categorized, zoned, sorted, matched, clustered, segmented or
filtered. In the simplification process, the collected information is assigned
a numeric value and sorted accordingly. For example, a survey might ask
consumers to respond to three questions: (1) age, (2) income and (3) toothpaste
preference. Given five age ranges, six income brackets and four brands of
toothpaste, the information in age might be assigned a signifier of 1-1 through
1-5, income 2-1 though 2-6, and toothpaste 3-1 through 3-4. After assigning
numbers to all the possible answers, the program might then sort all the
responses into categories. Depending on the results sought by the commissioner
of the survey, the program would then compare, correlate or regress the
categories. Eventually, the results will be analyzed, either by the computer
or, in this case, a marketer. The results might indicate that individuals in
categories 1-3 and 2-4 buy almost no 3-3. While this may be enough for some
enterprises, the sorting, however, does not necessarily stop there. Rather, the
results and possibilities increase in complexity and value in direct relation
to enhanced processing procedures.
*54 A fuller understanding of the storage and processing of
information requires a rudimentary comprehension of computer software and
hardware. Computers essentially process information in the form of two
electrical impulses, on and off. Each electronic impulse is read as a number, 1
(for "on") and 0 (for "off"). By translating the electronic
impulses, or information, into a series of 1s and 0s, computers are capable of
performing mathematical operations. [FN75] Early computers contained circuitry
designed, or were "hardwired," to perform specific tasks. For
example, in 1946, one of the very first computers, the Electronic Numerical
Integrator and Calculator ("ENIAC") consisted of 18,000 vacuum tubes,
6,000 switches, 10,000 capacitors, 70,000 resistors, and 1,500 relays. The
computer took up 1,800 square feet space. [FN76] The ENIAC was basically a
supercharged calculator, performing 5,000 calculations per second, a thousand
times faster than any previous calculator. [FN77]
*55 Modern computers, especially personal computers, are required
to perform a number of tasks that require a high degree of flexibility. As
hardwiring limits flexibility, most computers are hardwired to perform more
general functions and depend on software programs for more specific, detailed
instructions that direct a computer's hardware (central processing unit (CPU)
and memory) to produce certain results or perform specific functions such as
data processing and storage.
*56 The two most important components of databases and database
technology are storage and processing/utilization. Databases as storage units
hold data on entities and transactions of different typology and allow the
retrieval of mass quantities of information. Relational databases, such as
Oracle's main product, hold data in simple structures called, variously,
"records" or "rows," each of which contains a subset of
"fields." A database of people, for example, might contain a number
of records or rows, each of which would also contain a number of fields for
name, birth date, address, sex, telephone number, etc. Some database fields are
"references" to entire records in the same or alternate databases. In
this manner, for instance, the employer field in a person record might
reference a large record in a company database. More cutting edge
"object" databases hold data in less rigid structures, allowing for
easier modeling of complex data relations, sometimes at the expense of data
retrieval efficiency.
*57 The utilization of data stored in databases is more complex,
though storage is ultimately designed with an eye toward process and function.
In general, there are two types of data utilization techniques: store and query.
Storing data occurs either upon the creation of a record or in the modification
of one or more of a record's fields. This is relatively simple, though many
database products offer tools for designating how users enter the data to be
stored. Data queries might take milliseconds or months to complete. A typical
query might ask, "Give me a list of all persons who work for a company
headquartered in Canada, and give me an average of their salaries by industry.
Sort the persons alphabetically by industry, then by company, with the industry
sorted by gross sales highest to lowest, then alphabetically by last
name." Implementing this query might require accessing a number of
different databases and a great deal of sorting and applying selection
conditions. All database products come with means to enter such queries
(relational databases conform to a particular query language called SQL) and
return results. The means of presenting these results in terms of reports,
charts, graphs, etc. is another aspect of data utilization. A result of a query
might also be used to drive programs to take one fork rather than another. And,
of course, it is important to optimize the query processing, as users desire
efficiency in response time and storage.
*58 Thus, a database system is a combination of hardware,
software and a compilation of coded data known as the database. [FN78] Hardware is required to store the
database and to process or manipulate the data according to the dictates of the
software. Hardware runs the gamut from powerful mainframe computer systems to
networked desktop models. The database itself is made up of previously
processed files that contain related records. Each data record is further
divided into subfields, by DBMS generally according to mathematical formulae or
algorithms. The file organization and storage capacity are inextricably linked
in terms of capacity and speed of recovery. Databases are designed to minimize
the time required to access, retrieve or update the records and to minimize the
database's storage space. A database system provides efficient access to large
amounts of information and allows users to manufacture new arrangements,
configurations or sorts based on evolving software inputs. [FN79] Although discussed more in-depth
below, the newest, cutting edge database processing programs in cyberspace are
called intelligent agents or bots. Many agents depend on a patented algorithm
called automated collaborative filtering (ACF). [FN80] After a user completes the threshold
ask and answer form, the user interfaces with an "agent." Utilizing
the baseline information and the TGI, the collaborative filtering sorts data in
much the same way that William's civil servants did--assigning, averaging,
correlating and memorizing numbers, symbols and/or values. However, ACF is
different from traditional techniques because, it correlates the data by
juxtaposing incoming information, such as opinions, tastes and preferences
gathered by the intelligent agent, with previously filtered information (first
from this particular user and then from all other users) stored in company
databases. The "strongest," or highest significant positive,
correlations are returned to the user, with the significant correlations, in
one instance, translated into recommendations or "intelligent
information." This loop back feature opens a line of communication between
the user and storage unit mediated by the (pre-programmed) filter or sort. The
more data it receives, the smarter it gets. The more an individual clicks, the
more complete the filtration becomes. In theory, every option selected by the
user is another step towards the essential categorization and storage of the
user's self. Again, because agents are networked devices, the access,
collection and utilization of "intelligent" personal information
increasingly becomes unlimited.
C. Use
*59 Once the raw data has been processed and stored, it is ready for
use. Just as William used the information to increase his revenue from
taxation, the manufacturer of toothpaste 3-3 (the commissioner of the survey in
the example above) will logically change marketing strategy according to the
results of the survey. Perhaps, it might start targeting the 1-2 and 2-4 niche,
get a new advertising agency or write the group off altogether. After it has
been processed and stored, the information becomes more valuable in terms of
what it illustrates and predicts. Currently, the most widespread use of
collected and processed information is direct marketing done with products from
list vendors.
1. List Vending and Direct Marketing
*60 David Shenk traces the ascendancy of list vending, and niche
marketing, back to Claritas, the market research company founded by Jonathan
Robbin. [FN81] In the 1970s, Claritas invented
direct marketing. In direct marketing (also known as niche-marketing,
one-to-one marketing, relationship marketing, loyal marketing and dialogue
marketing) goods, services, ideologies or opinions are positioned to appeal to
small, defined groups, previously identified by demographics. Marketing and
advertising are tailored to these audiences and placed in media outlets that,
based on previous data analysis, each particular audience is known to frequent.
[FN82] It seems foreign to the modern
observer, but in the recent past, Ivory soap, Fruit Loops and STP were targeted
only at the general audience listening or watching a particular program. Niche
marketing was not yet widely used. Technological innovations led to the
development and management of electronic databases on consumer behavior that
perform statistical analysis of that data and determine the precise geographic
location of consumers. In 1976, Robbin introduced the PRIZM database, a
comprehensive geo-demographic analysis tool of amazing complexity and ability.
The database was organized on a set of refined algorithms designed to extract
the statistically relevant similarities between demographic information and
geographic location nationwide, enabling the organization, and segmentation, of
a nation into the sum of its ideological beliefs and consumer habits. [FN83]
*61 Currently, list vendors compile information by buying,
selling and trading lists from a variety of public and private sources. Given
the raw data, they simply process or reprocess (using a variety of
"enhancement" techniques) the information to produce "new"
lists tailored to specified interests. Lists can be obtained for virtually any
category of consumer or belief. Conceivably, there are lists of expectant
mothers and their due dates and lists of middle class (above $75,000 in annual
salary) Latino men under 6 feet who voted Republican in 1988 and drive European
sports cars originally purchased for over $50,000. You name it, they list it. [FN84] And, if they do not, they'll figure
out a statistically persuasive argument for why another list is predictive or
indicative of what a list buyer is searching for.
*62 As described above, both list vending and direct marketing
are big businesses. There are a number of firms that specialize in selling
lists of tailored information that can be used by businesses in conjunction
with existing internally gathered information. Donnelly Marketing Information
Services, a division of InfoUSA, sells access to a database covering 200
million U.S. households. [FN85] Subscribers to the information can
generate profiles of consumers according to demographics, life-styles, and
retail expenditures, such as mail responsiveness, credit worthiness, vehicle
information, financial investments, hobbies, occupations and census
demographics. The other major players in this domain are the credit reporting agencies,
Equifax, TRW and TransUnion, which maintain files on more than 90% adult
Americans. [FN86] Numerous other agencies offer
similar information products.
*63 According to the Direct Marketing Association (DMA), the
largest trade association for businesses engaged in database marketing,
manufacture and collection, with more than 3600 member companies from the
United States and 47 nations worldwide, [FN87] over 50 percent of direct marketers
use the Internet and Web for advertising and 48 percent actively mine the
membership rosters of major computer online services for e-mail addresses and
other information.
*64 Lists, polls, surveys and data enhancement services drive
virtually all advertising and marketing nationwide. Personal information is at
the backbone of everything from telemarketing to the President's radio
addresses. At a point, the information becomes self-reinforcing, an autonomous
referent.
2. Intelligent Agents and Push Technology: Cyberapplications
*65 Intelligent agents, push technologies and other cutting edge
cyberspace technologies have been referred to as "direct marketing on
steroids." [FN88] While the paradigm is analogous to
direct marketing, push and agent technologies are more efficient and have a
greater potential to reach consumers. These technologies, in a certain sense,
have aptitude, an ability to learn as they iterate. [FN89] They keep the data channels open and
information constantly flowing in both directions. The more you use your agent,
the smarter it gets. The smarter a consumer's agent gets, or the more she
receives pushed content, the better it will serve her and the more she will use
it, until eventually, according to Kai G. Wussow, a director of Eutelis
Consult, a German consulting firm, "[the marketers, advertisers, list
vendors, etc.] know what [she] like[s] to have better than [she] do[es]
[her]self." [FN90] However, current e-commerce
companies have been criticized for not utilizing the power of agents and the
most interesting work on agents is still being done in labs. [FN91]
*66 In strong form, agents will memorize, and process, every
mouseclick and purchase, and the amount of money and time a consumer spent
doing so. Agents take note of a consumer's reading material and her
correspondence, including the most frequent e-mail addresses, coming and going.
They memorize each piece of information and tirelessly compare and contrast the
next.
*67 Agents come in all shapes and sizes. Some are programmed to
act like humans. Behind the facade, agents are sophisticated programs
interfaced with powerful computers and databases. Some agents are sedentary, in
that they remain on a particular server and scan the desktop for aberrations
such as viruses or notify the user of abnormalities like unsaved revisions.
Other agents roam cyberspace searching for information that their users have
requested or that the agent deems the user might want. [FN92]
*68 Analogous to the DBMS's, agents filter information. The
difference being, agents are personalized, they work closely with their
subject. For example, a consumer could conceivably program her agent to find
and purchase seats to an upcoming opera. The agent, having access to her
personal digital assistant ("PDA"), would check her calendar, find
the cheapest available seats, purchase the tickets and e-mail her.
*69 Push technologies are based on similar technological
innovations. In 1997, Wired Magazine broadly predicted that the Web browser
would soon be replaced by push technologies. [FN93] While thus far push technology has
not fulfilled analysts' initial high expectations, [FN94] some commentators have recently
declared that push technology is staging a comeback, because of the emergence
of new more viable business models. [FN95] Furthermore, personalized services
from web portals, like Yahoo!'s My Yahoo! service (http://my.yahoo.com) and
Netscape's My Netscape (http://my.netscape.com), also allow individuals to make
selections about what push content they would like to receive. Wired initially
argued that the noise and congestion on the Internet that diminished its
utility could be avoided via push technologies such as PointCast. [FN96] Push technology, like intelligent
agents, revolves around customer profiles. The user sets a profile of what
interests her and the push programs do the rest. Each time the user logs on, an
identifier trips a certain profile and the program starts grabbing content and
advertising, targeted, or filtered, according to the user's profile. The push
programs will monitor pull and push practices, gaining intelligence while manufacturing
data commensurate with use. Filtering processes, again, are fundamental to the
technology. They use the same model as the direct marketers, yet the channel
and connection are always open and literally one to one.
*70 The marriage of agents and push will offer companies the
ability to inexpensively gather data far more detailed than the standard
Madison Avenue demographic fare of consumer ZAGs (zip code, age and gender). As
John Sviokla, a marketing professor at Harvard Business School, proclaims,
"[i]t's a fundamentally cheaper way to identify customers, sort them, and
sell to them." [FN97] However, agents and push do much
more than Sviokla suggests. They create a fundamentally different paradigm in
marketing. Push and agent software no longer offer products to people, but
rather people to products--a potentially more efficient manner of consumption.
*71 A glance back reveals how far we have traveled. Traditionally,
data collection and employment was product oriented (PO). Essentially,
marketers reverse-engineered information regarding customer choice to infer why
customers' decisions were made. Advertisers then used available demographics to
further understand whether a particular class of consumers might prefer one
product over another. [FN98] This is rapidly changing.
*72 Today agents and push technologies are still PO. However,
their "P" stands for people not product. Eventually list vendors will
sell people. No longer, will it be sufficient for marketing data to reveal
aggregate ZAGs on who buys what and how much. Rather, agents and push will
offer individual preferences and desires. People, through their intelligent
agent or push preferences, will map their next purchase, the brand and how much
they can afford. The only marketing that retailers will have to do will be
buying consumer preferences, locating the person and selling to them at a price
they can afford. In the future, people may not need to self-consciously create
their own images. Instead, direct marketers will be able to appeal to their
true personaes and unconscious desires through computer programs that analyze
their credit card purchases, television viewing, movie selection and their
taste in partners.
*73 If this sounds impressive, we must also bear in mind that the
real masters of the agents and the peddlers of push are the companies that
wrote and patented the code or bought the company that did. More fundamentally,
all the potentially sensitive information rendering agents intelligent and
powering the push is secured in the purveyor's databases. They own it.
*74 Inevitably, popular articles discussing these new
technologies and their potential either paint a rosy picture of a future so
bright or a horror story of just how little personal privacy is extant. [FN99] The stories are commonplace: what
happens when an employer, or, god forbid, your health insurer, finds out that
an employee is interested in medicinal marijuana. While technological
innovations have always spawned a mixture of fear and speculation, these technologies
are not going to disappear. When they transcend the Web and find their way to
the cyberspace inhabited by the rank and file-- the ATMs, grocery stores,
telephone, etc.--the real fun and problems will begin. The issue will then
become finding a comfortable middle ground, a domain where the future is
bright, but where some sort of protection salvages the requisite amount of
shade for those who value informational privacy. [FN100]
VI. Existing Legal Protection
*75 The United States lacks a comprehensive or omnibus law to
protect personal informational privacy. Rather, personal privacy rights in the
U.S. are protected through a loose, and often ineffective, patchwork of
Constitutional, statutory, common law and private sector guidelines, which at
best provide piecemeal protection. [FN101] As will be discussed below,
regulatory efforts have targeted the use or employment, as opposed to the
collection, storage or processing, of personal information. The contemporary
regulatory debate regarding methods for enhancing informational privacy also
focuses on the identification and regulation of categories of malignant uses of
personal information.
A. Federal Statutory Protection
*76 Absent omnibus protection of informational privacy, Congress has
reactively passed piecemeal, industry-specific statutes and regulations to
control the use of information according to the specialized intricacies and
interests of particular industries and consumer groups. Because of the
ascendancy of technology and the greatly enhanced capacities for storage,
collection and use of personal information, this piecemeal and reactive
approach is increasingly less and less effective in protecting consumers.
1. Fair Credit Reporting Act
*77 In 1970, Congress passed the Fair Credit Reporting Act
("FCRA"). [FN102] The FCRA, perhaps the most
comprehensive protection of consumer privacy rights, provides a list of
permissible purposes for which personal information about a consumer may be
released without the consumer's consent. [FN103] For example, under the FCRA, credit
agencies may furnish credit reports without the consumer's consent under a
number of circumstances (i.e, for the purpose of establishing an individual's
credit worthiness, employability or "other legitimate business
need"). When credit is denied to an individual, the FCRA mandates that the
user of the credit report supply the name and address of the credit-reporting
agency and follow reasonable procedures to insure the accuracy of the credit
information. Credit agencies must also have established administrative
procedures for investigating disputes and alleged inequities. Certain
"obsolete" information may not be disclosed, although the
obsolescence threshold has been set exceedingly low. [FN104] It should also be noted that the
FCRA only purports to regulate credit-reporting companies. Other than the
laughable "obsolete" standard, the FRCA is silent on information
regarding consumer preferences and purchases collected by or from credit
agencies or card companies.
2. Privacy Act
*78 The primary instrument for regulating the information practices
of the federal government, the Privacy Act of 1974 ("PA"), [FN105] is thought to have been passed in
response to the excesses and abuses of Watergate. [FN106] Pursuant to the PA, federal
agencies are permitted to collect and maintain records containing personal
information to the extent that the information is "relevant to accomplishing"
the agency's purpose. [FN107] Information that is collected,
however, must be maintained accurately and completely, and, where practicable,
gathered from first parties. [FN108] Excluding seven classifications of
records, primarily related to law enforcement and defense, [FN109] the PA specifically requires that
every federal agency maintain a system to: 1) permit the individual to control
disclosure of the information in the record; [FN110] 2) retain records of information
that has been disclosed; [FN111] 3) permit the individual to review
and maintain a copy of the information in the agency's records; [FN112] and 4) allow the individual to
request an amendment of information contained in an agency's records. [FN113] These requirements, however, are
diluted by the empowerment of agency heads to promulgate rules exempting any
system of records within the agency from the reach of the PA. [FN114] Finally, because it applies only to
governmental actors, the PA does nothing to restrain marauding private
entities.
3. Cable Communications Policy Act
*79 In 1984, Congress enacted the Cable Communications Policy Act
("CCPA"). [FN115] The CCPA requires cable television
companies to provide annual notification to subscribers regarding the use and
disclosure of their personal information. [FN116] Furthermore, the CCPA prevents
cable companies from utilizing the cable system to collect or disclose personal
information about subscribers without their consent except as required to
render cable services or detect unauthorized cable reception, or pursuant to a
court order. [FN117] Thus, a cable operator must destroy
any information "unnecessary" for the purposes for which it was
collected. Nonetheless, a cable company can distribute a mailing list of subscribers
provided it allows each subscriber an opportunity to remove her name from the
list. [FN118] While the remedies available to
subscribers for violation of the CCPA include actual and punitive damages and
reasonable attorney's fees, these regulations may be easily circumvented since
they apply only to cable companies. Thus, once a particular list has left the
hands of a cable company these restrictions do not apply.
4. Electronic Communications Privacy Act
*80 The Electronic Communications Privacy Act of 1986
("ECPA"), like the Communications Act of 1934, prohibits the
unauthorized collection and recording of the contents of telephone
conversations or data transmissions, including the contents of e-mail messages.
[FN119] This statute provides only limited
protection of personal privacy from the state, since it allows the government
to seek a court order for a specified law enforcement purpose. The only bite in
the statute comes from a provision prohibiting a public telecommunications
service from disclosing the contents of communications or an electronic message
without either the consent of one of the parties or an authorized law
enforcement action. [FN120] While this prohibition has yet to
be tested, a suit by a decorated Naval Officer, may shed some light on the
statute and issues discussed herein. [FN121] The Naval Officer, Timothy McVeigh
(no relation), was threatened with discharge from the Navy after a Naval legal
officer acquired information from McVeigh's personal profile from America
Online. In his personal profile, McVeigh listed his hobbies as "driving,
boy watching, collecting pictures of other young studs," and his martial status
as "gay." [FN122] McVeigh filed suit in Federal
District Court in Washington against the United States Navy and America Online
alleging, inter alia, a violation of the ECPA. [FN123]
5. Video Privacy Protection Act
*81 The media's access to the list of videos rented by Supreme Court
nominee Judge Robert Bork worried many members of Congress. Congress reacted by
quickly passing the Video Privacy Protection Act of 1988 ("VPPA"). [FN124] The VPPA is a criminal statute regulating
the disclosure of information about videotape rentals. Specifically, the VPPA
prohibits the disclosure of the title, description or subject matter of a film
rented by a particular customer without written consent. [FN125] Names and addresses, however, are
excluded. [FN126] Like other federal privacy statutes
that regulate private businesses, the law only applies to a narrow category of
information and a specific industry.
6. Telephone Consumer Protection Act
*82 The Telephone Consumer Protection Act of 1991 ("TCPA")
[FN127] was aimed at the companies
responsible for millions of dinnertime interruptions--direct telephone
marketers. Under the TCPA, telemarketers cannot use automatic telephone dialing
systems or pre-recorded voice messages to call patient rooms in health care
facilities, emergency lines or any telecommunication receiver where the called
party must pay for the call. [FN128] More substantially, the TCPA
prohibits, with certain exceptions, pre-recorded calls to residential lines
without the prior consent of the recipient. [FN129] The TCPA also empowers the Federal
Communications Commission ("FCC") to further regulate calls to
businesses and to exempt from liability certain non-commercial calls which
would not "adversely affect" privacy rights. [FN130] Pursuant to the TCPA, the FCC is
permitted to amass a database of telephone numbers of residential subscribers
who object to receiving telephone solicitations, and prohibit unsolicited calls
to persons listed in that database. [FN131] An interesting question remains:
what statute would stop the FCC from selling a list of those names? [FN132]
7. Proposed Legislation
*83 In recent years there have been numerous legislative initiatives
drafted to address the numerous shortcomings of existing informational privacy
protection. Representatives have proposed bills expanding online privacy as
well as bills protecting financial and health care related personal
information. However, with, the exception of the Children's Online Privacy
Protection Act ("COPPA"), [FN133] none of the proposed bills have
been enacted. [FN134]
*84 One of the failed bills, H.R 3508, the Children's Privacy
Bill, was introduced by Bob Franks (R-NJ) in late 1996. [FN135] The bill would have made it a
crime, punishable by up to one year imprisonment and subject to civil action,
for a list broker to engage in any of the following acts: 1) to buy or sell
personal information about a child without parental consent; [FN136] 2) to knowingly fail to comply with
the request of a parent to disclose the source of information about the child;
3) to knowingly fail to disclose all information that the broker has sold
regarding the child or to disclose all people who have received information
about that child; [FN137] 4) to contact the child or parents
for commercial purposes; 5) to fail to comply with the request of a parent to
disclose the source of the information; 6) to knowingly use prison labor to
process information about children; [FN138] or 7) to knowingly distribute or
receive any information about children. [FN139]
*85 Edward Markey (D-MA) authored another failed bill, entitled
the Communications Privacy and Consumer Empowerment Act. [FN140] Markey's bill would have required
the FCC to study the impact of new technology on privacy rights and, if
necessary, to take protective action. The legislation became part of the larger
debate surrounding government regulation of the Internet, and thereby never
emerged from committee.
*86 On January 7, 1997, Representative Bruce Vento (D-MN)
introduced the Consumer Internet Privacy Protection Act of 1997. [FN141] The bill endeavored to prohibit the
disclosure of personally identifiable information without the consent of the
individual. In general, the bill stated that an interactive computer service [FN142] shall not disclose to a third party
any personally identifiable information [FN143] provided by a subscriber to such
service without the subscriber's prior informed written consent. [FN144] Furthermore, "such service
shall permit a subscriber to revoke the consent granted under paragraph (1) at
any time, and upon such revocation, such service shall cease disclosing
information to a third party." [FN145] Knowing disclosure of falsified
personally identifiable information to a third party was also prohibited. [FN146] Under the proposed bill,
subscribers were explicitly granted access to personally identifiable
information and to the identity of third party recipients. Upon receiving
access to such information, subscribers could verify or correct such
information without sustaining any fees or charges. The bill would have granted
The Federal Trade Commission ("FTC") the authority to examine and
investigate an interactive computer service to determine whether it had
violated the Act. Under the bill, if the FTC determined that an interactive
computer service had engaged in any act or practice prohibited by the bill, the
FTC could issue a cease and desist order. Finally, a subscriber aggrieved by a
violation of Section 2 (of the Act) could, in a civil action, obtain
appropriate relief. For better or worse, this bill did not pass the House.
8. Federal Trade Commission Initiatives
*87 In response to the public's outcry surrounding the Lexis-Nexis
P-Trak database, [FN147] on October 8, 1996, Senators Bryan,
Pressler and Hollings sent a letter to the Chairman of the FTC requesting a
study of possible violations of consumer privacy rights by companies that
operate computer databases. The FTC released a December 1996 Staff Report on
"Enhancing Consumer Privacy Online." [FN148] Basically, the report outlined the
problems pertaining to online consumer privacy and provided some statistics on
consumers' attitudes about privacy and interactive media. The report took the
position that consumers must receive notice of information practices and
maintain choice with respect to whether and how their information is used.
Further, the report underlined a concern with sensitive data, such as medical
and financial information online, analyzed three possible technological
solutions (I/CODE, cookies, and PICS), mentioned self-regulation and the
possibility of government regulation, and but came to no firm conclusions as to
the best way to proceed.
*88 In summary, current, and proposed, federal statutory and
regulatory protections of informational privacy are unsatisfactory in two
respects: their failure to comprehensively target private industry, and their
dependence on a piecemeal (use based) approach. By not targeting private
industry, the largest collectors and users of personal information remain
essentially unregulated in their collection and use of potentially sensitive
personal information. More importantly, by focusing regulatory attention
reactively on ephemeral and inchoate uses of personal information, federal
regulation remains fundamentally incapable of keeping pace with technological
advances in the art of collection and use of personal information.
B. State Statutory Protection
*89 In June 1995, the National Association of Attorneys General
("NAAG") Internet Working group was established. In November, members
of the group gathered for a speech by, Minnesota Attorney General, Hubert H.
Humphrey III. Humphrey was pleased to report that "the states, [were
working], under a resolution of the NAAG, to pool resources and meet the
[Internet] challenges of the future." [FN149] To their credit some state
Attorneys General have promulgated regulations to enhance consumer, employee
and citizen privacy in personal information, but most states are waiting for
the FTC to take the lead. [FN150]
*90 Some states have opted to directly enact laws concerning the
manner in which personal information is collected and disseminated. Not
surprisingly, California and New York are leading the charge. [FN151] In California, for example, Article
I of the state constitution expressly states that the right to privacy is an
inalienable right of all people. [FN152] Unlike the penumbra of the U.S.
Constitution [FN153] the California Constitution has
been interpreted to protect against government snooping, [FN154] the overbroad collection and
retention of unnecessary personal information properly obtained, [FN155] and the improper use of any
information obtained for a specific purpose other than business or government. [FN156] Furthermore, the California
Constitution has been interpreted to provide a reasonable check on the accuracy
of information already collected [FN157] and to require a "compelling
interest" for the intrusion into individual privacy. [FN158]
*91 To a lesser extent, New York Civil Rights Law establishes
similar privacy rights and protections. [FN159] For example, New York codified the
common law doctrine of misappropriation of name or likeness of an individual
for commercial purposes. [FN160] Furthermore, New York law limits
public access to various personal records such as personnel records and the
identities of certain categories of crime victims. [FN161]
*92 While some states have enacted laws protecting informational
privacy, these states are currently the exception. Analogous to federal and
common law, privacy protection under state law remains piecemeal and inadequate
in the face of the challenges presented by the technological explosion. This is
especially true when one considers the difficult jurisdictional issues
associated with cyberspace.
C. The European Model
*93 The European privacy model solves many of the inadequacies of
the contemporary American regime. Previously, piecemeal data protection laws
existed in some European countries. [FN162] In an effort to synchronize
existing laws, on July 24, 1995, the Council of European Union adopted an
omnibus Council Directive aimed at the "Protection of Individuals with
Regard to the processing of Personal Data and on the Free Movement of Such
Data" ("European Data Directive," "Directive" or
"EDD"). [FN163]
*94 The EDD protects individual informational privacy and
prevents obstacles, previously unavoidable under the cacophony of regulation,
to the free flow of information within the EU. For the purposes of this
article, the most important aspect of the Directive is the affirmative
obligation it imposes on EU governments [FN164] and private industries to collect
and process data only for specified and legitimate purposes. [FN165] "Processing" should be
interpreted broadly, and thereby encompasses collecting, recording, altering,
and making data available in any form. [FN166] Because the EDD is modeled on the
property regime paradigm, either the person concerned must contractually
consent to the processing or collection of their personal information, or the
processing must be necessary to carry out pre-contractual measures undertaken
at the request of the person or contract to which the person involved is a
party. [FN167] Processing may also occur where it
is necessary for compliance with legal obligations [FN168] or where the activity involved is
an assignment of public interest, not involving an infringement of fundamental
rights and freedoms. [FN169]
*95 The EDD grants the subjects of information collection the
privilege of requesting that erroneous data be corrected. In certain instances,
collectees may also oppose the prospective use of the information. [FN170] Furthermore, collectees must be given
notice of informational processing and collection and the intended uses of
collected data. While not wholly specified in the actual Directive, the EDD
does threaten meaningful liability and sanction for transgressors. Also, the
E.U. has established governmental agencies to oversee the development and
implementation of the Directive and assure the protection of subjects' rights.
The agencies will require public registration, reporting, and justification of
the methodologies, categories and employment of personal data actively being
collected on employees and customers. [FN171]
*96 Understandably, American companies, especially those active
in European markets, and digitarians are having nightmares about the EDD and
the possibility that similar regulation will be implemented in the United
States. Because of its focus on collection and its acceptance of an individual
property right in personal information, the EDD is unquestionably a step
towards more vigorous protection of personal information and is potentially
many times more effective than the existing American system. However, the EDD
fails to mitigate many of the deficiencies of the property regime discussed
below. More importantly, the EDD is a prime example of the danger of grafting
antiquated regulatory thinking (and with it an arbitrarily imposed privacy
baseline) onto a fundamentally different environment. Although it does enhance
consumer information privacy, the EDD does not spawn discussion or provide a
fluid model capable of changing as cyberspace matures. Instead, the Directive
threatens to stifle the potential of cyberspace by capriciously defining [FN172] and limiting the manner in which
information collection, processing and use can occur.
D. Constitutional Protection
*97 While the United States Constitution makes no explicit mention
of privacy, under the "penumbra theory," inferred from the Bill of
Rights, the Supreme Court has referred to, and protected, certain fundamental
or substantive due process rights. [FN173] Privacy protection under the
penumbra of substantive due process is limited to the protection of individuals
from governmental or public intrusion under a rational basis due process
balancing test.
*98 Whalen v. Roe, 429 U.S. 479 (1965), is the Supreme Court's
most in- depth, modern discussion of informational privacy in a
"government context." [FN174] At issue in Whalen was whether it
was constitutionally permissible for the state of New York to keep a
computerized list of prescription records for "dangerous drugs" and
require physicians to disclose the names of patients to whom they prescribed
those drugs. [FN175] The Court found that the right to
privacy generally includes the "right to be left alone," which
encompasses "the individual interest in avoiding disclosure of personal
matters." [FN176] Balancing the competing interests,
however, the Supreme Court upheld New York's program as constitutional in that
it was sufficiently narrowly tailored with adequate security provisions to
reduce the danger of unauthorized disclosure. Nonetheless, the Court left the
door open to future restrictions in light of technological change, [FN177] noting that it was "not unaware
of the threat to privacy implicit in the accumulation of vast amounts of
personal information in computerized data banks or other massive government
files." [FN178]
*99 In Tureen v. Equifax, 571 F.2d 411
(8th Cir. 1978), the Eight Circuit briefly flirted with the idea of
extending the penumbra to private encroachment. The Court stated, "in
order to make informed judgments in these matters, it may be necessary for the
decision maker to have information which normally would be considered private,
provided the information is legitimately related to a legitimate purpose of the
decision maker. In such a case, the public interest provides the defendant a
shield which is similar in principle to qualified privilege in libel." [FN179]
*100 Successive interpretations of the Whalen and Tureen
decisions have opted for narrow readings of the holdings. Effectively, the
privacy penumbra stops at government action, rendering constitutional
protection impotent in the face of the erosion of informational privacy rights
by corporations.
E. Common Law Protection
1. Tort
*101 In a landmark law review article, Samuel D. Warren and Louis
Brandeis persuasively argued for the extension of common law protection of
personal privacy to non-governmental or private party intrusion. [FN180] Warren and Brandeis defined this
zone of privacy, as "the right to be left alone." [FN181] Today, consumers and employees
receive a modicum of protection from private parties under the common law tort
doctrine of invasion of privacy. Professor William Prosser divides the invasion
of privacy into four doctrinal categories: [FN182] 1) intrusion upon one's seclusion; [FN183] 2) the public disclosure of private
facts; [FN184] 3) false light privacy; [FN185] and 4) the misappropriation of
one's name and likeness for commercial purposes. [FN186] super, Although an exhaustive
survey of the doctrine in these four categories is outside the scope of this
discussion, several notable cases illuminate the doctrine's structure and
deficiencies.
*102 After subscribing to a weekly periodical under a misspelled
name (Avrahani) and receiving junk mail at his home addressed to the same, Ram
Avrahami, a Wharton graduate, filed suit in state court against U.S. News &
World Report, arguing that the magazine tortiously sold his name and address to
a third party without prior consent. On February 7, 1996, General District
Judge Karen A. Hennenberg dismissed the suit for lack of jurisdiction to hear
equity issues. On June 12, 1996, Circuit Judge William T. Newman Jr. held that
Avrahami had no property rights to a "fake name." [FN187] Avrahami appealed the Circuit
Court's decision to the Virginia Supreme Court and posted a copy of the
petition for appeal on-line. [FN188] However, in December of 1996, the
Virginia Supreme Court declined to hear the appeal without comment. [FN189]
*103 Other courts have held that the sale of information to
direct mail advertisers without the consent of subscribers does not constitute
an invasion of subscribers' privacy, even if it amounts to a sale of personal
profiles, inasmuch as the profiles are only used to determine what kind of
advertisement is to be sent. [FN190] One such court found that the
"appropriation of one's personality," required to illustrate tortious
conduct, refers only to those situations "where the plaintiff's name or
likeness is displayed to the public to indicate that the plaintiff endorses the
defendant's product of business." [FN191]
*104 In June of 1997, the New York Times ran a front page story
detailing the plight of Beverly Dennis. According to the article, Beverly
Dennis, an Ohio factory worker, filled out a product preference survey in 1994.
In the summer of 1996, Dennis received a 12-page letter mentioning her
birthday, marital status and product preferences. The letter also contained
sexual suggestions and proposed a visit to Dennis' home. The writer was a
convicted rapist serving a six and a half year sentence in a Texas prison that
had contracted with Metromail Corp. under a prison work release program. In the
spring of 1996, Dennis filed suit in Travis County, Texas District Court,
seeking to represent all U.S. citizens against R.R. Donnelley and its
subsidiary Metromail Corp. Dennis alleged that the defendants committed the
tort of intentional and/or reckless disregard for safety when Metromail
disclosed plaintiffs' personal information to third parties. [FN192] Under the settlement terms,
Metromail has proposed to never use prison labor again, disclose in clear
language how it will use personal information and adopt new confidentiality
practices. Finally, Metromail will establish a fund to compensate claimants who
were or are injured by prior privacy breaches.
*105 In January 2000, a consumer filed a class action suit
against Amazon and its Alexa Internet subsidiary. Newby v. Alexa Internet and
Amazon.com, C 00 0054, U.S. District Court, Northern District of California
(filed Jan. 6, 2000). The consumer, Joel Newby, alleges that Alexa Internet, a
Bay Area company that offers client side server technology to work with users'
browsers to provide "useful information about the sites you are viewing
and suggesting related sites," secretly intercepted and sent confidential
information to Amazon.com, without his consent. Newby's suit seeks class
certification, damages, attorney's fees and restitution of profits made by both
companies as a result of legal violations. [FN193] While the facts are interesting, it
is doubtful whether the Amazon case will generate any novel legal findings.
*106 DoubleClick has also been hit by a similar suit accusing the
company of gathering personal information from Internet users--such as names,
addresses, and patterns of online browsing and buying--without their knowledge
or consent and in violation of their privacy policy. The suit also alleges that
DoubleClick is cross-referencing general data collected from users with
identifying information accessed through Abacus Direct Corp., a direct
marketing firm the company acquired in 1999. [FN194]
*107 The DoubleClick lawsuit was filed in California Superior
Court in Marin County. Judnick v. DoubleClick, Inc., CV 000421, Superior Court,
Marin County, California (filed Jan. 27, 2000). Interestingly, the complaint is
seemingly premised on an unfair business and trade practices cause of action
brought under California Civil Code § 17200. Thereunder, the attorney seeks to
represent the state's general public. In California, these suits are often
viewed as a plea for a quick settlement. Again, it is unlikely that the
DoubleClick case will amount to much other than a tidy sum in legal fees.
However, because of the impact of other private lawsuits coupled with public
scrutiny from the FTC and state attorneys general, Doubleclick has recently
decided not to merge its anonymous web-browsing data with Abacus' personally
identifying information. It is also offering consumers the ability to block its
cookies. [FN195]
*108 In theory, protection of informational privacy via a
liability regime would function ex post through rules deterring violations of privacy
interests by requiring transgressors to pay victims for the harm suffered.
Courts, by and large, employ a negligence standard regarding what the party may
and may not do with the information. As alluded to earlier, courts generally
maintain a fairly deferential negligence standard and require significant
personal injury before requiring transgressors to pay victims for harm
suffered. [FN196] There are a number of other glaring
deficiencies inherent in the existing liability regime that serve to undermine
privacy interests. Liability rules create obstacles for individuals to solve
collective problems. If many people are minimally injured by the disclosure of
personal information, the judgment value of their individual cases invariably
prevents adjudication and often settlement. While this might argue for a class
action, judges often refuse to certify classes on these matters due to the
individual nature of the harm and damages. [FN197] More significantly, litigation on
the disclosure of personal information may only perversely exacerbate the
injury by focusing attention on information that litigants wanted to keep
private.
2. Contract/Property
*109 In the 1970s, privacy protection for personal information was
considered to exist in the nature of a contract between the individual and
information collector. [FN198] Accordingly, the individual
divulged personal information to a second party, who then conferred some
benefit on the individual in return. The assumption was that a good faith contract
existed between the two parties and that the record keeper was bound not to
"misuse the information," in derogation of the contract. [FN199] However, the information holder's
post-use obligations were rarely formalized, and there was no monitoring of the
bargain, due, in part, to the high transaction costs involved therein. By
divesting the individual of any power to prevent or limit disclosure of their
personal information, the common law and statutory default position over the
subsequent twenty years has largely moved away from a property theory. [FN200] This trend seems to be reversing.
*110 A recent example of the employment of a property regime is
evident in a California Supreme Court decision concerning the right to control
and benefit from the exploitation of individual genetic information. In Moore v. Regents of the University
of California, 793 P.2d 479 (Cal. 1990), the lower court's decision
granting the plaintiff property rights in his genetic code was overturned by
the California Supreme Court. The California Supreme Court focused on the
chilling impact propertization of genetic code, or personal information, would
have had on medical research. While the Court opted to delay this delicate
balancing and leave open the question of propertization of less "socially
precious" personal information, it did offer Moore a remedy upholding the
claim that university researchers breached a contractual, or fiduciary duty, by
failing to obtain his informed consent before doing research on his DNA for
potentially commercial purposes. The court also maintained that if public
support existed for a right to compensation under these circumstances, the
legislature could and should provide it. By saying that the legislature could
act, the court merely highlighted the existing deficiencies and limitations of
common law and statutory protections that stem from the legislature's inaction
*111 In the well-developed debate on the efficiencies and
inefficiencies of liability versus property regimes, a number of theorists have
argued that a doctrinal shift from a liability to property regime, in common
law decision- making, will further enhance informational privacy. [FN201] According to Professor Coase's
theorem, given zero transaction costs and assuming parties intend to contract,
it would be irrelevant which legal regime was adopted, as the most efficient
outcome would obtain regardless. [FN202] As the collection, storage and
processing and use of personal information increasingly occurs in cyberspace,
if cyberspace were devoid of transaction costs (for example, in contracting or
consummating mutually beneficial bargains) common law rulings and regimes would
be irrelevant to the domain.
*112 While the debate regarding transactio