No more secrets?

  • SAMI LAIS (Computerworld)
  • 21 February, 2001 03:59

What detail of your private life would you least like to see splashed across the Internet? Or added to a database, linked to your name and sold in a mailing list?

Your concern could become a source of amusement to your grandchildren, because by then, "privacy as we know it won't exist," predicts Nick Jones, a London-based research director at Stamford, Conn.-based Gartner Group Inc.

Global Positioning System devices may track your every move. Always-on communications will keep you reachable. Ubiquitous video-monitoring software will note changes in your behavior. Your financial, medical and other data will be collected from halls of records, hospitals, your doctors' offices, banks, the schools you attended, your employer and dozens of databases and placed in a single smart card. Use the card at your local gas station and you could expose those personal records.

In fact, much of that is already happening and raising some alarm, says Franklin S. Reeder, chairman of the Computer System Security and Privacy Advisory Board, which advises Congress and federal agencies.

The federal government is responding by passing such laws as the Health Insurance Portability and Accountability Act, which requires health care organizations to protect the confidentiality of patient information.

But while discussions continue about the role of the federal government in protecting privacy, the importance of building choice into IT has emerged as an equally important issue, Reeder says. "As people want more convenience and are willing to accept greater levels of intrusion to get that convenience, we have to be able to let them choose that. At the same time, we need the option to preserve anonymity," he says.

"Our view of what we're willing to show to the world varies from individual to individual, and it's probably a moving target," he adds.

Social Requirement, Not a Skill

That target will continue to move, says Jones. Once the major opportunities for using IT to improve industrial and business processes have been exhausted, "the main driver for the adoption of an advanced technology will be the degree to which it satisfies the higher human needs," he says. "Technoliteracy will be a social requirement, not a job skill."

For example, Jones says, Short Message Service (SMS), a wireless messaging system allowing up to 160 characters, overnight became "integral to the social life of Finnish teens." Teens use SMS to stay in constant touch with their peers.

Within 10 years, "40 percent of adults and 75 percent of teens will have always-on, wearable computing and communications capabilities," says Jackie Fenn, another Gartner analyst. "Social constellations" - groups of colleagues, friends and family - will use IT to stay informed of one another's whereabouts and accessibility, she says. A built-in video camera, already developed as a prototype by San Francisco-based Levi Strauss & Co., will let others see what you see as you see it, engendering a kind of shared voyeurism, says Fenn.

Today, for the price of a Web camera (about US$99), hundreds of individuals offer an intimate view into their lives on the Web at

CitizenX participant and digital artist Steve Lareau is matter-of-fact about the webcam he says he's had trained on himself for "quite a few years. I just unplug it or turn the cam away if I need privacy."

Video monitoring is already so common as to be unremarkable, Jones says. "The average New Yorker is photo-graphed something like 23 times a day" by video cameras in stores, offices and public buildings or by traffic cameras on the street, he says.

"It's funny," Reeder says. "We resist the picture of society George Orwell painted in 1984, but there was not a huge hue and cry when cameras were mounted at stoplights."

The perceived benefit to the public - nabbing reckless drivers - offsets the intrusion, Reeder speculates. "Individuals have a history of giving up some rights to privacy in exchange for the benefits of being part of a society."

Researchers in London's Underground public transit system are saving lives by using video cameras and behavioral indicators to identify potential suicides, Jones says. "Researchers have found they tend to hang around the end of the platform for a while before they make their attempt," he says.

As beneficial as such projects may be, however, they're like a genie let out of the bottle. By analyzing surveillance tapes and correlating the information to a database of known characteristics of individuals, an insurance company might note that you're gaining weight, thereby increasing your risk of heart attack, and use that information to justify raising your rates, Jones says.

Even now, an insurance company, through mining of public records, can find out if one of its customers has bought a car, says Fenn. It then has a couple of options. The company can contact him, she says, "and say, ‘Hey, we see you just bought a new car and we'd like to offer you a good deal on insuring it' " - an approach the customer might well see as an invasion of his privacy. Or the insurer can send the customer a blind offer on a good deal insuring a car, she says. The response elicited might be more like, "Hey, isn't that a coincidence. I just bought a car, and here's this good deal on insurance for it." Good idea?

Bad idea, says Alan Neustadtl, a sociology professor at College Park, Md.-based University of Maryland who is studying the effects of the Internet on society. "I think ultimately, people want some kind of honesty," he says. "To deny you know and then have people find out you knew would be worse. Then you're a corporate voyeur."

It comes down to individual perceptions, says Reeder. "What constitutes an invasion of privacy to one person is a welcome convenience to another."

Tollbooths can read smart tags on a car and let it breeze through without stopping, but that "notionally give[s] the government the ability to track you anywhere you go," Reeder says.

"What's important here is choice," he says. Those who want the convenience can opt in; those who see it as an intrusion "simply don't get a smart tag."

The conventional concept of privacy - of simply making sure information isn't disclosed - is much too narrow, Reeder says. Privacy is also "about making sure information is properly authenticated. It's about protecting the accuracy of information even though it may be public, such as [on] a Web site," he says.

Under the terms of the Paperwork Elimination Act, federal agencies must put publicly available information online. Nationwide, states and municipalities are following suit.

"You can go online and find out what someone paid for their house, get property tax information, tax assessment information, see who signed on the loan - it's all public," Neustadl says. While such information historically has been public, locating it has been time-consuming.

"Where once the only people who looked at it were lawyers doing title searches, now it's immediately available to the merely curious," he says. "In some sense, nothing has changed. But that's in theory. Reality is different."

Public Perception at Issue

Agencies and enterprises must also address the public's perception of their ability to interact safely over the Internet, Reeder says.

In the late 1990s, the U.S. Social Security Administration (SSA) mounted a Web application that let people request a copy of their personal estimated benefits earning statement, which was then sent by conventional mail. "SSA wasn't doing any more online than you could already do with a postcard," Reeder says. "In fact, it could be said that the paper version had fewer safeguards." But the public perceived it differently and raised an outcry that shut down the application within a few days.

Concern over how an individual's online identity is used and who owns the data has continued to escalate, especially within the past year, says Arabella Hallawell, an analyst at Gartner.

"Every click from the consumer of [digital TV and interactive advertising] will bring a wealth of demographic data," Hallawell says. Broadcasters will be able to build databases that will be "a lucrative potential source of revenue." And "this will generate interest by regulatory bodies concerned with invasion of privacy" nationally and internationally, she says.

"The U.S. has strong regulations on personal data protection in the public sector but no comprehensive legislation for the private sector," Hallawell says. "As the international community begins to agree on privacy standards, the U.S.'s laissez-faire attitude on private-sector treatment of personal data looks isolationist."

Wireless and mobile services will raise new privacy issues internationally, Jones says. "What happens when you have a database on your [personal digital assistant], and you travel from one jurisdiction to another? Which rules will apply?"

Erroneous or inadvertent transmission of data or its storage location will also test privacy laws, he says.

But such legal, technological and societal issues surrounding privacy may ultimately prove transitory, Neustadtl says. How people view privacy "may not be so different from what existed 100 years ago," he says. For example, light telegraphy was used to send messages across France. "As a communication medium, it was very public in the sense that anyone could observe it, so there was always the potential to compromise the privacy of the message," says Neustadtl. "People are coming to understand the Internet as a communication medium is much the same."

A Matter Of Policy

Policies that govern how security is implemented will determine the future of privacy more than privacy laws or IT itself, say security vendors, analysts and private and federal watchdog agencies.

Organizations may seek to protect personal data, says Andrew Shen, an analyst at the Electronic Privacy Information Center in Washington, but "without the security, they can't guarantee privacy."

Among privacy-protecting technologies, encryption will lead, says Alan Paller, research director at the SANS Institute in Bethesda, Md. Encryption will be "built into the transmission system and hardware," he says.

And authentication will be crucial, says Clint Kreitner, president and CEO of the nonprofit Center for Internet Security (CIS) in Bethesda, Md. For good authentication, "you need to have something, and you need to know something," he says. Smart cards, which have microprocessors for data exchange and require passwords, may see wider use.

Not so with biometrics, says Paller, because an electronic fingerprint can be illegally captured during transmission and reused.

"Connecting any machine that has information assets exposes those assets to compromise, and there are not enough knowledgeable people to fix the holes. IT vendors ship products with a default of security measures open rather than closed," Kreitner says, because otherwise "most customers are not knowledgeable enough to implement the product without great amounts of support."

To plug that knowledge gap, the CIS is developing specific lists of operating system settings that constitute a baseline level of prudent security practices.

Release of the first set of free baseline security practices will be in early April, for Sun Microsystems Inc.'s Solaris operating system. Lawsuits will follow release of the CIS baseline practices, Paller says, that argue that "minimum security practices were well known, you didn't implement them, and your carelessness took down my company."

Security isn't so much a technology issue as it is "a process issue," says Shen. Even if you know how to implement security, "you can't simply put in new software and let it run," he says. "You have to make sure people are maintaining the system."

Business and legal managers should set security policies based on a collective social, political, legal and business view, says Yogesh Gupta, chief technology officer at Computer Associates International Inc. in Islandia, N.Y. But often they don't, and responsibility is thrust upon IT managers.