We've all seen the headlines: "Is anything safe in cyberspace?" "The network has eyes!" "Computer data rarely a private matter." Many of us are beginning to feel that the world predicted by George Orwell in his classic book 1984 has finally come upon us, just 14 years later than he thought. "Big Brother is Everywhere," Orwell wrote in 1949, echoing a theme that ran through many minds in the post-war world of the late 40s and early 50s.

Even cartoons of the era brought up the subject of surveillance and privacy. As Bugs Bunny said in the 1946 cartoon, Hair-Raising Hare, "Did ya ever have the feeling you was bein' ... watched? "

Nineteen eighty-four has come and gone, as has the monster in this cartoon (whose name is Gossamer). However, as computer technology becomes more powerful, less expensive, and more prevalent almost by the day, a growing number of people are concerned about the way that computers can be used to collect, store, and search for what could be considered "private" information. In a recent survey of World-Wide Web users, over 30 per cent of the respondents named privacy the most important issue facing the Internet, more than any other issue named.

Are these headlines true? Is anything safe in cyberspace? Do computers really make it easier for someone to gather sensitive data about you? Can seemingly innocent bits of information be gathered into a profile of you that exposes your most intimate secrets? Are your rights to privacy being violated? Can anything be done about it?

In my talk today, I want to address some of these issues. Let me emphasize before I start, however, that I don't pretend that I have all, or even many, of the answers to the questions. I'm not a lawyer nor a Constitutional scholar; I'm a teacher and a computer scientist - one of those who actually create the technologies that process information. However, I also have a humanist's interest in how that information can be ethically used; I don't think you can separate technology and its uses and still be socially responsible. My goal here is to clarify some of the questions raised by modern information processing technology, so that we all can talk about them, and perhaps find some answers.

Let's first consider the notion of a "right" to privacy. Many people think that this is one of the basic rights in American society, but you may be surprised to learn that the phrase "right to privacy" appears nowhere in the U.S. Constitution, the Declaration of Independence, or any of the other documents generally considered fundamental to the principles of this country. So where does this idea originate? It really has grown historically from a series of legal interpretations and decisions about the kinds of information about an individual that are, and are not, "private" and thus worthy of protection under the law.

Take, for example, the Fourth Amendment to the Constitution, which states:

That seems pretty clear - no one can legally enter your home and take things without a warrant, nor can they search your "papers or effects." Some might consider that a guarantee of privacy, but it doesn't really say anything about information about you!

Other people like to quote Louis Brandeis, a lawyer and privacy advocate who became a Justice of the Supreme Court. In 1890, Brandeis (with Samuel Warren) wrote an influential article for the Harvard Law Review arguing that privacy was somehow different from other rights and thus needed more protection. Later, during his tenure on the U.S. Supreme Court, Justice Brandeis's opinion in the case of Olmstead vs. U.S. in 1928 included this phrase: "The right to be left alone - the most comprehensive of rights, and the right most valued by a free people." While most of Brandeis's arguments were directed at newspapers, especially the gossip columns that were prevalent in those days, they were based on the general notion that important aspects of privacy were not sufficiently protected by slander or copyright laws, contracts, and property rights.

Even today, one can certainly make an argument that the "right to be left alone" constitutes a definition of privacy, one upheld by the highest court in the land. However, being "left alone" can also be strictly interpreted as not being intruded upon, in the same sense as in the Fourth Amendment. It doesn't really apply to someone taking information about you - particularly public, or at least legally available information - and using it for purposes that you do not know about and do not condone. While the gathering of "private" information might be prohibited under some interpretations of this opinion - that is, one could agree with Brandeis that it is an invasion of privacy to ask about personal beliefs, lifestyles, etc. - it's not likely that the same argument can be used to prohibit the collection and usage of information that is already freely available through a number of means.

This distinction - between public information and private information - is important, because most traditional notions of privacy are based on where the line is drawn between them. Our names, addresses, and (unless unlisted) phone numbers are public information, but our credit card numbers are not. Our job titles (and for some of us, our salaries) are public information, but our driving records are not. The list goes on.

Unfortunately, the use of computer technology to store, locate, and search information presents a serious challenge to our traditional notions about privacy. Much information that we have thought of as "private" has really just been protected by inconvenience - the time (and money) it would take to collect information such as previous addresses, purchases, job histories, and so on has kept people from doing so. Unfortunately, computers are making access to information faster and easier, and many people are concerned about the effects of this access on their privacy.

Consider, again, names, addresses, and telephone numbers. Although this is classically public information available through a telephone directory, it's not very convenient to find someone's address if you don't know where he or she lives. However, through the Internet, you can find a listing - by name - for almost anyone, anywhere in the country, as long as they have a published telephone number. (One consequence of this is that you can't just "move away" from one place and get privacy from previous friends, or perhaps those who aren't so friendly, such as former spouses.)

Perhaps more worrisome are situations in which sensitive information stored on computers can be accessed without authorization. We all have heard, I presume, stories of "hackers" who broke into computers over the network and viewed financial or medical information. This does happen on occasion, although probably not as often as the media would like to make us all believe. However, there are other invasions of privacy foisted on us by people who think that easily accessible information is equivalent to publicly accessible information. Like many other newspaper readers, I was appalled by the "Dear Abby" column a year or so ago, in which a woman in Los Angeles complained about a "friend" who was a police dispatcher and had looked up her driving record in the police data base, just for fun!

We have some security in knowing that there are laws against misusing this kind of information - but it is still being collected all the time. With the new technologies in computers - databases, networks, high-speed processing - now available, collecting publicly available information has become much easier, while the information itself has become more valuable! Although we know that much of our personal "data" is public information, we're comfortable in knowing that very few people are so interested in information about us as to actually look it up.

However, many organizations go to great lengths to collect even the most innocent information, because it can pay off, and pay off big. A service now exists that allows people with a valid driver's license in Texas to get access to both the driver's license and license plate files of that state, for only a $25 fee! (This service operates out of the Caribbean island of Anguilla, and is trying to expand its market to other states.) Although this information is officially public, it has traditionally been accessible to only those persistent enough to track it down -- but no longer!

The heart of this problem is that information is no longer one-dimensional: that is, seemingly innocent information that has been collected for a legitimate purpose can be used in many other ways, such as to provide insights into behavior or preferences that might otherwise be thought of as personal or private. One way in which this is done is through data mining - the use of computer technology to search through large amounts of data and collate small details into a general profile. When used as aggregate data - that is, as a profile of a group or a trend - such data can be valuable for political analysts, marketers, anyone who needs to know "what the nation is thinking." But it is a serious invasion of privacy when applied to individuals, even if the information being mined is "public." (Suppose that someone could collect a list of all the purchases you've made in the last three months. What would that say about you or your family? Is anyone sick? Are they on a diet? Do they read? What do they read? Do they exercise, ski, travel East, travel West, own pets, contribute to political causes? You get the idea.)

In my opinion, the real issue here is an ethical one - the ethics of information, as stated in my title for this talk. Clearly, computer technology has greatly enhanced our ability to store and analyze information, but as a consequence, information is no longer protected by age or inconvenience. The personal vs. public distinction about information simply no longer applies. Instead, we have to consider how information that has been gathered can be used, and to what level it can be used without our explicit consent. There is an urgent need for an "ethics of information" - rules or codes of conduct to which those involved with the collection, storage, and use of information should adhere. Obviously, this applies to people like me who develop computer systems (or teach students how to do it, at least), but it also applies to big companies who use computers for market research, casual users who "surf" the Internet looking for information, even the U.S. government, which is probably the biggest holder of information about its citizens.

To explain what I mean, let's take a look at several examples of the use (or abuse) of information today. In general, these uses have been upheld in court, approved by regulatory agencies, or are common practice:

• At most schools and universities, the Fair Educational Recording and Practices Act (also known as the Buckley Amendment) prohibits making public any student's academic record without his/her explicit permission. Yet every school publishes its honor roll or Dean's List of high academic achievement in the newspaper.
• Most credit records and financial information are protected by a "private" bit of information, usually one's mother's maiden name. However, with the growing interest in genealogy, and the existence of over 17,000 Web sites relating to ancestry on the Internet, it is becoming increasingly easy to find a person's family tree. (Admittedly, one has to have researched this information and made it available, and anyone searching for a randomly chosen name would have to be both persistent and lucky. I tried for a half hour to see if I could find my mother's maiden name on the Net and gave up - but if fraud were the motive, and the searcher more accustomed to working with genealogical systems, the result might be different. One could also imagine an enterprising person posing as a relative and sending innocent-appearing inquiries to a possible victim about family history in general, and his/her mother's family in particular.)
• Almost anyone who has ever had a credit card or ordered something from a catalog (and when you live in Wyoming, you need catalogs!) has probably had their name and address sold as part of a mailing list to other card issuers, direct marketers, charities, and so on. While it is possible to have yourself removed from those mailing lists, it's a somewhat onerous process, and it's difficult to choose whom you wish to continue to hear from without the whole process starting over again.
• We like to think that our personal conversations are private, but many employers (including mine) explicitly state that they reserve the right to monitor all telephone calls, e-mail, and World-Wide Web browsing! After all, they supply the equipment for business purposes and have the obligation to ensure that it is used for those purposes. Furthermore, many employers are worried about security or liability with regard to electronic communications originating from their equipment, and so feel they need some control over what is "said" using these media.

There's something deeply disturbing about these activities; while they are legal, many people don't like the idea that such things can be done. Computer users (and that includes almost all of us) are becoming very concerned about protecting their electronic privacy. Certainly there is an increased sense of awareness and activism on this subject today, and many controversial proposals for the use of information have been subject to open debate.

For example, law enforcement agencies are particularly concerned over mechanisms that can protect information stored or communicated using computers. They argue that if computers and the Internet were completely private, they would be unable to track criminals such as drug dealers or terrorists using the Net to communicate. Privacy advocates, on the other hand, argue that existing laws are sufficient to prosecute such criminals, and the actions of law enforcement officials will do more harm than good for the average computer user. The controversy over this issue has been widely publicized, both on the Internet and through print and broadcast media as well. I think such public debate is healthy; it assures that a broad segment of the public is informed about technology issues (in fact, technology helps to spread the information!), and it often can result in the "right thing" being done.

Consider the case of the "Pretty Good Privacy" encryption software, which allows someone sending messages between computers over a network to scramble the messages so that they cannot be read without a key supplied by the sender. The big controversy here was that the author of the program wanted to make it available to anyone, for free, over the Internet. The government, for security reasons, bans exporting of encryption schemes as part of its ban on exporting military technology, and so filed charges against the author. There was strong opposition to the government's charges, mainly from users of the program, who argued that there was no intent to subvert the government in making this software freely available. The government's investigation was eventually dropped, primarily due to arguments relating to free speech, and the author has been allowed to make the software available.

However, efforts to control encryption continue, as in recent legislation in Congress on "key escrow." Leading authorities, including the chief of the FBI, claim that computer "wiretapping" is needed to gather evidence in cases where e-mail or other computer communication was being used for illegal activities. Just intercepting a message is not enough (as it is in telephone wiretapping, which has been legal since 1968), since a message can be encrypted, using PGP or a similar program. Decrypting an encrypted message requires knowing both the encryption scheme and the key used, so the only way that government officials could assure that they can decrypt a message sent by a suspected criminal is to know the key used. The law under consideration would require all computer users to place their encryption key in "escrow" for the government to use (with proper authorization) when illegal activity was suspected. Many computer users feel such a law would give the authorities too much access to private communication, even if it requires a court order for access, since it dictates what schemes must be used and giving up the key that protects an individual's privacy.

There have been other recent cases, unrelated to law enforcement, where concerns over privacy have caused major public response. One was a program made available by the Lexis/Nexis organization, which is primarily known for its legal information database and for verifying answers on Jeopardy. According to stories that appeared in the media all over the country as well as on the Internet, this program (Ptrak) was advertised as providing access to the names and up to three addresses for over 300 million people in the US, along with their social security numbers and their mother's maiden names, all for only $125 per month to Lexis/Nexis subscribers! A widespread public response ensued about privacy and fraud, and e-mail messages covered the Internet about how to get removed from the database.

After the outcry, Lexis/Nexis removed the social security numbers feature from the service, although subscribers will still allowed to search for other personal information. All that was visible were names, current and previous addresses, and telephone numbers - in other words, what you could get from a phone book - along with marketing information that could be searched for people with particular interests, but not viewed by the general user.

While many companies who market information will remove consumers from databases that they resell to the general public, a person must request explicitly to be removed. However, such information is available in a variety of other ways, especially through national and state government files. About a year ago, the Social Security Administration announced development of an experimental on-line database, accessible through the Internet, that provided access to the employment and financial history of over 140 million Americans. While intended to be a service to those planning for retirement, in reality you could find out where a person had worked and how much they made, at any job, anywhere, if you knew enough personal information about them, such as their full name, address, and mother's maiden name. The SSA claims they set this up for customer service and that it is secure, but concerns over possible fraud forced them to close it down after only a week. (Interestingly enough, however, the same information is available through the mail with no more authentication than on the Internet, except a signature is required!)

There have been some attempts made to deal with these problems by law, but legal response to concerns about privacy is always going to be reactive rather than proactive. This is not necessarily bad, since laws should only be enacted after careful and reasoned study of the problem, and not in quick response to half-formed fears or misconceptions about the quantity and kinds of information available.

However, the legal process points out more strongly than ever the need for an ethics of information usage. For example, it IS illegal to break into federally operated computers, or to use authorized access to those computers, to obtain personal information about U.S. citizens. However, there is as yet no such law regarding privately owned systems. This is a matter of concern, particularly when one considers the incredible value of information to today's commercial enterprises!

There was a book back in the 1950s by Vance Packard called The Hidden Persuaders, which shocked many people with stories of how manufacturers preyed on the psyches of consumers to get them buy products through almost subliminal manipulation. (While some of the worst of these practices have stopped, many of them still exist today. Have you ever wondered why the sugary, superhero-endorsed cereals are on the bottom shelves in the grocery store? So children will see them! Do you know how much money a company will pay to get its soft drink into the hands of a character in a movie, with the brand name prominently displayed on the big screen? Lots - so you will think, "Hey, HE drinks Fizzy Cola and he's really cool.")

Imagine now, if you will, the power of interactive advertising, as provided by computers and the Internet. Not only can manufacturers show you glitzy pictures of their products, but they can make them into a game that draws you into a world where the product becomes the basis for a virtual reality. Many companies now maintain Web pages aimed specifically at children, with glitzy graphics and registrations for promotion, and even birthday messages. What a great way to build product loyalty!

I don't want to concentrate on children's advertising here, although with the computer literacy rate among children today growing higher every year, it's clearly a real gold mine. There are other uses of information that could be potentially valuable to someone, even though these uses are marginally legal. Suppose, for example, that someone intuited from my participation in a chat group or from my Web browsing that I, or one of my relatives, had suffered from cancer. Although that kind of information is supposed to be confidential, I think we have seen that it may not be. Someone with that kind of information could use it to cajole money from me in any number of ways, from requesting donations to cancer research to proposing quack cures in a South American medical clinic.

A related issue is that of Internet "cookies." A cookie is a mechanism that allows a Web site to record your comings and goings and information about the computer you are using to access the site. Cookies collect information as a user travels around the Web and feeds the information back to a Web server. A Web site sends a cookie to the user's computer, where it serves as a digital tag that notifies the site each time the user enters. The information can be used, for example, to automatically supply a password for a subscription-only site, since it knows "who you are" when you log in to the site. It can also be used to collect information about an online shopper's preferences so that other electronic marketers can target their offerings to that individual!

Both Netscape and Internet Explorer support cookies, which makes their use almost universal over the Web. This makes many people uneasy, because there is no real control over how cookies are used by the servers that collect them. However, the most recent versions of these browsers also allow users (who know about it) to define various levels of access for cookies and limit their availability to other sites (which is similar to asking a company not to sell its mailing list to other companies).

Given situations like these, and with new technology developing almost as I speak, I don't know that we can depend on laws -- existing or new -- to decide what information privacy really means, particularly in the face of the conflict between personal privacy and free enterprise and economic growth. The real question remains, therefore, can we develop an ethical theory of information usage? To do so, the limits for collecting and searching for information must be defined, and the rules for using information must be set down and followed.

This is not easy! Many visionaries see information as the medium of commerce in the future, so it is clear that we need to find ways to protect it. Unfortunately, we can't hide it under the mattress, so new ways have to be sought out. Security technologies are one approach - making information stored on computers less accessible without permission will help ensure that private information such as medical or financial records are not publicized. But these do not deal with everyday information - that which has, in the past, been protected simply by the fact that it wasn't widely accessible. Computer technology has changed all that, so we must develop the ethical codes for the use of computers to manage and manipulate information fairly and honestly.

One might be tempted to view information as property, and use property rights as the basis for an ethical theory about information. However, many of our notions about "private property" are based on archaic laws regarding material possessions, especially land. Although information does have value, both personal and economic, it's hard to see information as a fortification. You can't draw boundaries around it, and it's difficult to see where "private" space ends and "public" space begins in cyberspace. This is particularly true when we are dealing with information that is public, but protected by inconvenience, as is most behavior on "private" property. As Brandeis argued, there are some things about privacy that are different, and can't be protected purely by property law.

One can base an ethics of information -- again, a code for its use -- on the ideas of fair use and consent. To some degree, many professional organizations in this country and elsewhere are developing guidelines for the "fair and honest" use of information. Most of these use the concept of "informed consent." In other words, the guidelines suggest that a person should be able to find out what data is available about him or her and how it is to be used, and that consent should be obtained before using information for any other purpose than the one for which the data was originally collected.

Many companies and even government agencies (such as the driver's license division of the Wyoming Department of Transportation) now inform you if the information they have about you can be made available to others, and allow you to opt out of this dissemination if you so choose. Unfortunately, with the growing use of computer technology, it is difficult for the average person to keep up with all the places where information about him or her can be stored! Can we really be informed about all the ways in which our personal data is used? Can we really opt out of any use we feel uncomfortable about? What guarantees do we have that we are getting the full story on how our information is going to be used, even if we can understand it?

It seems to me that informed consent has its place, but we cannot rely entirely on the individual to decide where and how personal information can or should be used. We really need ethical guidelines for all users of information to use as a touchstone for judging how to deal with information that can be collected stored, and used. These guidelines should include (as stated in the Association for Computing Machinery's code of ethics) ensuring the accuracy of data, protecting it from unauthorized or accidental access, collecting only the necessary amount of information, using it only for the intended purpose, and treating it with confidentiality. At this time, adherence to such codes are only voluntary, but I hope to see the day where ethical violations in computer technology can be handled in the same way that they currently are in the medical, legal, and other fields where "doing the right thing" is a necessary part of being a professional.

However, the issues are far from resolved in my mind, as well as in anyone else's! There are many sticky problems that are left to examine. For example, consider these problems:

• What constitutes the "fair use" of medical information? I used to work for an organization - a branch of the medical school at the University where I did my graduate study - that collected information about cancer patients for the National Cancer Institute. While we went to great lengths to keep individual identities and conditions private, there was still a lot of information that could be used in the aggregate about regions in the study area. For example, we were one of the first places to make the connection between radon gas levels and higher cancer incidences. Now, suppose a health insurance company made a similar discovery. Is it fair for them to raise rates, or even deny coverage, to individuals who live, or had ever lived in a particular region just because of the risk? We know this happens in automobile insurance - why not people?
• How much privacy do you give up when you make information about yourself public? It has long been held that "public" figures are subject to a higher degree of scrutiny than the rest of us. However, with the advent of the Internet, everyone has the ability to be a public figure, in that their message can be distributed to thousands of people throughout the world, and you don't have to own a newspaper or TV station. If you participate in the technology (by having a Web site or by using a chat room, for example) do you give up the privacy you would have in your living room with friends or on the phone with your parents or children?
• What about the dissemination of malicious untruths on computer networks? Former White House aide Sidney Blumenthal and his wife recently threatened America OnLine with a $30 million lawsuit over a story, published on the Internet in "The Drudge Report," that he had a history of spousal abuse. The offending site eventually dropped the story and AOL apologized to the Blumenthals, but the questions of libel and slander in cyberspace are far from resolved. (Perhaps we haven't come so far from Justice Brandeis's gossip columnists after all ...)
• How will using computers to disseminate information affect copyright law, which is a form of corporate "privacy"? The purpose of copyrights is to protect the property of the creator (or owner) of a creative work, yet the use of computers to store information in the form of books, music, pictures, even spoken words has created quite a stir among libraries and publishers. When you can download a copy of an on-line book over the Internet, how are an author and his/her publisher going to get their royalties (and to be fair, if they don't get royalties, why should they publish anything)? How will computer technology affect the "fair use" doctrines already in place?
• Finally, with the growth of the Internet, and its ability to send images and information almost anywhere in the world, we have to ask where the line can be drawn between public and private information today. Just because information about us is present in the public domain doesn't mean that we agree to have it distributed all over the world. "Spy cameras" -- digital cameras in public places that make their images available on the Internet -- are becoming very popular. There's a camera outside a bar on Bourbon Street in New Orleans that broadcasts pictures every four minutes of the people entering, leaving, or just walking by. ("Hey -- I thought Fred and Ethel were in Cleveland!") Perhaps others, desensitized by the many "reality" and video surveillance shows on TV, would argue that this is no different that if someone were standing on that same street corner and watching, but I don't like the idea of my comings and goings being broadcast without my permission.

Anyway -- I hope it's become clear from this talk that, although I have thought a lot about how computer technology has changed the ways we view "public" vs. "private" information, I'm still searching for solutions to what I and others see as a significant problem. This is going to take a long time, but I hope that by getting people like you -- thinkers, historians, humanists -- involved in the debate, we can together find ways to develop this ethics of information that works for everyone.

http://www.eff.org This is the home page of the Electronic Frontier Foundation, a non-profit civil liberties organization working in the public interest to protect privacy, free expression, and access to public resources and information online, as well as to promote responsibility in new media. One of the links on the page is to the "Online Privacy Campaign."

http://www.cdt.org/ This is the home page of the Center for Democracy and Technology, a non-profit public interest organization whose mission is to develop and advocate public policies that advance constitutional civil liberties and democratic values in new computer and communications technologies. It includes a rather striking demonstration of how a World-Wide Web site can collect information about its visitors without their knowledge.

http://www.senate.gov/~leahy/features.htm This is a page for Senator Patrick J. Leahy of Vermont. It contains remarks by the Senator on the National Information Infrastructure Protection Act, which deals with obtaining private information from government files, recent amendments to the 1966 Freedom of Information Act, and U.S. policy on exporting encryption technology.

http://epic.org/privacy This page, an archive for the Electronic Privacy Information Center, contains definitions of privacy-related terms, links to pages with summaries of speeches or papers on privacy issues, and resources for tracking activities affecting privacy in its many forms.

http://www.privacy.org/pi/info.html This page contains information about Privacy International, a world-wide group focused on data privacy and its relationship to human rights.

http://www.privacy.org/ipc This page (on the same server) describes the International Privacy Coalition, whose goals are promoting privacy and security through making encryption technology available.

http://www.cpsr.org/dox/program/privacy/privacy.html Computer Professionals for Social Responsibility is a public-interest alliance of computer scientists and others interested in the impact of computer technology on society. This is their page on privacy issues, which includes a link to CPSR's electronic privacy guidelines for service providers, Web page owners and developers, and government agencies.