Back to Lesson Index
Lesson 15 - Privacy 3:
Informational Privacy on the Net
Consider 4 more cases:
- On a local university network, users can read USENET news stories - stories posted on the USENET bulletin boards by users from across the world. The stories range from discussions of technical material about computer operating systems, to highly controversial political discussions, or to discussions about sexuality. Imagine now that network users can use a simple command to list all other users logged onto the system at that time, as well as what those users are doing. If the users are reading news stories from the USENET new server, then the command will report to the users what news stories they are reading.
- An activist group is angry about pornography on the net. It decides to attack the problem in a somewhat unique way. It opens up an erotic web site, and then as individuals access the web site, the group collects the information about who accessed the site. On a separate web site the group then publishes a list: "Known consumers of pornography" and then lists the information it has about people who have accessed its site. Or imagine the same case, with slightly different facts: Imagine the activist group is an anti-gay activist group, and it puts up a web site on resources for gay and lesbians, and then publishes the lists of who accesses the site. Or an anti-abortion group, that publishes information about access to abortion clinics.
- Some World Wide Web browsers collect a list of the web sites that you have accessed. This list is kept on your machine. When you access a web site, the software makes it possible for the web site to read the list of web sites that you have previously accessed. Imagine that a web site has implemented a procedure to read your list of web sites, and then decides whether to admit you based on what other places you've been. (In a sense, the system is discriminating in granting access, but what is important for our purposes is that it is making that discrimination by accessing "your" information about where you have been.) For example, if it determines that you don't frequent sufficiently "posh" places, it bumps you; or if it surmises from your list that you are a Republican, it bumps you.
- As we explained in case (1), USENET is a cooperative that distributes messages in the form of discussion threads, on wide range of topics, to millions of people across the world. People can participate in these discussions, simply by replying to a particular message. This reply then gets published across the world, with the email address of the person replying to the message attached to the reply. Ordinarily, these messages disappear after a few weeks on the net. But imagine a company starts collecting these messages, and begins organizing them in a data bank. This company then makes it possible for anyone, through the Web, to search the database of USENET messages, for a particular word, or phrase, or for the name of a particular user. This search then collects all messages that have that word, or phrase, or name, and displays the list of messages, along with their senders. The user of this service can then click on the name of the senders, and get a profile of all the messages that person has sent. For example the user can discover that the sender of a particular messages has regularly contributed to a discussion of leftist politics, or a pro-life discussion group, and then access all of the messages this sender has sent to these groups.
All four of these cases raise no legal problem at all, given the present state of United States law. Examples (1), (3) and (4) already exist. (Netscape would support a function like example (3); for example (4), check out http://www.dejanews.com); we don't know of an example of case (2), but there is nothing in the law to stop it. Again, as we indicated in our last message, the law does very little to protect individuals against the use of data that they make available to others. Each of these 4 cases is just an example of this same point.
It is not hard to understand why the law has been so unprotective. For the most part, historically, it has been relatively difficult to get access to data like this. Perhaps one could hire a spy to follow an individual around and collect information about his habits, or purchases - no doubt some people did. But for the most part, people didn't pay much attention, since it was very costly to pay attention. The dramatic change in data technology has changed this. Now it is quite easy to collect a vast amount of data about individuals. More importantly, now it is quite profitable to collect such data. Cyberspace will only make this more so. We are living in a time when the law has not caught up with the technology. While the inefficiency of technology provided some sort of protection before, now nothing - neither law nor inefficiency - protects us today.
Do we want protection? Not clear. There are interests that pull the other way: Some have argued that there is a first amendment right to report to others true facts they have found out about you. Others have argued that this information would be a real gain to the efficiency of the market: Imagine, for example, advertising that was perfectly targeted to those, and only those, who would be likely to buy a particular product.
authors:
| Larry Lessig | David Post | Eugene Volokh |
Back to Lesson Index
Copyright © 1999 Social Science Electronic Publishing, Inc. All Rights
Reserved