Privacy and Videotex Systems Two-way services bring with them the potential for abuse by Richard M. Neustadt and M. Anne Swanson Midway through George Orwell's 1984, the hero meets an old man and asks him how Big Brother" got started. Things began to go wro.18, the old man answered, when some one invented two-way television Advances in telecommunications promise to bring all sorts of conveniences to our doorsteps. We'll be shopping banking and working from home. We'll have computercontrolled electronic mail, burglar and fire alarms, and medical alerts, among other things. But along with this array of new services and products comes a potential for abuse. The possible threat to privacy that home video and computing services pose is beginning to worry some people. The growth of nationwide videotex systems, whether they operate over cable TV or telephone lines, presents two major causes for concern. First, companies that sell electronic information or provide transactional services such as home banking and shopping will be able to compile dossiers on their subscribers. This information could be misused. Second, the proliferation of electronic transfer of information raises new questions about wiretapping. Data Collection and Disclosure The current debate focuses on the collection and possible misuse of subscriber records. Most companies that provide videotex services generate files on subscriber behavior as a mat180 WBYTE Parsons le ter of course. For instance, if the Most companies that provide videotex services generate files on subscriber behavior as a matter of course. Of course, similar records have always been collected by banks, hospitals, insurance companies, and other institutions. But with videotex systems, more records are being collected in one place. Moreover, computer files are easier to obtain than original documents. The concern about collection of records leads to another issue: the possible disclosure of private information on consumer behavior. System operators may want to sell this data to retailers, pollsters, direct mailers, or credit investigators. Such information is commercially valuable, as indicated by the similar active market in magazine subscription 1983 Byte July lists. The action of a theater owner in Columbus, Ohio-where WarnerAinex runs its interactive Qube service-is an example of data disclosure. The owner of the theater subpoenaed lists of people who had watched "adult" movies on cable TV in order to defend himself against obscenity charges for screening those movies in his theater. Protecting Privacy Without a law or service contract to the contrary, company records belong to the company that collects them, not to the subscriber. The United States Supreme Court established this principle in 1976 when it held that a consumer had no constitutionally protected interest in his bank records that would enable him to challenge their release to government officials. In the last two years, however, a movemen' has taken wing to legislate protections for those records. California, Illinois, and Wisconsin have passed privacy laws, six other states are seriously considering such measures, and the U.S Congress may well pass a privacy law next year. While most of these bills are aimed at cable TV, the Illinois law and several of the proposed bills also cover twoway services provided over telephone lines. In addition, most cable TV franchises issued in recent years include privacy rules. V.. 8. Interception In the case of interactive systems, several kinds of interception are possible. An eavesdropper-or a lawenforcement agent-could put a physical tap on a telephone line or dial into a central computer that transmits messages and keeps records. A cable subscriber could use special equipment to listen on his cable and pick up signals addressed to or transmitted by other subscribers. Federal law provides criminal sanctions against unauthorized interception of wire communications and regulates legal wiretapping by lawenforcement authorities. The law allows government agencies to wiretap, but only with a court order-which the courts are to grant sparingly-or, if national security is at issue, pursuant to an order from the Attorney General, Unfortunately, the drafters of this law-who worked on it almost 15 years ago did not anticipate advances in technology, and the law now has two large loopholes. First, the law covers only "aural interception," so it does not seem to apply to eavesdropping on data and text transmissions, such as electronic mail. Second, the law defines "wire communications" as transmission provided by common carriers such as the telephone company-probably omitting most cable services. Legislation pending in Congress addresses both problems. Senate Rill 66 forbids any private person or government body from intercepting any broadband communication unless authorized to do so by the system operator, program originator, or federal law. (The provision does not specify whether law-enforcement investigators would use a regular search warrant or would have to meet the wiretapping law's strict standard to get court permission for nonaural interception.) This same proposal defines cable transmission as "wire communications" so as to include them within the law's scope. It is too early to tell whether the privacy legislation pending in Congress will become law. If it does, it would preempt similar state regula tion and would provide a unified substitute for the hodgepodge of dif ferent state and local rules. Although the federal proposal is currently part of a bill that focuses on cable systems, it is drafted broadly enough so that its provisions could be interpreted to include telephone-based services as well. In the meantime, industry attempts at self-regulation on the privacy issue will increase. Most system operators are anxious not to scare their subscribers-it's hard enough to sell a new product without introducing fear into the equation. As a result, the Orwellian scenario may remain more fiction than fact. About the Authors Richard 1. Neustadt is a partner in the im firm of Wiley Johnson and Rein (1776 K SL NW, Washington, DC 20006). His really published book The Birth of Electronal Publishing nowledge Industry Publication 192), touches upon privacy and interaction video services. M. Anne Swanson in associate with Wiley, Johnson and Rein. The Freedom of Information and Privacy Acts do not apply to the legislative branch, but some members of Congress may find their privacy diminished because of a court decision involving an anomaly on Capitol Hill. There is in the Capitol an attending physician to tend to the aches and pains of members and staff. This is a Congressional office, but the physician's office gets its pharmaceutical drugs from the National Naval Medical Center, part of the executive branch. The current Congressional physician is a Navy admiral. A persistent journalist named Irwin Arieff has requested under the Freedom of Information Act the list of prescription drugs that have been supplied by the Navy to members of Congress and Supreme Court justices over a six-year period. Arieff agreed that the Navy could delete any information that would possibly reveal particular individuals for whom a drug had been prescribed. The Navy refused his request, saying that even from cumulative information it would be possible to figure out what drugs were prescribed for particular individuals or at least for particular ailments. The Court of Appeals for the District of Columbia, in a unanimous decision this summer, ruled that this "mere possibility" could not prevent the disclosure of the information Arieff is seeking. The court agreed with the journalist that the public has an interest in knowing the quantities of medicine dispensed without charge to Senators, Representatives, and others, as well as whether members are receiving drugs found to be uneffective by the Food and Drug Administration. Judge Antonin Scalia, a former University of Chicago law professor and Assistant Attorney General who is an expert in the Freedom of Information Act, found "justifiable concern" that some members of Congress will be victims of unfair speculation, but said he had no choice but to order the release of information unless there was an actual, not possible, invasion of privacy. Arieff v. Department of the Navy, 82-1536 (D.C. Cir. July 22, 1983). The Department of Justice Civil Division routinely planned to ask the Court of Appeals for a rehearing, but this month asked the court for a 30-day extension in submitting its petition for rehearing "because a number of members of Congress have expressed concern" about the matter. In fact, according to the attorney handling the appeal, the concern came from the counsel for the Senate, a staff member. Michael Davidson, the counsel, told PRIVACY JOURNAL that there had been no special concern raised since the court decision but that when the litigation began, the Secretary of the Senate and the Clerk of the House, both staffers, stated their concern to the Navy and asked the Navy to protect the interests of Congressional staff and members. Copyright © 1983 Robert Ellis Smith 1SSN 0145-7659 Now for your protection A Computerized Prescription System at Giant Pharmacies Giant's new computerized prescription system has many benefits for you and your family. ● Once you provide the information, Giant Pharmacists have your medical and drug history at their fingertips. The system warns of harmful effects a prescribed medication will have due to allergies or a medical condition. The system warns of harmful combinations of drugs. The system can provide you with a complete record for insurance and tax purposes. Available at all Washington Area Pharmacies Odonne Mathews Consumer Advisor to Gant Food "Please take a moment to fill out a registration ... at no extra dred method to probe similiarities among more than 70 organizations on the basis of shared "issue interests" in health-related areas like Medicare and abortion. The resulting computer diagram lumps the Environmental Defense Fund with the American College of Cardiology and Merck & Company in a location far removed from major labor organizations like the United Auto Workers and the A.F.L.-C.I.O. One need not be a lobbyist or P.A.C. specialist to sense some of the political electricity of this placement, or possible action implications. But what defense does an organization or employee have against the possible misuse of block modeling or sister methods. One should not look to Congress to pass a law. Waiting for legislation is like waiting for Godot. One should also not expect easy recourse through the traditional civil lawsuit. In fact, the law has yet to define limits to the block modeling enterprise and little legal fault can currently be found with most of the means of gathering the needed information for its use. Still, protective rules need to be fashioned, even if they must sometimes fit in the nooks and crannies of legal categories-a new clause in a union contract for example. In most situtations, an employee should at least be notified if he is the subject of something like a block model analysis by his employer. If you are an unsuspecting victim, there is no way to defend yourself. Then, focusing on rules for employee protection, a range of unique problems must be dealt with. For example, the thrust of early computer-oriented privacy legislation from the 70's was giving people the right to examine information in their own "files." The privacy gains were genuine, but from a standpoint of block modeling, they are largerly irrevelent. That is because block modeling classifies people on the basis of where they fit in a far larger web of relationships. Therefore, one has to be concerned with many more "files" than just one's ownsome belonging to people one has no direct connections with. One is thus vulnerable to all the problems of these third parties, including inaccuracies in their files. But if the third parties' privacy rights are to be respected, much of this relevant information must remain inviolate. Thus, individuals being classified through a block model or similar method need to be given a carefully calibrated set of rights to information in order to interpret their assigned positions and repond accordingly. This information should at least include some basic knowledge about the data base, including the scope of the population being modeled as well as what specific types of data have been, or will be, included. Such data gives a crucial basis for understanding one's recourse. For example, if the block model put you in an unfavorable category, and used such data as whom you bowled with or went to parties with, this use of non-job related information could be attacked as gratuitous. One might contemplate giving an employee access to the full data base stripped of personal identifying information except his own location in it. However, the wide availability of precisely such tools as block modeling makes recovery of identities from even such apparently "stripped" files a real privacy risk. Still, one may disclose the structural role of the different blocs without dipping down to a level of individual identities. This last type of information, combined with a specific right to know your individual bloc location, can be enough to give a respectable road map for defense against the worst implications of guilt by association. Very importantly, effective ways also need to be developed to permit members of the same block to get together to mount a common defense. In contract to abuses like "redlining" or race, sex, or age discrimination, the new technologies frequently pick out less than obvious groups whose members may easily fail to recognize they are being targeted in common. Currently, technical progress in block modeling is making it possible to conduct an aggressive defense by showing that in some cases there is an equally good block model leading to very different classifications. In other words, there's more than one way to structure the given data-so that one block model might, for example, stress conflicting factions while a second identifies options for negotiation or cooperation. Thus, responsible users of block modeling methods should also be prepared to disclose major alternative ways of organizing the data. In the meantime, possibly the most important 1984 New Year's resolution is to remember that each time you pick up the telephone or send electronic mail in your office, you may be adding to somebody's computer data base-and computers never forget. |