CDT's data privacy page

Statement of the

Center for Democracy and Technology

Jerry Berman
Janlori Goldman
Daniel J. Weitzner
Deirdre K. Mulligan

before the

Federal Trade Commission
Workshop on Consumer Privacy on the
Global Information Infrastructure

June 4-5, 1996


Executive Summary

I. Privacy in the Digital Age

II. The Empowered User: Implementing Privacy Policy in the Digital Age III. Technologies of Privacy IV. Protecting Children's Privacy Online V. European Union Data Protection Directive Conclusion


Executive Summary

The Center for Democracy and Technology believes that interactive communications media such as the Internet hold great potential for enhancing democratic values and supporting the full realization of individual freedoms. Policies that support and encourage the development of technologies that give individuals control over the ideas and beliefs to which they are exposed, and the collection, use and disclosure of their personal information, will lay the foundation for a robust, thriving democracy in the Digital Age.

While optimistic about the privacy enhancing potential of the Digital Age, we believe that the core privacy principles of notice and individual control over personal information must inform the design of the information infrastructure if this potential is to be fully realized. We have a window of opportunity -- offering the chance to put privacy-enhancing technologies into the hands of individuals. To realize this promise, all members of the Internet community must come together to build an infrastructure that supports privacy policies and applications.

Our testimony offers a vision of an individual with the information and tools to make decisions about the collection, use and disclosure of personal information during each and every transaction on the Internet.

Section I sets the stage for a discussion of the Individual Empowerment solution by providing an overview of privacy considerations in the Digital Age. Sections II and III outline our Individual Empowerment model and offer a number of models for its implementation. Section IV examines the application of Individual Empowerment solutions to protecting children's privacy. Finally, Section V explores the potential of the Individual Empowerment model to move the Internet towards compliance with the EU Directive.

The Center for Democracy and Technology (CDT) is dedicated to preserving and enhancing democratic values and civil liberties on the Internet and other interactive communications media. CDT pursues its mission through public education, grass roots organizing, litigation, and coalition building. CDT is a non-profit, public interest organization (501 (c)(3)).

I. Privacy in the Digital Age

At its core, the Digital Age represents a dramatic shift in computing and communication power. The decentralized, open nature of the network coupled, with an emphasis on user control over information, are central to achieving the First Amendment potential of the Internet. Through interactive technology, individuals today can enjoy a here-to-fore unknown ability to exercise First Amendment freedoms. Access to the Internet empowers individuals with an enormous capacity to speak and be heard, and listen and learn. The development of filtering and blocking devices that empower individuals to control the inflow of information gives new meaning to the core First Amendment principle that individuals should determine the ideas and beliefs deserving of expression, consideration, and adherence. [ 1 ]

However, at this moment the impact of the Digital Age on individual privacy remains an open question. Will the Digital Age be a period in which individuals lose all control over personal information? Or does the Digital Age offer a renewed opportunity for privacy? The development of technologies that empower individuals to control the collection and use of personal information and communications -- such as encryption, and anonymous remailers, web browsers and payment systems -- are inspiring examples of the privacy-enhancing possibilities of interactive technology. However, we believe that the architecture of the Internet must be designed to advance individual privacy by facilitating individual control over personal information.

The rise of technologies that empower users of interactive communications media to affirmatively express control over personal information can fundamentally shift the balance of power between the individual and those seeking information. CDT believes this technological shift is possible and necessary, and offers us an unprecedented opportunity to advance individual privacy. However, this shift will only occur if interactive media is harnessed to advance individual privacy.

Rather than responding to the very real risks posed by new technology with the Luddite-call of "smash the machine," we are calling for a reversal of the technological status quo by demanding that technology be designed to empower people. We should seize the opportunity to vest individuals with the information and tools to express their desire for privacy in clear and effective ways, and have those desires acknowledged by information users, we can advance privacy. We believe that this post-Luddite approach will reinvigorate individual privacy in the Digital Age.

While strengthening existing laws, such as the Fair Credit Reporting Act and the Right to Financial Privacy Act, and enacting legislation to protect health records, are crucial to protecting individual privacy, individual empowerment technologies offer a powerful method of implementing the core principle of individual control where current gaps and weaknesses leave individual privacy vulnerable. We believe that user controlled technologies that enable individuals to protect the privacy of their communications and personal information, offer an unprecedented opportunity to extend real protections for individual privacy around the world.

II. The Empowered User: Implementing Privacy Policy in the Digital Age

Interactive communications media offer both risks and opportunities to securing individuals' privacy. To have privacy in the Digital Age one must be able to both enjoy solitude and to make decisions about what, if any, personal information to divulge, to whom and for what purpose. In the Digital Age technology can be harnessed to advance privacy by empowering individuals to control the flow of information on a case by case, setting by setting basis, by expressing his or her privacy desire. Through the implementation of existing laws, continued pressure to develop additional laws to protect personal information in various sectors, and the implementation of individual empowerment solutions that give people the ability to control personal information through full notice and meaningful consent, the Internet can be shaped to support individual privacy.
From the Luddite movement of the early Nineteenth century through publication of David Burnham's Rise of the Computer State, technology has rightfully been viewed as a tool by which the interests of the individual are subsumed to the more powerful interests of the government and big business. While privacy advocates must continue to push for laws, the ability to empower people to directly express privacy choices through user controlled technologies has the potential to significantly alter the traditional relationship between individuals and technology.

We must seize the opportunity to move beyond the current debate over the intrusive nature of technology and seize the opportunity to ensure that privacy protection is a core element of this new communications media. [ 16 ] By building privacy in at the front-end we can craft an environment where each individual gets to decide the level at which information is protected instead of relying on the government and the private sector to mete out weak protections on a sector by sector basis leaving large quantities of personal information unprotected and vulnerable.

The privacy potential of interactive communications media will be realized only through the concerted efforts of policy makers, the public interest community and the communications and computer industries. CDT is exploring the creation of a PICS-like process for privacy with the Massachusetts Institute of Technology (MIT), the World Wide Web Consortium, public interest organizations, and Internet content and service providers. If embraced and implemented, we believe that technology tools, coupled with fair information practices can provide an effective method of making individual privacy a reality on the Internet. Individual empowerment technologies which facilitate both the communication of Web site operator's information practices to users, and the communication of individuals' privacy preferences to Web site operators, will give users maximum control over personal information.

III. Technologies of Privacy

We believe that technologies must be designed to give people control over personal information by allowing users to avoid Web sites with inappropriate information collection and use practices, and allowing them to set privacy preferences that prevent or limit the collection, use and disclosure of personal information. Building upon the success of the Platform for Internet Content Selections (PICS) -- a values-neutral platform that enables parents to exercise control over children's access to inappropriate material -- and other user empowering technologies, CDT believes that we can develop applications that maximize individual control over information. In the past ten months, the PICS platform has evolved from concept to final release of standards. Over the next few months, every major browser and online service will update products to include the programming necessary to read and interpret PICS labels. At least four different content labeling and rating services will be available to the public. And there will be two Web-based bureaus where content owners can create their own descriptive labels. In the very near future, PICS will be widely available on the Internet.

IV. Protecting Children's Privacy Online

The issue of children's information privacy on the Internet has caught the public's eye. Children are an increasingly large segment of the Internet user population. The Internet offers children, like adults, a tremendous opportunity to exchange ideas and participate in a world outside their window. However, the ease with which children can access ideas, reveal information about themselves, and participate in a range of activities without parental supervision, has and will continue to be a subject of concern.

CDT is dedicated to enhancing children's privacy on the Internet. We believe that individual empowerment solutions coupled with fair information practices and policies, parental involvement, and strong government response to deceptive and unfair information collection practices, can best protect children's privacy.

V. European Union Data Protection Directive

In July, 1995, the European Union (EU) adopted the Directive On the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such Data (known as the "Data Protection Directive"). In essence, the Directive sets forth rules relating to individual access to personal data, requires individual consent prior to certain uses of personal information, calls for "appropriate" security safeguards to be put in place by companies handling personal information, and requires member countries to create "supervisory authorities" to oversee implementation of the Directive. The intent behind the Directive is to harmonize the data protection laws within the EU, providing European citizens with a minimum level of data protection.

The Directive's reach stretches far beyond the limits of the European community by limiting the transfer of data to non-member countries that do not ensure an "adequate" level of data protection. [ 26 ] Although the contours of the "adequacy" standard are unclear, it is certain that the Directive has the potential to seriously impede the flow of data from member states to the United States.

VI. Conclusion

In the Digital Age, technology can be the individual's ally, not the intrusive, meglomaniacal villain, it has been in so many other settings. Through technological mechanisms that put individuals in control of their information by providing them with notice of companies information practices and real opportunities to clearly express the method in which they want their information handled, the Internet can offer individuals the capacity to protect their privacy while preserving core First Amendment values.

The potential to meet the goals of protecting privacy and speech, and increase child safety through a solution that maximizes individual and parental control should be attractive to privacy advocates, First Amendment advocates and child advocates alike. We have the opportunity to reverse the pattern of using technology to undermine individual privacy. Ensuring that the architecture of the Global Information Infrastructure is designed to support individual empowerment solutions will have a profound effect on individual privacy in the Twenty-first Century.


1. See Turner Broadcasting Syst., Inc. v. FCC, 114 S.Ct. 2445, 2458 (1994).

2. Information privacy incorporates two components -- at times distinct and at times inextricable -- "the right to be let alone " first articulated by Justice Louis Brandeis over a century ago, and the right to control information about oneself, even after divulging it to others, first defined by Professor Alan Westin in Privacy and Freedom.

3. See the writings of Erving Goffman, Edward Blaustein and Julie Inness for more discussion of the societal impact of inadequate privacy.

4. For a discussion of legal theories related to the development of "personhood" and autonomy in society, see Margaret Radin, "Property and Personhood," 34 STANF. L.F. 957 (1982), "The Consequences of Conceptualism," 41 U. MIAMI L.Rev. 239 (1986), "Market-Inalienability," 100 HARV. L.R. 1849 (1987); and Charles Reich, "The New Property," 73 YALE LAW J. 733 (1964), "Beyond the New Property," 56 BROOK. L.R. 731 (1990); "The Liberty Impact of the New Property," 31 WM. & MARY L. REV. 295 (1990).

5. While there is no definitive case finding a constitutional right of information privacy, the Supreme Court acknowledged that such a privacy right exists in Whalen v. Roe.429 U.S. 589 (1977) (upholding a state statute that required doctors to disclose information on individuals taking certain highly addictive prescription drugs for inclusion on a state database) "This information is made available only to a small number of public health officials with a legitimate interest in the information. [Broad] dissemination by state officials of such information, however, would clearly implicate constitutionally protected privacy rights. . . Id. at 606.

However, the "reasonable expectation" standard set out in U.S.. v. Katz , initially hailed as the landmark privacy decision, has consistently been used to permit the use of technology to undermine privacy interests. As technology has advanced, and as societal demands for sensitive personal information have increased, the Court has increasingly circumscribed the "zones" one may justifiably consider private. Subsequent decisions have consistently allowed the circumstances of modern existence to define the "reasonable expectation of privacy." If an intrusion is technically possible, one's expectation of privacy in certain activities is unreasonable.

6. The lack of strong constitutional privacy protection has placed added emphasis on federal and state statutory protections. While statutory privacy protections for personal information have been crafted on a sector by sector basis, many are based on a common set of principles -- The Code of Fair Information Principles . Developed by the Department of Health Education and Welfare in 1973 printed in the Report of the Secretary's Advisory Committee on Automated Personal Data Systems, Records, Computers and the Rights of Citizens, U.S. Dept. of Health, Education & Welfare, July 1973.

7. See recent polls on the public's growing worries over the lack of information privacy, by Louis Harris & Associates, Time/CNN, Mastercard and the American Civil Liberties Union.

8. Deja News is an example of the profiling capacity made available to anyone on the Internet. Through the use of a search engine it is simple to compile all usenet postings of a single indivdiual. While usenet is a public forum, the capacity to at the stroke of a key pull together an indivdiuals words scattered between 1979 and 1996 in potentially thousands of different usenet groups provides a glimpse of the type of profiling that is made inexpensive and practical in this media.


10 See recent polls on the public's growing worries over the lack of information privacy, by Louis Harris & Associates; Time/CNN; Mastercard; and, the American Civil Liberties Union.

11. Margot Williams, Usenet Newsgroups Great for Research, But Watch What You Say, Wash. Post., March 11, 1996, at WashTech; Public Cyberspace, Wash. Post, March 14, 1996, A26; Anne Eisenberg, Privacy and Data Collection on the Net, Scientific American, March 1996, p 120; Mark Powell, Orwellian Snooping, USA Today, April 2, 1996, 13A.

12. DejaNews is a service that organizes all usenet postings into a searchable index by author's name.

13. Cookies is a Netscape feature that assists merchants in tracking users activities at Web sites. See, Joan E. Rigdon, Internet Users Say They'd Rather Not Share Their `Cookies', WSJ, Feb. 14, 1996, B6.

14. McIntyre v. The Ohio Elections Comm., 115 S.Ct. 1511 (1995); NAACP v. Alabama ex rel. Patterson, 357 U.S. 449, 463-65 (1958) (reversing civil contempt judgment against NAACP for failure to turn over membership list).

15. In addition to the Federal Trade Commission's ongoing efforts, The National Information Infrastructure Advisory Council issued its "Privacy and Security-Related Principles" last year, followed by the Inter-agency Information Infrastructure Task Force's Privacy Principles. More recently, the Department of Commerce's NTIA released its report on "Privacy and Telecommunications-Related Data," which concluded that the private sector must implement privacy standards or face a legislative mandate. In addition, Rep. Bob Franks (R-NJ) recently introduced the "Children's Privacy Protection and Parental Empowerment Act," to protect children's privacy.

16. As the recent Department of Commerce report, "Privacy and the NII: Safeguarding Telecommunications-Related Personal Information," concluded: "The promised interactivity of the NII may diminish the need to make a policy choice between opt-in and opt-out. Such interactivity would make it possible for service providers to obtain consent to use transaction-related personal information] from subscribers electronically before any services were rendered." October, 1995 report, p.26.

17. Of course there are instances where the individual's ability to make decisions regarding the flow of personal information may be encumbered. For example, where the government seeks access to personal information on an individual held by a third-party the individual's ability to intervene and exercise control may demand that they receive notice of the request for access. Similarly, in the context of medical treatment, providing individuals with the ability to exercise meaningful control over the flow of personal may require procedures that protect the individual during this moment of vulnerability from rapacious information demands. These settings should be addressed with solutions that assist individuals, or those acting in their stead, to control personal information.

18. Internet users have sent powerful responses to those who have "abused" the Net. Mass emailings typically result in spamming -- tons of angry messages deluging the original sender. Deja News quickly added a mechanism to allow users to flag postings that they did not want archived. Similarly, most "look-up" services on the Net give individuals the opportunity to opt-out via the Net.

19. Support groups on topics ranging from sexual abuse to drug addiction, discussions on political topics from anarchy to Cuba to Newt Gingrich, and pictures and stories of sexual and other fantasies abound on the Internet.

20. After several press stories about DejaNews, a service that organizes all usenet postings into a searchable index by author's name, the company stated that they were instituting a flag that would allow people to notify them that they did not want a particular posting to be archived. This is an example of a limit on subsequent use of information, it is particularly interesting because many users of the Internet would state that usenet postings are public and subject to no reasonable privacy expectation.

21. Community Connexion, an Internet Service Provider, recently debuted the Anonymizer which allows individuals to surf the Internet without revealing transactional data to the Web sites they visit.

22. In addition, software -- similar to products on the market to limit children's access to objectionable content -- could be developed to limit access to sites that have unacceptable information practices.

23. NAACP v. Alabama ex rel. Patterson, 357 U.S. 449, 463-65 (1958) (reversing civil contempt judgment against NAACP for failure to turn over membership list).

24. Lamont v. Postmaster General, 381 U.S. 301 (1965) (invalidating restrictions on the mailing of foreign communist political propaganda).

25. Plaintiffs in ACLU's case challenging the constitutionality of the Communications Decency Act, including EFF, EPIC, and others, made this point quite eloquently. In addition, parental empowerment approach allows children, like all Internet users, to remain relatively anonymous during transactions and interactions on the Internet. This anonymity may help protect them from people who would single children out for harm.

26 .The Directive has been five years in the making, the first draft circulated in the fall, 1990. Earlier drafts of the Directive required non-Member countries to have "equivalent" levels of data protection before personal data could flow from Member countries. An "equivalency" test was considered to be too stringent by many in the private sector. A debate within the EU continues as to how "adequacy" will be measured, and whether, in application, an adequacy test will be lass rigorous than an equivalency standard.

27 As the Directive states in its preamble: " Whereas data processing systems are designed to serve man; whereas they must, whatever the nationality or residence of natural persons, respect their fundamental rights and freedoms, notably the right to privacy, and contribute to economic and social progress, trade expansion, and the well-being of individuals. The Directive relies,in part on the 1980 OECD Data Protection Guidelines, as well as the Council of Europe Convention of 1981 for the Protection of Individuals with Regard to Automatic Processing of Personal Data.

28. The Directive requires that data subjects learn of the existence of a processing operation, where data is collected from the individual, and must be given full and accurate information about the data processing activity.

29. See, NAACP v. Button, 371 U.S. 415 (1963) (holding a provision which prohibited any organization from retaining a lawyer in connection with litigation to which it was not a party invalid as applied to the NAACP's activities).

Posted on June 12, 1997