Law in the Internet Society

View   r15  >  r14  >  r13  >  r12  >  r11  >  r10  ...
BrettJohnsonFirstPaper 15 - 07 Sep 2011 - Main.IanSullivan
Line: 1 to 1
Changed:
<
<
META TOPICPARENT name="FirstPaper"
>
>
META TOPICPARENT name="FirstPaper2009"
 I. INTRODUCTION
Line: 117 to 117
 I added this comment box. Feel free to delete it if you didn't want one; just find the percentage-sign COMMENT percentage-sign text in the editing screen and delete it.
Changed:
<
<
The paper reads well. In terms of suggestions, I have only a few. First, you should link to Steven Wu's essay in discussing that some people choose aggregation in return for customized services. You might also look at Dana Delger's essay in that regard. I tend to agree that an opt-in system is the best approach, for the reasons you outline: those who wish to sign-up for data aggregation should be allowed to do so, and free-for-all monitoring is highly problematic. If I were to suggest revision to the essay, I would think saying more about just what sort of information people must be given when deciding to opt-in or not would be helpful. You don't want the opt-in option to be like the Windows Vista User Access Control, but you need it to also not overload the user with info (as you suggest). Maybe on the federal site you mention, you could also have a sort of opt-in wiki? Where people can post and discuss the results of their opting-in and out. The initial opt-in/out button gives essential, basic info (just a few sentences), and the link takes you to the federal page and a wiki where you can learn more? Whatever the optimal opt-in model, I think saying more about ideas for it would be helpful. Otherwise, it looks pretty good.
>
>
The paper reads well. In terms of suggestions, I have only a few. First, you should link to Steven Wu's essay in discussing that some people choose aggregation in return for customized services. You might also look at Dana Delger's essay in that regard. I tend to agree that an opt-in system is the best approach, for the reasons you outline: those who wish to sign-up for data aggregation should be allowed to do so, and free-for-all monitoring is highly problematic. If I were to suggest revision to the essay, I would think saying more about just what sort of information people must be given when deciding to opt-in or not would be helpful. You don't want the opt-in option to be like the Windows Vista User Access Control, but you need it to also not overload the user with info (as you suggest). Maybe on the federal site you mention, you could also have a sort of opt-in wiki? Where people can post and discuss the results of their opting-in and out. The initial opt-in/out button gives essential, basic info (just a few sentences), and the link takes you to the federal page and a wiki where you can learn more? Whatever the optimal opt-in model, I think saying more about ideas for it would be helpful. Otherwise, it looks pretty good.
 -- BrianS - 20 Nov 2009

BrettJohnsonFirstPaper 14 - 26 May 2010 - Main.EbenMoglen
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Deleted:
<
<
REVISED--READY FOR REVIEW
 I. INTRODUCTION
Line: 23 to 22
 Internet data mining touches on all three components of privacy discussed in class: (1) secrecy, (2) anonymity, and (3) autonomy, which in turn are intertwined with personal freedom. Freedom and autonomy are desirable and true freedom requires meaningful choice. The challenge and desire then is to determine and implement the legal paradigm that provides people with the best meaningful choice and freedom with respect to their privacy.
Changed:
<
<
Privacy issues arise in part because of reasonable expectations of privacy for certain activities. For example, when a woman posts photos to a Facebook profile and that site states that people can control who can see their profile and photos she has a reasonable expectation of privacy when those privacy options are exercised. Conversely, if a man uses an online username “BOYSRCH” along with his photograph, which is accessible by anyone, he should not be surprised if such is used against him by his employer with a policy that prohibits homosexuality. This type of activity does not have a reasonable expectation of privacy and no legislative reform is necessary to protect such publically revealed information.
>
>
Privacy issues arise in part because of reasonable expectations of privacy for certain activities.

What does this mean? It appears to be tautology.

For example, when a woman posts photos to a Facebook profile and that site states that people can control who can see their profile and photos she has a reasonable expectation of privacy when those privacy options are exercised. Conversely, if a man uses an online username “BOYSRCH” along with his photograph, which is accessible by anyone, he should not be surprised if such is used against him by his employer with a policy that prohibits homosexuality. This type of activity does not have a reasonable expectation of privacy and no legislative reform is necessary to protect such publically revealed information.

Maybe or maybe not. The discharge here is occurring not because of a policy against homosexuality, but a policy against disclosure of homosexuality, the so-called "Don't ask, don't tell" nonsense. It's not a very good example of the principle, whatever it is, that you're supposedly illustrating.
 Aside from the reasonable expectations of privacy, people should be entitled to maintain their privacy as a natural right in certain matters that they do not choose to disclose. For example, the identity of products that a person purchases over the internet should be protectable as a natural right—irrespective of any disclosures that would eliminate a reasonable expectation of privacy—should that person choose privacy.
Added:
>
>
What process of distinction separates the "natural right" situations, whatever that phrase is supposed to mean here, which is unexplained, from those in which you would apply the equally-misadopted "reasonable expectation" idea? You don't give any underlying logic for your conclusions, as usual, you just pronounce them, as though assertion were a substitute for analysis.
 II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING DATA MINING

Various privacy options, e.g., absolutely prohibiting data mining, unlimited data mining, opt-in, nakedness, and opt out systems have some difficulties either in theory and/or in practical administration. The current unlimited and unknown to many internet data mining violates fundamental human rights. See generally Planned Parenthood of Southeastern Pennsylvania v. Casey, 112 S.Ct. 2791, 2486 (U.S. 1992) (“Throughout this century, this Court also has held that the fundamental right of privacy protects citizens against governmental intrusion [into certain areas].”).

Added:
>
>
Whatever reproductive privacy has to do with privacy, government intrusion has little to do, given our general constitutional dogma, with activities by non-government parties. Once again, an analytic issue is assumed away rather than dealt with.,\
 A per se outright ban on all data mining is also problematic. This is a more difficult issue than the former but with the ideal that true freedom means individual choice, one must recognize that people should be free to allow monitoring and use of information if after being fully informed they subjectively perceive that such monitoring benefits them more than it costs them.
Added:
>
>
I would have thought the initial issue was whether data-miners possess constitutional rights to learn, cogitate and teach what they have learned and inferred.
 An “opt-out” system is undesirable for the basic reason that people are simply provided with too many complex (often probably intentionally so) adhesion form-contracts to be expected to carefully read and understand such, resulting in effectively no choice and nearly unlimited data mining in such a system.

Finally nakedness impermissibly negates personal choice to maintain privacy (although it would reduce incentives to gather the information).

Added:
>
>
This is no more than a brief and fairly insensitive paraphrase of points I initially made. No thinking here yet.
 III. AN OPT-IN SYSTEM PROVIDES THE BEST ANALYTICAL PARADIGM

An opt-in system provides the best internet privacy option. As a default starting position, people are entitled to privacy and they must take action before such privacy is relinquished. Of course there are legitimate reasons that persons would want to know certain information about a person—such as the credit history and ability of a prospective tenant to pay rent. Another example might include the political (and possibly even personal activities) of a public figure such as a U.S. Senator. In the former case, however, the tenant is choosing to disclose certain personal information to the landlord through contract. In the latter case the U.S. Senator is voluntarily relinquishing certain privacy rights by becoming a public figure (the Senator’s formerly personal information becomes relevant to the public because the Senator’s behavior could directly affect the public).

Line: 49 to 79
 The legislation would, however, allow those private entities to mine data (purchase the ability to store, use, and sell the information) if after being fully informed a person believed that it was in her best interest to sell that information and opted-in. Some people may desire to have special offers sent to them for future purchases of similar products while others may be persuaded by discounted prices or even cash payments for the information. The opt-in choice would perhaps require that to opt-in the person would be redirected to a federally maintained website that provided in understandable and brutally descriptive terms (drafted as part of the legislation) what the information could be collected, used for, by whom, and potential consequences thereof. There could also be an option, each time referred to the “opt-in” website to register a single time to preclude all companies from making future offers to mine data from that IP address.
Added:
>
>
Why spend all these words on something that needs no further explanation, unless because you have nothing of your own to say? Would it not have been sufficient to state that European data protection principles are preferable to North American ones? And would that not have led predictably to some discussion of the real politics here, which you have not so far mentioned and might be therefore thought to have tuned out completely while I was discussing them in class?
 V. CONCLUSION

While not free of concerns, an opt-in system provides the best choice, freedom, and overall autonomy for individuals in society.

Changed:
<
<
>
>
An improvement over previous efforts only to the extent that there are no glaring inaccuracies. There are no new points made, no analysis of any legal, political, or technical issues that I didn't myself discuss, no new information gathered, and nothing new proposed or investigated. Low effort, low commitment, slight improvement.
 

BrettJohnsonFirstPaper 13 - 27 Jan 2010 - Main.BrettJohnson
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
REVISED--READY FOR REVIEW
Line: 41 to 41
 An opt-in system provides the best internet privacy option. As a default starting position, people are entitled to privacy and they must take action before such privacy is relinquished. Of course there are legitimate reasons that persons would want to know certain information about a person—such as the credit history and ability of a prospective tenant to pay rent. Another example might include the political (and possibly even personal activities) of a public figure such as a U.S. Senator. In the former case, however, the tenant is choosing to disclose certain personal information to the landlord through contract. In the latter case the U.S. Senator is voluntarily relinquishing certain privacy rights by becoming a public figure (the Senator’s formerly personal information becomes relevant to the public because the Senator’s behavior could directly affect the public).
Changed:
<
<
An opt-in system for data mining provides the best opportunity for implementation of the potentially competing goals of obtaining relevant information while protecting privacy rights because the relinquishment of natural rights of privacy are based on the individual’s choice in exchange for something that he considers more valuable.
>
>
There is not a bright line where one person’s right to information overcomes another’s right to privacy. However, society should error on the side of privacy with privacy rights only being overcome where there is a compelling showing of need for the information or the person giving up her privacy rights has made a knowing decision to do so under the circumstances. An opt-in system for data mining provides the best opportunity for implementation of the potentially competing goals of obtaining relevant information while protecting privacy rights.
 IV. IMPLEMENTATION OF THE “OPT-IN” SYSTEM

BrettJohnsonFirstPaper 12 - 25 Jan 2010 - Main.BrettJohnson
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
REVISED--READY FOR REVIEW
Line: 39 to 39
 III. AN OPT-IN SYSTEM PROVIDES THE BEST ANALYTICAL PARADIGM
Changed:
<
<
An opt-in system provides the best internet privacy option. As a default starting position, people are entitled to privacy and they must take action before such privacy is relinquished. Of course there are legitimate reasons that persons would want to know certain information about a person—such as the credit history and ability of a prospective tenant to pay rent. Another example might include the political (and possibly even personal activities) of a public figure such as a U.S. Senator. In the former case, however, the tenant is choosing to disclose certain personal information to the landlord through contract. In the later case the U.S. Senator is voluntarily relinquishing certain privacy rights by becoming a public figure (the Senator’s formerly personal information becomes relevant to the public because the Senator’s behavior could directly affect the public).
>
>
An opt-in system provides the best internet privacy option. As a default starting position, people are entitled to privacy and they must take action before such privacy is relinquished. Of course there are legitimate reasons that persons would want to know certain information about a person—such as the credit history and ability of a prospective tenant to pay rent. Another example might include the political (and possibly even personal activities) of a public figure such as a U.S. Senator. In the former case, however, the tenant is choosing to disclose certain personal information to the landlord through contract. In the latter case the U.S. Senator is voluntarily relinquishing certain privacy rights by becoming a public figure (the Senator’s formerly personal information becomes relevant to the public because the Senator’s behavior could directly affect the public).
 An opt-in system for data mining provides the best opportunity for implementation of the potentially competing goals of obtaining relevant information while protecting privacy rights because the relinquishment of natural rights of privacy are based on the individual’s choice in exchange for something that he considers more valuable.

BrettJohnsonFirstPaper 11 - 24 Jan 2010 - Main.BrettJohnson
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Changed:
<
<
Comments from anyone are welcome and appreciated.
>
>
REVISED--READY FOR REVIEW
 I. INTRODUCTION
Changed:
<
<
II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING USE OF INFORMATION
>
>
II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING DATA MINING
 
Changed:
<
<
III. IMPLEMENTATION OF THE “OPT-IN” SYSTEM
>
>
III. AN OPT-IN SYSTEM PROVIDES THE BEST ANALYTICAL PARADIGM
 
Changed:
<
<
IV. CONCLUSION
>
>
IV. IMPLEMENTATION OF THE “OPT-IN” SYSTEM

V. CONCLUSION

 

A Proposal for the Regulation of Internet Data Mining by Private Entities

Line: 19 to 21
 I. INTRODUCTION
Changed:
<
<
Internet data mining (referring to internet information that is not publicly available) touches on all three components of privacy discussed in class: (1) secrecy, (2) anonymity, and (3) autonomy.

  • But that's an outcome of the definition, not the subject. Data that is publicly available and data that is legally available if you pay for it is not secret, and the activity of acquiring information that it's legal to acquire and using it to infer something valuable or interesting is called "learning."

Secrecy is affected because many people mistakenly believe that when they, for example, place an order online for a sexual oriented product, that communication is secret to those other than the vender and the purchaser.

  • If they are promised it is, it is. If not, not. That's just like the rule in the rest of the world, right?

For the same reason anonymity is affected because people believe that the vender will not personally know them (and will not disclose the information to people who may personally know them). In fact, people apparently purchase sensitive items via the internet because they believe that such method of purchase protects their anonymity better than does physically walking into a store and making the purchase. In the context of internet searches and browsing of websites many people mistakenly believe they have complete anonymity. Finally, because data can be used unknowingly to the searcher/purchaser’s disadvantage autonomy is affected.

  • So far the case rests entirely on people's mistaken impressions, which is not the strongest possible basis on which to contend that something other than education needs to be done.

All three components of privacy and in particular autonomy are intertwined with personal freedom. http://www.philosophyetc.net/2005/03/freedom-and-autonomy.html. I begin with what seems axionomic that freedom and autonomy is desirable. From that I follow with a proposal that true freedom requires meaningful choice: “Freedom means having control of your own life.” See Richard Stallman, Wikisource:Speeches, http://en.wikisource.org/wiki/Free_Software_and_Beyond:_Human_Rights_in_the_Use_of_Software.

>
>
Internet data mining touches on all three components of privacy discussed in class: (1) secrecy, (2) anonymity, and (3) autonomy, which in turn are intertwined with personal freedom. Freedom and autonomy are desirable and true freedom requires meaningful choice. The challenge and desire then is to determine and implement the legal paradigm that provides people with the best meaningful choice and freedom with respect to their privacy.
 
Changed:
<
<
  • But you're taking Richard out of context unless you explain that his thinking on this issue is not at all the same as yours, and leads to different conclusions.
>
>
Privacy issues arise in part because of reasonable expectations of privacy for certain activities. For example, when a woman posts photos to a Facebook profile and that site states that people can control who can see their profile and photos she has a reasonable expectation of privacy when those privacy options are exercised. Conversely, if a man uses an online username “BOYSRCH” along with his photograph, which is accessible by anyone, he should not be surprised if such is used against him by his employer with a policy that prohibits homosexuality. This type of activity does not have a reasonable expectation of privacy and no legislative reform is necessary to protect such publically revealed information.
 
Changed:
<
<
The challenge and desire then is to determine which legal system actually provides people with the best meaningful choice and freedom with respect to their privacy and autonomy.
>
>
Aside from the reasonable expectations of privacy, people should be entitled to maintain their privacy as a natural right in certain matters that they do not choose to disclose. For example, the identity of products that a person purchases over the internet should be protectable as a natural right—irrespective of any disclosures that would eliminate a reasonable expectation of privacy—should that person choose privacy.
 
Added:
>
>
II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING DATA MINING
 
Added:
>
>
Various privacy options, e.g., absolutely prohibiting data mining, unlimited data mining, opt-in, nakedness, and opt out systems have some difficulties either in theory and/or in practical administration. The current unlimited and unknown to many internet data mining violates fundamental human rights. See generally Planned Parenthood of Southeastern Pennsylvania v. Casey, 112 S.Ct. 2791, 2486 (U.S. 1992) (“Throughout this century, this Court also has held that the fundamental right of privacy protects citizens against governmental intrusion [into certain areas].”).
 
Changed:
<
<
II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING USE OF INFORMATION
>
>
A per se outright ban on all data mining is also problematic. This is a more difficult issue than the former but with the ideal that true freedom means individual choice, one must recognize that people should be free to allow monitoring and use of information if after being fully informed they subjectively perceive that such monitoring benefits them more than it costs them.
 
Changed:
<
<
Each privacy option, e.g., absolutely prohibiting data mining, unlimited and unregulated data mining, opt-in, nakedness, and opt out systems, seem to have some difficulties either in theory and/or in practical administration. Initially, I reject the current unlimited internet data mining. That type of unknown and unregulated monitoring of human activity violates fundamental human rights. See generally Planned Parenthood of Southeastern Pennsylvania v. Casey, 112 S.Ct. 2791, 2486 (U.S. 1992) (“Throughout this century, this Court also has held that the fundamental right of privacy protects citizens against governmental intrusion [into certain areas].”).
>
>
An “opt-out” system is undesirable for the basic reason that people are simply provided with too many complex (often probably intentionally so) adhesion form-contracts to be expected to carefully read and understand such, resulting in effectively no choice and nearly unlimited data mining in such a system.
 
Changed:
<
<
I also reject a per se outright ban on all data mining. This is a more difficult issue than the former, but again, with the ideal that true freedom means individual choice, one must recognize that people should be free to allow monitoring and use of information if after being fully informed they subjectively perceive that such monitoring benefits them more than it costs them. For example, at least one person in this class articulated in TWiki that he feels that he benefits from monitoring because of the convenience afforded him by such (although I do not believe he reached an ultimate conclusion whether the benefit outweighs the cost).
>
>
Finally nakedness impermissibly negates personal choice to maintain privacy (although it would reduce incentives to gather the information).
 
Changed:
<
<
I further reject an “opt-out” system for the basic reason that people must be allowed to make a meaningful choice. People today are simply provided with too many complex (often probably intentionally so) adhesion form-contracts to be expected to carefully read and understand such, resulting in effectively no choice and nearly unlimited data mining in such a system.
>
>
III. AN OPT-IN SYSTEM PROVIDES THE BEST ANALYTICAL PARADIGM
 
Changed:
<
<
I finally reject nakedness as negating personal choice to maintain privacy (although I understand it would reduce incentives to gather the information).
>
>
An opt-in system provides the best internet privacy option. As a default starting position, people are entitled to privacy and they must take action before such privacy is relinquished. Of course there are legitimate reasons that persons would want to know certain information about a person—such as the credit history and ability of a prospective tenant to pay rent. Another example might include the political (and possibly even personal activities) of a public figure such as a U.S. Senator. In the former case, however, the tenant is choosing to disclose certain personal information to the landlord through contract. In the later case the U.S. Senator is voluntarily relinquishing certain privacy rights by becoming a public figure (the Senator’s formerly personal information becomes relevant to the public because the Senator’s behavior could directly affect the public).
 
Changed:
<
<
Consequently, I believe that an opt-in system provides the best chance for meaningful choice, freedom, and autonomy. As discussed in class, effectively conveying information sufficient for meaningful choice in a society that never forgets is a challenge of an opt-in system.
>
>
An opt-in system for data mining provides the best opportunity for implementation of the potentially competing goals of obtaining relevant information while protecting privacy rights because the relinquishment of natural rights of privacy are based on the individual’s choice in exchange for something that he considers more valuable.
 
Changed:
<
<
III. IMPLEMENTATION OF THE “OPT-IN” SYSTEM
>
>
IV. IMPLEMENTATION OF THE “OPT-IN” SYSTEM
 
Changed:
<
<
I would propose legislation wherein the default rule provides that without consent in the form of “opting-in,” information gathered about a person over the internet may only be used as necessary to provide the service requested. The information gathered could not be disclosed or sold and it would need to be deleted within a reasonable amount of time. For example, if a person placed an order from Wal-Mart.com all information about the purchaser, including her personal information such as name, address, etc. and the product purchased, web pages visited, etc. would need to be deleted from Wal-Mart’s database within a reasonable time after the product is received by the customer. See http://www.nytimes.com/2004/11/14/business/yourmoney/14wal.html?_r=1 (discussing Wal-Mart’s current use of personal information). Other entities, such as the Google search engine would not be able to store or disclose the information. See http://www.webmonkey.com/blog/Firefox_s_Private_Browsing__AKA__Porn_Mode__Arrives (private browsing available from Firefox). In the context of banking, information such as expenditures would need to be retained for record-keeping purposes but kept confidential and not used for purposes other than record-keeping and such information could not be shared with other entities or other departments within the same institution (such as where investment banks are allowed to merge with commercial depository banks after repeal of the Glass-Steagall Act). See http://en.wikipedia.org/wiki/Glass%E2%80%93Steagall_Act.
>
>
Legislation should be adopted wherein the default rule provides that without consent in the form of “opting-in,” information gathered about a person over the internet may only be used as necessary to provide the service requested. The information gathered could not be disclosed or sold and it would need to be deleted within a reasonable amount of time. For example, if a person placed an order from Wal-Mart.com all information about the purchaser, including her personal information such as name, address, etc. and the product purchased, web pages visited, etc. would need to be deleted from Wal-Mart’s database within a reasonable time after the product is received by the customer (discussing Wal-Mart’s current use of personal information). Other entities, such as the Google search engine would not be able to store or disclose the information (private browsing available from Firefox). In the context of banking, information such as expenditures would need to be retained for record-keeping purposes but kept confidential and not used for purposes other than record-keeping and such information could not be shared with other entities or other departments within the same institution (such as where investment banks are allowed to merge with commercial depository banks after repeal of the Glass-Steagall Act).
 
Changed:
<
<
The legislation would, however, allow those private entities to mine data (purchase the ability to store, use, and sell the information) if after being fully informed a person believed that it was in her best interest to sell that information and opted-in. As previously mentioned, some people may desire to have special offers sent to them for future purchases of similar products. Other people may be persuaded by discounted prices or even cash payments for the information. The opt-in choice would perhaps require that to opt-in the person would be redirected to a federally maintained website that provided in understandable and brutally descriptive terms (drafted as part of the legislation) what the information could be collected, used for, by whom, and potential consequences thereof. Each entity that sought to mine data would need to obtain a consent from each person for which it gathered the information, based upon the user’s IP address. There would also be an option, each time referred to the “opt-in” website to register a single time to preclude all companies from making future offers to mine data from that IP address. See generally http://www.nytimes.com/library/tech/00/02/cyber/commerce/07commerce.html.
>
>
The legislation would, however, allow those private entities to mine data (purchase the ability to store, use, and sell the information) if after being fully informed a person believed that it was in her best interest to sell that information and opted-in. Some people may desire to have special offers sent to them for future purchases of similar products while others may be persuaded by discounted prices or even cash payments for the information. The opt-in choice would perhaps require that to opt-in the person would be redirected to a federally maintained website that provided in understandable and brutally descriptive terms (drafted as part of the legislation) what the information could be collected, used for, by whom, and potential consequences thereof. There could also be an option, each time referred to the “opt-in” website to register a single time to preclude all companies from making future offers to mine data from that IP address.
 
Changed:
<
<
IV. CONCLUSION
>
>
V. CONCLUSION
 While not free of concerns, an opt-in system provides the best choice, freedom, and overall autonomy for individuals in society.

BrettJohnsonFirstPaper 10 - 19 Jan 2010 - Main.EbenMoglen
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Comments from anyone are welcome and appreciated.
Line: 19 to 19
 I. INTRODUCTION
Changed:
<
<
Internet data mining (referring to internet information that is not publicly available) touches on all three components of privacy discussed in class: (1) secrecy, (2) anonymity, and (3) autonomy. Secrecy is affected because many people mistakenly believe that when they, for example, place an order online for a sexual oriented product, that communication is secret to those other than the vender and the purchaser. For the same reason anonymity is affected because people believe that the vender will not personally know them (and will not disclose the information to people who may personally know them). In fact, people apparently purchase sensitive items via the internet because they believe that such method of purchase protects their anonymity better than does physically walking into a store and making the purchase. In the context of internet searches and browsing of websites many people mistakenly believe they have complete anonymity. Finally, because data can be used unknowingly to the searcher/purchaser’s disadvantage autonomy is affected.
>
>
Internet data mining (referring to internet information that is not publicly available) touches on all three components of privacy discussed in class: (1) secrecy, (2) anonymity, and (3) autonomy.

  • But that's an outcome of the definition, not the subject. Data that is publicly available and data that is legally available if you pay for it is not secret, and the activity of acquiring information that it's legal to acquire and using it to infer something valuable or interesting is called "learning."

Secrecy is affected because many people mistakenly believe that when they, for example, place an order online for a sexual oriented product, that communication is secret to those other than the vender and the purchaser.

  • If they are promised it is, it is. If not, not. That's just like the rule in the rest of the world, right?

For the same reason anonymity is affected because people believe that the vender will not personally know them (and will not disclose the information to people who may personally know them). In fact, people apparently purchase sensitive items via the internet because they believe that such method of purchase protects their anonymity better than does physically walking into a store and making the purchase. In the context of internet searches and browsing of websites many people mistakenly believe they have complete anonymity. Finally, because data can be used unknowingly to the searcher/purchaser’s disadvantage autonomy is affected.

  • So far the case rests entirely on people's mistaken impressions, which is not the strongest possible basis on which to contend that something other than education needs to be done.

All three components of privacy and in particular autonomy are intertwined with personal freedom. http://www.philosophyetc.net/2005/03/freedom-and-autonomy.html. I begin with what seems axionomic that freedom and autonomy is desirable. From that I follow with a proposal that true freedom requires meaningful choice: “Freedom means having control of your own life.” See Richard Stallman, Wikisource:Speeches, http://en.wikisource.org/wiki/Free_Software_and_Beyond:_Human_Rights_in_the_Use_of_Software.

  • But you're taking Richard out of context unless you explain that his thinking on this issue is not at all the same as yours, and leads to different conclusions.

The challenge and desire then is to determine which legal system actually provides people with the best meaningful choice and freedom with respect to their privacy and autonomy.

 
Deleted:
<
<
All three components of privacy and in particular autonomy are intertwined with personal freedom. http://www.philosophyetc.net/2005/03/freedom-and-autonomy.html. I begin with what seems axionomic that freedom and autonomy is desirable. From that I follow with a proposal that true freedom requires meaningful choice: “Freedom means having control of your own life.” See Richard Stallman, Wikisource:Speeches, http://en.wikisource.org/wiki/Free_Software_and_Beyond:_Human_Rights_in_the_Use_of_Software. The challenge and desire then is to determine which legal system actually provides people with the best meaningful choice and freedom with respect to their privacy and autonomy.
 II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING USE OF INFORMATION
Line: 106 to 135
 

-- HeatherStevenson - 23 Nov 2009

Added:
>
>
  • I don't think Justin's points are to be dealt with as space allows. Collecting information and making judgments about it is constitutionally-protected learning. You can no more make it required that I get people's permission to learn about them than that I get their permission to learn mathematics. What I know about the senior Senator from New York or the President of Columbia University or the guy who rents my house in the country is not something I can be commanded by anyone to forget, or refrain from using to make inferences that are either useful or beautiful. Any other result vitiates the very idea of free expression. If that proposition is true, your argument fails completely. If that proposition is false, where and how is it false?
 
 
<--/commentPlugin-->
\ No newline at end of file

BrettJohnsonFirstPaper 9 - 23 Nov 2009 - Main.HeatherStevenson
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Comments from anyone are welcome and appreciated.
Line: 98 to 98
 

-- BrettJohnson - 22 Nov 2009

Added:
>
>

Brett, You may end up addressing my comment based on some of the previous comments, but my suggestion is slightly different than previous comments so I'll leave it for you as well. I agree with your position that an opt-in system would be better than many other options, but I think that you dismiss the possibilities afforded by an opt-out system a bit too quickly. If legislation required that users first be provided a clear explanation of what data could and could not be sold, saved, etc. and were then provided with the option to opt out, wouldn’t the opt-out system be functionally equivalent (or at least very similar) to your proposed opt-in system? I think the difference between the two systems may come down, in part, to whether the default rule is to favor privacy or “business interests” (at least as that term refers to the businesses gathering data). While I agree that opt-in is a better option, I think that your argument against opt-out would be strengthened by acknowledging that it is inferior at least in part because of a decision that maintaining privacy and control over one's personal information should be the default (in other words, that control of one's personal information is a value in itself).

-- HeatherStevenson - 23 Nov 2009

 
 
<--/commentPlugin-->

BrettJohnsonFirstPaper 8 - 22 Nov 2009 - Main.BrettJohnson
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Comments from anyone are welcome and appreciated.
Line: 90 to 90
 -- JustinColannino - 22 Nov 2009
Added:
>
>

Justin,

Thank you for your helpful comments. I will put some thought into them and try to address them in a revised version of the essay.

-- BrettJohnson - 22 Nov 2009

 
 
<--/commentPlugin-->

BrettJohnsonFirstPaper 7 - 22 Nov 2009 - Main.JustinColannino
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Comments from anyone are welcome and appreciated.
Line: 66 to 66
 The paper reads well. In terms of suggestions, I have only a few. First, you should link to Steven Wu's essay in discussing that some people choose aggregation in return for customized services. You might also look at Dana Delger's essay in that regard. I tend to agree that an opt-in system is the best approach, for the reasons you outline: those who wish to sign-up for data aggregation should be allowed to do so, and free-for-all monitoring is highly problematic. If I were to suggest revision to the essay, I would think saying more about just what sort of information people must be given when deciding to opt-in or not would be helpful. You don't want the opt-in option to be like the Windows Vista User Access Control, but you need it to also not overload the user with info (as you suggest). Maybe on the federal site you mention, you could also have a sort of opt-in wiki? Where people can post and discuss the results of their opting-in and out. The initial opt-in/out button gives essential, basic info (just a few sentences), and the link takes you to the federal page and a wiki where you can learn more? Whatever the optimal opt-in model, I think saying more about ideas for it would be helpful. Otherwise, it looks pretty good.

-- BrianS - 20 Nov 2009

Added:
>
>
Brett,

I have a two suggestions, one on style and two on substance.

First, rolling links into words instead of having them stand alone in the text would make the paper flow more smoothly in some instances. To place a link you can use this syntax:

[[LINK][LINK TEXT]]
So if I wanted "Google" to hyperlink to www.google.com I would use the above syntax with:
LINK = http://www.google.com 
LINK TEXT = Google
So for example, if you wanted to put a link into this sentience: All three components of privacy and in particular autonomy are intertwined with personal freedom. http://www.philosophyetc.net/2005/03/freedom-and-autonomy.html.

You could change it to this: All three components of privacy and in particular autonomy are intertwined with personal freedom.

Second, although I agree that opt-in is better than the current system, I find this draft confusing as to why you think so. In section II you introduce five different privacy options: "absolutely prohibiting data mining, unlimited and unregulated data mining, opt-in, nakedness, and opt out systems." You then proceed to reject four out of the five and thus accept the fifth one as "the best chance" for privacy. But you've said nothing about the merits of opt-in at all. Its like if I had 4 rocks and threw them at 5 targets and concluded that the one target I did not hit was unable to be hit by rocks. I think your proposal for legislation might be bolstered by spending the space on what is good about opt-in instead of what is bad about the other options.

Finally, I think that if you have the space you may want to try to address some of the counter arguments to your proposed legislation. If Google cannot store any data about searches, are we prohibiting Google from knowing something that happened to it? Does this have First Amendment implications? Will your proposed legislation prevent me from keeping a log of the visitors who come to my personal website? Another objection is that it prevents Google from protecting itself. Servers can be attacked through many different methods. A DDoS attack is an attack where many computers send millions of requests for information (for example, sending a search request to Google) to the same server with the goal of overloading the server and taking it offline. These attacks often target sites like Google and Twitter. One way of surviving the attack is to identify the computers sending the requests and stop accepting requests from those computers. Your legislation would prohibit Google from identifying who is attacking their computers and to take measures to prevent the attack from succeeding.

-- JustinColannino - 22 Nov 2009

 
 
<--/commentPlugin-->

BrettJohnsonFirstPaper 6 - 20 Nov 2009 - Main.BrianS
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Comments from anyone are welcome and appreciated.
Line: 63 to 63
 I added this comment box. Feel free to delete it if you didn't want one; just find the percentage-sign COMMENT percentage-sign text in the editing screen and delete it.
Added:
>
>
The paper reads well. In terms of suggestions, I have only a few. First, you should link to Steven Wu's essay in discussing that some people choose aggregation in return for customized services. You might also look at Dana Delger's essay in that regard. I tend to agree that an opt-in system is the best approach, for the reasons you outline: those who wish to sign-up for data aggregation should be allowed to do so, and free-for-all monitoring is highly problematic. If I were to suggest revision to the essay, I would think saying more about just what sort of information people must be given when deciding to opt-in or not would be helpful. You don't want the opt-in option to be like the Windows Vista User Access Control, but you need it to also not overload the user with info (as you suggest). Maybe on the federal site you mention, you could also have a sort of opt-in wiki? Where people can post and discuss the results of their opting-in and out. The initial opt-in/out button gives essential, basic info (just a few sentences), and the link takes you to the federal page and a wiki where you can learn more? Whatever the optimal opt-in model, I think saying more about ideas for it would be helpful. Otherwise, it looks pretty good.
 -- BrianS - 20 Nov 2009
 
<--/commentPlugin-->

BrettJohnsonFirstPaper 5 - 20 Nov 2009 - Main.BrianS
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Comments from anyone are welcome and appreciated.
Line: 56 to 56
 # * Set ALLOWTOPICVIEW = TWikiAdminGroup, BrettJohnson

Note: TWiki has strict formatting rules. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of that line. If you wish to give access to any other users simply add them to the comma separated list \ No newline at end of file

Added:
>
>

Brett,

I added this comment box. Feel free to delete it if you didn't want one; just find the percentage-sign COMMENT percentage-sign text in the editing screen and delete it.

-- BrianS - 20 Nov 2009

 
<--/commentPlugin-->

BrettJohnsonFirstPaper 4 - 20 Nov 2009 - Main.BrettJohnson
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Added:
>
>
Comments from anyone are welcome and appreciated.
 I. INTRODUCTION

II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING USE OF INFORMATION


BrettJohnsonFirstPaper 3 - 16 Nov 2009 - Main.BrettJohnson
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
I. INTRODUCTION
Line: 36 to 36
 III. IMPLEMENTATION OF THE “OPT-IN” SYSTEM
Changed:
<
<
I would propose legislation wherein the default rule provides that without consent in the form of “opting-in,” information gathered about a person over the internet may only be used as necessary to provide the service requested. The information gathered could not be disclosed or sold and it would need to be deleted within a reasonable amount of time. For example, if a person placed an order from WalMart? .com all information about the purchaser, including her personal information such as name, address, etc. and the product purchased, web pages visited, etc. would need to be deleted from WalMart? ’s database within a reasonable time after the product is received by the customer. See http://www.nytimes.com/2004/11/14/business/yourmoney/14wal.html?_r=1 (discussing Wal-Mart’s current use of personal information). Other entities, such as the Google search engine would not be able to store or disclose the information. See http://www.webmonkey.com/blog/Firefox_s_Private_Browsing__AKA__Porn_Mode__Arrives (private browsing available from Firefox). In the context of banking, information such as expenditures would need to be retained for record-keeping purposes but kept confidential and not used for purposes other than record-keeping and such information could not be shared with other entities or other departments within the same institution (such as where investment banks are allowed to merge with commercial depository banks after repeal of the Glass-Steagall Act). See http://en.wikipedia.org/wiki/Glass%E2%80%93Steagall_Act.
>
>
I would propose legislation wherein the default rule provides that without consent in the form of “opting-in,” information gathered about a person over the internet may only be used as necessary to provide the service requested. The information gathered could not be disclosed or sold and it would need to be deleted within a reasonable amount of time. For example, if a person placed an order from Wal-Mart.com all information about the purchaser, including her personal information such as name, address, etc. and the product purchased, web pages visited, etc. would need to be deleted from Wal-Mart’s database within a reasonable time after the product is received by the customer. See http://www.nytimes.com/2004/11/14/business/yourmoney/14wal.html?_r=1 (discussing Wal-Mart’s current use of personal information). Other entities, such as the Google search engine would not be able to store or disclose the information. See http://www.webmonkey.com/blog/Firefox_s_Private_Browsing__AKA__Porn_Mode__Arrives (private browsing available from Firefox). In the context of banking, information such as expenditures would need to be retained for record-keeping purposes but kept confidential and not used for purposes other than record-keeping and such information could not be shared with other entities or other departments within the same institution (such as where investment banks are allowed to merge with commercial depository banks after repeal of the Glass-Steagall Act). See http://en.wikipedia.org/wiki/Glass%E2%80%93Steagall_Act.
 The legislation would, however, allow those private entities to mine data (purchase the ability to store, use, and sell the information) if after being fully informed a person believed that it was in her best interest to sell that information and opted-in. As previously mentioned, some people may desire to have special offers sent to them for future purchases of similar products. Other people may be persuaded by discounted prices or even cash payments for the information. The opt-in choice would perhaps require that to opt-in the person would be redirected to a federally maintained website that provided in understandable and brutally descriptive terms (drafted as part of the legislation) what the information could be collected, used for, by whom, and potential consequences thereof. Each entity that sought to mine data would need to obtain a consent from each person for which it gathered the information, based upon the user’s IP address. There would also be an option, each time referred to the “opt-in” website to register a single time to preclude all companies from making future offers to mine data from that IP address. See generally http://www.nytimes.com/library/tech/00/02/cyber/commerce/07commerce.html.

BrettJohnsonFirstPaper 2 - 13 Nov 2009 - Main.BrettJohnson
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
I. INTRODUCTION
Line: 10 to 10
 

Changed:
<
<

A Proposal for the Regulation of the Gathering and Use of Internet Activity Information by Private Entities

>
>

A Proposal for the Regulation of Internet Data Mining by Private Entities

 -- By BrettJohnson - 11 Nov 2009
Line: 19 to 18
 I. INTRODUCTION
Changed:
<
<
The use of personal information gathered from the internet (referring only to internet information that is not publicly available—publicly posted non-anonymous information is not private and is free for the taking as is public information in any other context) for marketing and sales purposes touches on all three components of privacy discussed in class: (1) secrecy, (2) anonymity, and (3) autonomy. Secrecy is affected because many people mistakenly believe that when they, for example, place an order online for sexual oriented products, that communication is secret to those other than the vender and the purchaser. For the same reason anonymity is affected because people believe that the vender will not personally know them (and will not share or sell the information to people who may personally know them). In fact, people apparently purchase sensitive items via the internet because they believe that such method of purchase protects their anonymity better than does physically walking into a store and making the purchase. In the context of internet searches and browsing of websites many people mistakenly believe they have complete anonymity. Finally, because the gathered information can be used unknowingly to the searcher/purchaser’s disadvantage autonomy is affected.
>
>
Internet data mining (referring to internet information that is not publicly available) touches on all three components of privacy discussed in class: (1) secrecy, (2) anonymity, and (3) autonomy. Secrecy is affected because many people mistakenly believe that when they, for example, place an order online for a sexual oriented product, that communication is secret to those other than the vender and the purchaser. For the same reason anonymity is affected because people believe that the vender will not personally know them (and will not disclose the information to people who may personally know them). In fact, people apparently purchase sensitive items via the internet because they believe that such method of purchase protects their anonymity better than does physically walking into a store and making the purchase. In the context of internet searches and browsing of websites many people mistakenly believe they have complete anonymity. Finally, because data can be used unknowingly to the searcher/purchaser’s disadvantage autonomy is affected.
 
Changed:
<
<
All three components of privacy and in particular autonomy are intertwined with personal freedom. See http://www.philosophyetc.net/2005/03/freedom-and-autonomy.html. I begin with what seems axionomic that freedom and autonomy is desirable. From that I follow with a proposal that true freedom requires meaningful choice: “Freedom means having control of your own life.” Richard Stallman, Wikisource:Speeches, http://en.wikisource.org/wiki/Free_Software_and_Beyond:_Human_Rights_in_the_Use_of_Software. The challenge and desire then is to determine which legal system actually provides people with the best meaningful choice and freedom with respect to their privacy and autonomy.
>
>
All three components of privacy and in particular autonomy are intertwined with personal freedom. http://www.philosophyetc.net/2005/03/freedom-and-autonomy.html. I begin with what seems axionomic that freedom and autonomy is desirable. From that I follow with a proposal that true freedom requires meaningful choice: “Freedom means having control of your own life.” See Richard Stallman, Wikisource:Speeches, http://en.wikisource.org/wiki/Free_Software_and_Beyond:_Human_Rights_in_the_Use_of_Software. The challenge and desire then is to determine which legal system actually provides people with the best meaningful choice and freedom with respect to their privacy and autonomy.
 II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING USE OF INFORMATION
Changed:
<
<
Each privacy option, e.g., absolutely prohibiting monitoring or use of information, unlimited storing and use, opt-in, and opt out systems, seem to have some difficulties either in theory and/or in practical administration. Initially, I reject the current unlimited monitoring and use of information gathered from internet activity. That type of unknown and unregulated monitoring of human activity violates fundamental human rights. See generally Planned Parenthood of Southeastern Pennsylvania v. Casey, 112 S.Ct. 2791, 2486 (U.S. 1992) (“Throughout this century, this Court also has held that the fundamental right of privacy protects citizens against governmental intrusion [into certain areas].”).
>
>
Each privacy option, e.g., absolutely prohibiting data mining, unlimited and unregulated data mining, opt-in, nakedness, and opt out systems, seem to have some difficulties either in theory and/or in practical administration. Initially, I reject the current unlimited internet data mining. That type of unknown and unregulated monitoring of human activity violates fundamental human rights. See generally Planned Parenthood of Southeastern Pennsylvania v. Casey, 112 S.Ct. 2791, 2486 (U.S. 1992) (“Throughout this century, this Court also has held that the fundamental right of privacy protects citizens against governmental intrusion [into certain areas].”).

I also reject a per se outright ban on all data mining. This is a more difficult issue than the former, but again, with the ideal that true freedom means individual choice, one must recognize that people should be free to allow monitoring and use of information if after being fully informed they subjectively perceive that such monitoring benefits them more than it costs them. For example, at least one person in this class articulated in TWiki that he feels that he benefits from monitoring because of the convenience afforded him by such (although I do not believe he reached an ultimate conclusion whether the benefit outweighs the cost).

 
Changed:
<
<
I also reject a per se outright ban on all monitoring and use of internet activity. This is a more difficult issue than the former, but again, with the ideal that true freedom means individual choice, one must recognize that people should be free to allow monitoring and use of information if after being fully informed they subjectively perceive that such monitoring benefits them more than it costs them. For example, at least one person in this class articulated in TWiki that he feels that he benefits from monitoring because of the convenience afforded him by such (although I do not believe he reached an ultimate conclusion whether the benefit outweighs the cost).
>
>
I further reject an “opt-out” system for the basic reason that people must be allowed to make a meaningful choice. People today are simply provided with too many complex (often probably intentionally so) adhesion form-contracts to be expected to carefully read and understand such, resulting in effectively no choice and nearly unlimited data mining in such a system.
 
Changed:
<
<
I further reject an “opt-out” system for the basic reason that people must be allowed to make a meaningful choice. People today are simply provided with too many complex (often probably intentionally so) adhesion form-contracts to be expected to carefully read and understand such, resulting in effectively no choice and nearly unlimited monitoring in such a system.
>
>
I finally reject nakedness as negating personal choice to maintain privacy (although I understand it would reduce incentives to gather the information).
 
Changed:
<
<
Consequently, I believe that an opt-in system provides the best chance for meaningful choice, freedom, and autonomy. As discussed in class, one of the difficulties of this system is the effective administration of such. Many people do not understand that a choice he makes now could haunt him for the rest of his life in a society that never forgets. Effectively conveying this information is thus the primary challenge of an opt-in system.
>
>
Consequently, I believe that an opt-in system provides the best chance for meaningful choice, freedom, and autonomy. As discussed in class, effectively conveying information sufficient for meaningful choice in a society that never forgets is a challenge of an opt-in system.
 III. IMPLEMENTATION OF THE “OPT-IN” SYSTEM
Changed:
<
<
I would propose legislation wherein the default rule provides that without consent in the form of “opting-in,” information gathered about a person over the internet may only be used as necessary to provide the service requested. The information gathered could not be disclosed or sold and it would need to be deleted within a reasonable amount of time. For example, if a person placed an order from WalMart? .com all information about the purchasers, including her personal information such as name, address, etc. and the product purchased, web pages visited, etc. would need to be deleted from WalMart? ’s database within a reasonable time after the product is received by the customer. See http://www.nytimes.com/2004/11/14/business/yourmoney/14wal.html?_r=1 (discussing Wal-Mart’s current use of personal information). Other entities, such as the Google search engine would not be able to store or disclose the information. See http://www.webmonkey.com/blog/Firefox_s_Private_Browsing__AKA__Porn_Mode__Arrives (indicating that private browsing is an available feature from Firefox).
>
>
I would propose legislation wherein the default rule provides that without consent in the form of “opting-in,” information gathered about a person over the internet may only be used as necessary to provide the service requested. The information gathered could not be disclosed or sold and it would need to be deleted within a reasonable amount of time. For example, if a person placed an order from WalMart? .com all information about the purchaser, including her personal information such as name, address, etc. and the product purchased, web pages visited, etc. would need to be deleted from WalMart? ’s database within a reasonable time after the product is received by the customer. See http://www.nytimes.com/2004/11/14/business/yourmoney/14wal.html?_r=1 (discussing Wal-Mart’s current use of personal information). Other entities, such as the Google search engine would not be able to store or disclose the information. See http://www.webmonkey.com/blog/Firefox_s_Private_Browsing__AKA__Porn_Mode__Arrives (private browsing available from Firefox). In the context of banking, information such as expenditures would need to be retained for record-keeping purposes but kept confidential and not used for purposes other than record-keeping and such information could not be shared with other entities or other departments within the same institution (such as where investment banks are allowed to merge with commercial depository banks after repeal of the Glass-Steagall Act). See http://en.wikipedia.org/wiki/Glass%E2%80%93Steagall_Act.
 
Changed:
<
<
The legislation would, however, allow those private entities to purchase the ability to store, use, and sell the information if after being fully informed a person believed that it was in her best interest to sell that information and opted-in. As previously mentioned, some people may desire to have special offers sent to them for future purchases of similar products. Other people may be persuaded by discounted prices or even cash payments for the information. The opt-in choice would perhaps require that to opt-in the person be redirected to a federally maintained website that provided in understandable terms (drafted as part of the legislation) exactly what the information could be collected, used for, whom by, and potential consequences thereof. Each entity that sought to initially gather information would need to obtain a consent from each person for which it gathered the information, based upon the user’s IP address. There would also be an option to register a single time on a federally maintained register each IP address, which would preclude all companies from making future offers to buy and use personal information from that IP address. See generally http://www.nytimes.com/library/tech/00/02/cyber/commerce/07commerce.html.
>
>
The legislation would, however, allow those private entities to mine data (purchase the ability to store, use, and sell the information) if after being fully informed a person believed that it was in her best interest to sell that information and opted-in. As previously mentioned, some people may desire to have special offers sent to them for future purchases of similar products. Other people may be persuaded by discounted prices or even cash payments for the information. The opt-in choice would perhaps require that to opt-in the person would be redirected to a federally maintained website that provided in understandable and brutally descriptive terms (drafted as part of the legislation) what the information could be collected, used for, by whom, and potential consequences thereof. Each entity that sought to mine data would need to obtain a consent from each person for which it gathered the information, based upon the user’s IP address. There would also be an option, each time referred to the “opt-in” website to register a single time to preclude all companies from making future offers to mine data from that IP address. See generally http://www.nytimes.com/library/tech/00/02/cyber/commerce/07commerce.html.
 IV. CONCLUSION

BrettJohnsonFirstPaper 1 - 11 Nov 2009 - Main.BrettJohnson
Line: 1 to 1
Added:
>
>
META TOPICPARENT name="FirstPaper"
I. INTRODUCTION

II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING USE OF INFORMATION

III. IMPLEMENTATION OF THE “OPT-IN” SYSTEM

IV. CONCLUSION

A Proposal for the Regulation of the Gathering and Use of Internet Activity Information by Private Entities

-- By BrettJohnson - 11 Nov 2009

I. INTRODUCTION

The use of personal information gathered from the internet (referring only to internet information that is not publicly available—publicly posted non-anonymous information is not private and is free for the taking as is public information in any other context) for marketing and sales purposes touches on all three components of privacy discussed in class: (1) secrecy, (2) anonymity, and (3) autonomy. Secrecy is affected because many people mistakenly believe that when they, for example, place an order online for sexual oriented products, that communication is secret to those other than the vender and the purchaser. For the same reason anonymity is affected because people believe that the vender will not personally know them (and will not share or sell the information to people who may personally know them). In fact, people apparently purchase sensitive items via the internet because they believe that such method of purchase protects their anonymity better than does physically walking into a store and making the purchase. In the context of internet searches and browsing of websites many people mistakenly believe they have complete anonymity. Finally, because the gathered information can be used unknowingly to the searcher/purchaser’s disadvantage autonomy is affected.

All three components of privacy and in particular autonomy are intertwined with personal freedom. See http://www.philosophyetc.net/2005/03/freedom-and-autonomy.html. I begin with what seems axionomic that freedom and autonomy is desirable. From that I follow with a proposal that true freedom requires meaningful choice: “Freedom means having control of your own life.” Richard Stallman, Wikisource:Speeches, http://en.wikisource.org/wiki/Free_Software_and_Beyond:_Human_Rights_in_the_Use_of_Software. The challenge and desire then is to determine which legal system actually provides people with the best meaningful choice and freedom with respect to their privacy and autonomy.

II. EXEMPLARY PRIVACY OPTIONS FOR GOVERNING USE OF INFORMATION

Each privacy option, e.g., absolutely prohibiting monitoring or use of information, unlimited storing and use, opt-in, and opt out systems, seem to have some difficulties either in theory and/or in practical administration. Initially, I reject the current unlimited monitoring and use of information gathered from internet activity. That type of unknown and unregulated monitoring of human activity violates fundamental human rights. See generally Planned Parenthood of Southeastern Pennsylvania v. Casey, 112 S.Ct. 2791, 2486 (U.S. 1992) (“Throughout this century, this Court also has held that the fundamental right of privacy protects citizens against governmental intrusion [into certain areas].”).

I also reject a per se outright ban on all monitoring and use of internet activity. This is a more difficult issue than the former, but again, with the ideal that true freedom means individual choice, one must recognize that people should be free to allow monitoring and use of information if after being fully informed they subjectively perceive that such monitoring benefits them more than it costs them. For example, at least one person in this class articulated in TWiki that he feels that he benefits from monitoring because of the convenience afforded him by such (although I do not believe he reached an ultimate conclusion whether the benefit outweighs the cost).

I further reject an “opt-out” system for the basic reason that people must be allowed to make a meaningful choice. People today are simply provided with too many complex (often probably intentionally so) adhesion form-contracts to be expected to carefully read and understand such, resulting in effectively no choice and nearly unlimited monitoring in such a system.

Consequently, I believe that an opt-in system provides the best chance for meaningful choice, freedom, and autonomy. As discussed in class, one of the difficulties of this system is the effective administration of such. Many people do not understand that a choice he makes now could haunt him for the rest of his life in a society that never forgets. Effectively conveying this information is thus the primary challenge of an opt-in system.

III. IMPLEMENTATION OF THE “OPT-IN” SYSTEM

I would propose legislation wherein the default rule provides that without consent in the form of “opting-in,” information gathered about a person over the internet may only be used as necessary to provide the service requested. The information gathered could not be disclosed or sold and it would need to be deleted within a reasonable amount of time. For example, if a person placed an order from WalMart? .com all information about the purchasers, including her personal information such as name, address, etc. and the product purchased, web pages visited, etc. would need to be deleted from WalMart? ’s database within a reasonable time after the product is received by the customer. See http://www.nytimes.com/2004/11/14/business/yourmoney/14wal.html?_r=1 (discussing Wal-Mart’s current use of personal information). Other entities, such as the Google search engine would not be able to store or disclose the information. See http://www.webmonkey.com/blog/Firefox_s_Private_Browsing__AKA__Porn_Mode__Arrives (indicating that private browsing is an available feature from Firefox).

The legislation would, however, allow those private entities to purchase the ability to store, use, and sell the information if after being fully informed a person believed that it was in her best interest to sell that information and opted-in. As previously mentioned, some people may desire to have special offers sent to them for future purchases of similar products. Other people may be persuaded by discounted prices or even cash payments for the information. The opt-in choice would perhaps require that to opt-in the person be redirected to a federally maintained website that provided in understandable terms (drafted as part of the legislation) exactly what the information could be collected, used for, whom by, and potential consequences thereof. Each entity that sought to initially gather information would need to obtain a consent from each person for which it gathered the information, based upon the user’s IP address. There would also be an option to register a single time on a federally maintained register each IP address, which would preclude all companies from making future offers to buy and use personal information from that IP address. See generally http://www.nytimes.com/library/tech/00/02/cyber/commerce/07commerce.html.

IV. CONCLUSION

While not free of concerns, an opt-in system provides the best choice, freedom, and overall autonomy for individuals in society.


You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" on the next line:

# * Set ALLOWTOPICVIEW = TWikiAdminGroup, BrettJohnson

Note: TWiki has strict formatting rules. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of that line. If you wish to give access to any other users simply add them to the comma separated list


Revision 15r15 - 07 Sep 2011 - 00:44:08 - IanSullivan
Revision 14r14 - 26 May 2010 - 06:18:08 - EbenMoglen
Revision 13r13 - 27 Jan 2010 - 17:05:31 - BrettJohnson
Revision 12r12 - 25 Jan 2010 - 05:15:51 - BrettJohnson
Revision 11r11 - 24 Jan 2010 - 22:51:58 - BrettJohnson
Revision 10r10 - 19 Jan 2010 - 17:56:53 - EbenMoglen
Revision 9r9 - 23 Nov 2009 - 19:35:02 - HeatherStevenson
Revision 8r8 - 22 Nov 2009 - 22:14:20 - BrettJohnson
Revision 7r7 - 22 Nov 2009 - 16:53:47 - JustinColannino
Revision 6r6 - 20 Nov 2009 - 08:19:18 - BrianS
Revision 5r5 - 20 Nov 2009 - 07:09:57 - BrianS
Revision 4r4 - 20 Nov 2009 - 00:45:34 - BrettJohnson
Revision 3r3 - 16 Nov 2009 - 01:02:38 - BrettJohnson
Revision 2r2 - 13 Nov 2009 - 00:24:45 - BrettJohnson
Revision 1r1 - 11 Nov 2009 - 18:02:19 - BrettJohnson
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM