PRIVACY? WHAT PRIVACY?
Cameras, cards and all sorts of data-gathering techniques can follow almost your every move
By Eric Benderoff and Jon Van, Tribune staff reporters. Tribune staff reporter Mike Hughlett contributed to this report
Chicago Tribune/May 14, 2006
If you take the "L" to work and use one of the CTA's new smart cards to pay, there is a computer log of your travels.
If you cross a busy Chicago intersection, a camera may snap your picture and send the digitized image to a database.
If you use Google's free e-mail service, the contents of your personal messages are scanned for keywords to generate ads related to what you wrote to friends or family.
We live in a digital fishbowl, an overlooked aspect of the fiery debate that erupted last week with the reports that the National Security Agency is collecting information on America's telephone calls.
Long before outraged members of Congress raised questions about the government violating individual rights, Americans willingly--and often unwittingly--ceded their privacy to a society that functions on, and is addicted to, information.
Wherever we go, we leave a digital trail that permits advertisers, the government and even bad guys to learn about us.
Young people, in particular, who consider the Internet a virtual coffee shop to gather and chat, think little of exposing a bit of themselves with each visit.
"This isn't just about phone calls, it's about your entire life," said Paul Saffo, director of the Institute for the Future, a California-based research center. "We leave a wake of electronic bits behind with every transaction we make."
Privacy can be jeopardized in myriad ways, but nowhere is the strain more dramatic than through the Internet, which has become a vast warehouse of personal information just a mouse-click away.
Here's a simple example: Type a listed residential phone number into Google's search box. In many cases, the first result that pops up will be the full name of the resident and the home address, and one click will give you a map.
That information was always available, but until sophisticated search engines came along, one needed a local phone book, a map and, most important, time.
Indeed, individuals now should assume that an extraordinary amount of personal information is readily accessible to casual acquaintances or strangers, be it the price paid for a house or the details of a nasty divorce.
A quick Google search can reveal where someone went to high school, an old resume or a casual--even catty--reference on someone's Web log. Dig deeper, and court records and other official documents can reveal who was arrested for driving under the influence or domestic battery.
As courts and other agencies digitize this information, entrepreneurs have figured out how to tap into this broad database that records the private lives of everyday Americans. And in places where officials haven't yet put the information online, companies have sent out workers to manually scan the documents, said Jim Dempsey, policy director at the Center for Democracy and Technology.
Web sites like Abika.com, Records-search.net, Reverserecords.org and even genealogy sites like Ancestry.com make this information accessible for a fee.
"The law has completely fallen behind the times with regards to public records," Dempsey said. "There is a certain amount of data that is public, such as property ownership records, arrest records, bankruptcy records, divorce court filings.
"In the past, this information was technically public but practically obscure. You had to go to the courthouse and write things down by hand. Now, increasingly, this is available online."
The Web is filled with information that seems innocent. But Stuart McClure, a computer security expert at security software firm McAfee Inc., related how a personal document can be used as a tool for wrongdoers. Assigned to break into a corporate network to test its vulnerability, he identified an employee in the company's technology department and searched his resume. Having learned what computer languages he was proficient in, McClure deduced how to hack his way in.
"We used personal information that most people think is innocuous, like a resume, to figure out a way in," he said.
The broad workings of the Internet provide another avenue for commercial interests, or the government, to look over the shoulder of computer users.
Web site operators routinely place tracking devices -- or "cookies"--on the computer of visitors to sites. They are designed to make it easier to visit in the future, but they have a second intent. The cookies help operators generate ads based on your surfing patterns.
This entire relationship is under scrutiny because of how much information commercial operators can learn about a user, and some of the software can track where you go.
Government has its own interests in investigating some ways people use the Internet.
Much like gathering information through phone records, law-enforcement officials can tap the records of Internet service providers. The ISPs, which include major Internet providers like AT&T Inc., basically are the gateway to the Web.
Like phone companies complying with federal subpoenas for records, an ISP might also comply.
"With the proper documents, either a subpoena, court order or a search warrant, we will comply to the police request," said a representative of Comcast Corp., which provides high-speed Internet access in the Chicago area. "We don't just patently give up that information."
In January, AT&T was sued by the Electronic Frontier Foundation for handing over customer Internet records to the National Security Agency.
Unlike the situation involving the agency's phone record request, this suit has brought into focus the broader potential for invading users' privacy.
The agency was allowed, according to the suit, to search within AT&T's huge customer database, potentially combing through e-mail messages, Internet search information and shopping habits.
If the agency's intent was to comb for information, phone calls and Internet searches are only the first stops on a long list of private communications now accessible, said Internet security expert Bruce Schneider.
"You need not only phone records, but Internet, SMS and instant messaging," he said. SMS stands for short message service, a text-messaging feature on mobile phone networks.
All this personal data also have become an irresistible lure for businesses, which collect all sorts of facts and file them for future reference for whatever new opportunity may emerge.
Saffo, the futurist, said this makes people vulnerable even if they are unconcerned. Databases could contain inaccurate information, for instance, or be an enticing lure for criminals seeking to steal identities.
"Digital technology is the solvent leaching the glue out of the Constitution and all of our rights," he said.
The Center for Democracy and Technology's Dempsey points out that it has been 20 years since Congress passed the Electronic Communication Privacy act.
"But that was before the Web really emerged and before cell phones became ubiquitous," he said. The courts are only beginning to grapple with privacy rules brought on by the Web.
"We have called for a broad, balanced look at the relationship between technology and privacy," he said of his group. And, he added, before the Sept. 11 attacks, Congress was starting to do that.
"But 9/11 destroyed this entirely," Dempsey said. "Since then, we've been in this crisis mode that has become highly politicized and where it's hard to get policymakers to focus on these trends."
While the debate over privacy has intensified, the scope of privacy concerns has escalated substantially as the Internet has become ubiquitous.
In particular, social networking sites like MySpace.com, have become a flash point for what people, particularly teens, willingly share about themselves.
Statistics released last week show how popular MySpace has become. In April, the site registered 38.4 million unique visitors, up from 8.2 million a year earlier, according to Nielsen/NetRatings. It was the eighth-most-visited Web site for the month.
Because of social networking sites, "we are witnessing a transition of identity presentation," said David Huffaker, a doctoral student at Northwestern University who has published studies on teen Internet behavior. In the '90s, people commonly used "avatars" or fake identities when they communicated.
New applications like MySpace, however, encourage users to provide "more accurate, candid or even `advertised' aspects of self," Huffaker said.
This openness poses big questions at a sensitive time.
"We are right at the cutting edge with these privacy issues," said Michael Overing, a lawyer and professor at the University of Southern California who specializes in the Internet. "But the challenge for Congress is how do you write a vast privacy law for online behavior?
"More important, how do you enforce it? It is real difficult to put a genie back in the bottle."
- - -
How the information age can invade your privacy:
If you have a listed phone number, anyone can type it into Google and find a map and directions to your home.
Internet service providers keep logs of everything you do online, which can be made available to police.
Your Internet address can be captured by a skilled hacker who can then figure out your home address.