[an error occurred while processing this directive]
[an error occurred while processing this directive]

Data Management and Privacy in a Post–9/11 World
ECURE 2002 Prenote Address

By David Sobel

Thank you Rob, and thanks to all of you for your attention tonight. I think our local hosts probably would have hoped to have a baseball game to watch tonight, but it’s probably a good thing you don’t because now you don’t have to feel that I’m keeping you from something that might be more interesting.

As the title of the talk indicates, I want to focus on privacy issues that have arisen in the last year since September 11th. These are the issues that my organization has really focused most of our attention on in the last year, but I think it’s also important to understand that the issues that have arisen since September 11th in some ways really crystallize alot of the privacy issues and data management issues that we’ve seen for many years leading up to this period. So, although I’m focusing on the effect of the war on terrorism on information management and privacy issues, I think a lot of the themes that run through this were applicable before September 11th in other areas, and are likely to continue to be increasingly important. And I think the basic theme is that as more and more information becomes available, becomes accessible, there are more and more entities and individuals who are going to seek access to that information. And for that reason, the creators and the maintainers of the information increasingly are going to have less and less control over how that information is used who gets access to it. And I think that reality really is increasingly going to dictate decisions about what kinds of information to maintain, and how to deal with the increasing demands from outside third parties for that information. You know, whether it’s the increasing interest in electronic records in divorce cases, or law enforcement access to EZ Pass Toll records on the east coast there are just so many new categories of information that are being created that anyone dealing with the maintenance of this information needs to really think through who at some point in the future might find this information valuable, and what are going to be the rules that are going to govern that third party access to this information. But as I say, I think the events of the last year have really crystallized these issues in a very dramatic way.

Projected visual:

“Terror probe reaches 220 U.S. colleges and universities have turned over information about their international students… The issue has raised concerns with student organizations, civil libertarians and universities handing over the data.”
CNN.com, October 25, 2001

It was just about a year ago that we very first started seeing the immediate impact of September 11, and the ensuing investigation on college campuses. Here is one representative news article that appeared a year ago indicating that there has suddenly been a real explosion in governmental investigative interest in records that were maintained by colleges and universities. This article indicated that already, by last October, just a little more than a month after the events of September 11, that already 220 U.S. colleges had turned over information to the Government concerning foreign students. Now, this is important to know that this development and this degree of activity occurred even before the Patriot Act was signed into law. It’s interesting that this article was dated October 25. The Patriot Act didn’t become law until the next day, October 26. So, already even before the Government had gotten the expanded powers to demand information, which I’m going to talk about in a minute, already this was an existing phenomenon.

The Patriot Act was, as most of you probably know, enacted very quickly. It is a massive piece of legislation that affects a broad range of U.S. law above and beyond just the information access issues that I’m going to be talking about. But I think that in many ways if you remember the very abbreviated legislative debate that surrounded the Patriot Act, many of the issues that I’m going to talk about were not in any real way thought through very clearly. I think there was very much a sense in Congress that something legislatively needed to be done, and there was a great deal of pressure placed on Congress by the Administration to enact this legislation which in many ways was really a law enforcement and intelligence community wish list in terms of collecting the largest amount of information possible. Those of us, who were critical of the Patriot Act, at the time, raised the question that it was really a solution to a problem that had not yet been clearly identified. Many of us said, for instance, that although the emphasis of the Patriot Act was on increasing the flow of information into governmental investigative agencies, that there was not at that time any clear understanding of how well the information that these agencies already possessed had been processed and analyzed. And in fact many of us believed that it was more likely that the problem that agencies like the FBI and the CIA had prior to September 11, was that now as a result of new information technology, they were already receiving so much information that basically the important pieces of data were being lost in this flood of what was now available largely as a result of the technology. And I think, looking back at what we have learned in the last year, and particularly as a result of the ongoing joint Congressional investigation into the events leading up to September 11th, I think that has largely been borne out. I mean we have now seen many examples of these agencies having in their possession or at least in some database or in some channel, pieces of important information that were really just lost in the floods. So, I think there remains a very real question as to how effective ultimately these changes which are designed to increase the flow of information to the government, how effective these new powers are really likely to be.

Projected visual:

Anti-Terrorism: USA Patriot Act

But the three important things at a very basic level that I think it’s important to understand about the Patriot Act are these three points: first, that it expands government’s surveillance power. And this is done in a number of ways, whether it’s expanded electronic surveillance or increased access to records, the ability to conduct physical searches without notice, to the owner of the premises being searched. I mean this is a theme that runs through many aspects of the Patriot Act. Another related characteristic is that the Patriot Act limits the role of the courts in supervising and authorizing the surveillance activities. Where traditionally we have thought of the courts as the check and balance in this area, the Patriot Act really diminishes the protective role that the courts have traditionally played. And finally this is a theme that we’re hearing a lot of discussion of now in Washington as the congressional committee investigation continues, and new proposals are being made to fix the problems. There’s this trend toward blurring the distinction that we traditionally made between law enforcement information collection and intelligence information collection. And it’s an important distinction because of course on the law enforcement side there have always been requirements of probable cause for instance before a search warrant could be issued; where as on the intelligence side “ CIA information collection, or National Security Agency information collection “ for national security purposes there are not those same legal hurdles that need to be met. And really ever since at least the end of World War II, this has always been a very clear distinction in our legal system between these two kinds of government investigation, to the point where in the late 40’s when the CIA was created Congress explicitly said in the National Security Act that the CIA was to have no domestic police function to make clear that that wall between law enforcement and intelligence gathering was supposed to be very strictly maintained. That, since September 11th, and particularly in the Patriot Act has largely fallen away.

Projected visual:

Broad New Subpoena Power

FBI may obtain an order requiring production of “any tangible things (including books, records, papers, documents, and other items) for an investigation to protect against international terrorism or clandestine intelligence activities.”

Gag Order — “No person shall disclose to any other person (other than those persons necessary to produce the tangible things under this section) that the Federal Bureau of Investigation has sought or obtained tangible things under this section.”

USA Patriot Act, Sec. 215

I think the provision of the Patriot Act that has probably received the most attention in your community and in the Library community and the information handler community is Section 215. And you see the language of it here: it gives the FBI the ability under a very low threshold showing of need, the ability to obtain an order for the production of any tangible things including books, records, papers, documents, etcetera; for investigations to protect against international terrorism. The breadth of that provision and the ease with which law enforcement can obtain these orders is really exacerbated by the fact that there is this other provision, which is referred to as the Gag Order provision, which prohibits the document custodian or the records custodian who is served with one of these orders from disclosing that fact. It can’t be disclosed to the person to whom the information might pertain or to the media or to colleagues. So, the situation that we’re in now is that we have on the books this very broad authority and no real way to have any public oversight or any statistical information on how often and how commonplace this kind of order has now become. So, I think one of the real concerns right now — I know it’s true within the library community — is that an organization like the American Library Association which obviously has a very keen interest in this issue is not in a position to even know how much of an impact this provision is having on its membership. So this is an issue that I think you’re likely to hear more about. My organization in conjunction with the ACLU has submitted a Freedom of Information Act request to the Justice Department to try to get information on, even statistical information about how prevalent these kinds of orders are. I think it’s likely that it’s going to be a real fight to get that information. I can tell you that the House Judiciary Committee has attempted to get information on Patriot Act implementation from the Justice Department, and has encountered a lot of resistance. So, I think there’s going to be an ongoing controversy over just getting the basic facts as to how much of a problem this issue really has become.

Projected visual:

Monitoring Computer Networks

“Roving” wiretaps — specific communication facility need not be identified.

USA Patriot Act, Sec. 206

Justice Department has described these as “generic” orders.

Could have a significant effect on the privacy rights of large numbers of innocent users, particularly those who access the Internet through public facilities such as libraries and university computer labs.

Could result in Carnivore Installations on university networks.

Another provision that I think it’s important to know about is the so-called “roving wire tap” authority. And this gives the Government the ability to get what the Justice Department itself has described as a generic court order that doesn’t need to specify who it is being served on so that if for instance there is an investigative interest in a particular individual, before this provision became law the court order would need to be directed to America Online, or to Arizona State University — to some specified entity. Now that the roving wiretap provision is in effect, that line that used to say “To” — fill in the entity — is now blank, and would now say “To whoever this is being presented to,” — “To whom it may concern.” So, this also raises some very significant issues particularly, I believe, in a university setting where — Do you have a question? No problem.

[Question unintelligible]

Yes. I should explain that all of the orders or the great majority of the kinds of orders that flow out of the Patriot Act are issued by the Foreign Intelligence Surveillance Court, which is a secret court that sits in Washington. The Justice Department is the only party that appears before the Foreign Intelligence Surveillance Court, and these so-called ex parte orders indicating that it was only the government involved in making the application and that there was no adversarial process that gave rise to the order. That is what comes out of the Foreign Intelligence Surveillance Court process.

[Question unintelligible]

Yes, and it’s interesting that you raise that question because we are now actually seeing for the first time since this regime was created in 1978, we’re starting to see — well, we’re starting to know that that process is playing itself out. I won’t go into too much detail on this because it veers me a little bit away from the topic that I’m primarily focusing on, but it’s interesting to know that within the last few months the Foreign Intelligence Surveillance Court rejected a Justice Department proposal for new procedures governing the handling of foreign intelligence surveillance information. In other words, the take of the day, the intelligence being gathered through these orders, the Justice Department would like to disseminate more widely throughout the government. The Foreign Intelligence Surveillance Court rejected those new proposed guidelines, and did so for the first time in its history in a public order. The Justice Department in response has filed an appeal with the Foreign Intelligence Surveillance Court of Review, which up until the last two months had existed on paper only, and had never actually convened. But now, because this is the first time in which the Justice Department has actually lost a case in front of the lower surveillance court this new court of appeals has convened and is now considering that issue. If the court of review upholds the lower court and the Justice Department remains unhappy then there would be an appeal to the Supreme Court. And at that point nobody really, frankly, knows what the procedure is. It might necessitate for instance for the first time in history a closed hearing before the Supreme Court. So these are some very interesting and novel issues that are starting to arise in this whole area, but I guess it does underscore the fact that this is a closed process and everything that gives rise to these ex parte orders is really shrouded in secrecy.

So, the order for electronic surveillance issued to a generic recipient I think has some obvious implications in the university environment. If a student at a university is an individual of interest to the government I think it’s very likely that such an order could be served on the university for access to university’s computer network. Because obviously if a student of interest has access to a university computer lab the government is going to say, “Well we need to have monitoring in place on that network so that if that student makes use of that network we have access to that information.” So — Are people familiar with what Carnivore is? I’ll just briefly explain it: Carnivore is the FBI Internet surveillance system that is placed on a network to basically capture the flow of packet data, to basically segregate out the electronic transmissions that the government is interested in. So, when you couple the roving wire tap authority with the Carnivore technology I think you then have a very strong possibility that increasingly university networks are going to be subject to this kind of full time monitoring so that basically everything all of the packets flowing through a university system might be subject to monitoring to capture those packets that the government might unilaterally decide are relevant to the order. And please do — I understand that a lot of these concepts are a little strange, so please do feel free to ask questions as I go along. Yes?

[Question unintelligible]

That’s definitely a problem in the Carnivore methodology, that what Carnivore will do will capture the packets and then when there is a review done of what that data is, if the data is encrypted, then the FBI has — we know, I mean, this sounds like science fiction, but it isn’t — the FBI has developed something called Magic Lantern, which is a trojan horse or a virus that can be remotely installed on a target computer that would enable the capture of an encryption pass phrase. So if by going through the data packet capture route they find that what they’re obtaining is encrypted, then they have these other technologies available to them to attempt to capture the password surreptitiously, which would give them the ability to then go back and decrypt what they had previously intercepted. So, the capabilities are substantial.

Projected visual:

Access to Student Records — FERPA

Amendment to FERPA permits schools to disclose — without the consent or knowledge of the student or parent — personally identifiable information from the student’s education records to the Attorney General in response to an ex parte order in connection with the investigation of terrorism.

Also amends FERPA’s record keeping requirements ૼ does not require a school official to record a disclosure of information from a student’s record when the school makes that disclosure pursuant to an ex parte order.

USA Patriot Act, Sec. 507

I guess the most direct and specific impact for this audience is the fact that the Patriot Act specifically amends FERPA to enable the disclosure of personally identifiable student information to the Attorney General — meaning the Justice Department, the FBI — again in response to an ex parte order growing out of a terrorism investigation. And in the gag order equivalent in this regime: the school would not be required to record the disclosure as it normally would. So, this provision in effect would begin to interfere with audit trail procedures and the standard requirements that you would otherwise have under FERPA if there was a disclosure of the information. Yes?

[Question unintelligible]

That’s good to hear. Right. Well, I mean I think that these issues are now being grappled with — I assume that university general council are probably as we speak trying to figure out exactly what the obligations are and what the competing considerations are. I’m not sure how that’s all going to play out. You all would know this better than I do, but I have heard that university general counsel tend to be fairly conservative, and if there was an issue as to whether or not a disclosure would for some reason — the reporting of a disclosure — would somehow run afoul of the Patriot Act, my understanding is that most of the university attorneys would say, “Well, we’re not going to, we’re going to err on the side of compliance with the Patriot Act.” So, it’s good to hear that you’ve had that different experience in Idaho. Actually that reminds me that last year during the Patriot Act debate I was very surprised to see a very interesting article in the New York Times that indicated that it was in the West where there seemed to be the most sort of grass roots opposition to a lot of these changes. So that would bear that out.

Projected visual:

Access to Student Records — NCES

Justice Department can now obtain National Center for Education Statistics (NCES) records for terrorism investigations. A court order is required, but the access standard and procedures are minimal.

USA Patriot Act, Sec. 508

“After looking at the new law, schools would be acting reasonably to protect themselves and their students if they decided not to provide data to NCES in the future.”

Here’s another Patriot Act amendment that allows the Justice Department to obtain National Center for Education Statistics records. Again, a court order is required but as I said, because the role of the courts has been generally diminished under the Patriot Act for — in most of these areas it’s really very much a pro forma process of obtaining the court order. This quote here: “After looking at the new law, schools would be acting reasonably to protect themselves and their students if they decided not to provide data to NCES in the future.” This is from a very well known privacy expert and consultant in Washington named Robert Gelman, who recently wrote a piece on this issue and came to that conclusion.

Projected visual:

Reaffirming Ethical Standards

The Library Bill of Rights affirms the ethical imperative to provide unrestricted access to information and to guard against impediments to open inquiry. Article IV states: “Libraries should cooperate with all persons and groups concerned with resisting abridgement of free expression and free access to ideas.” When users recognize or fear that their privacy or confidentiality is compromised, true freedom of inquiry no longer exists.

Adopted June 19, 2002, by the ALA Council

So those are some representative examples that I think affect you most directly of the changes that have been made in the Patriot Act. And I think as a response we’re seeing various sectors who are involved in data handling issues beginning to, as I put it here, reaffirm their existing ethical standards. I think the best recent example of that is this reaffirmation or what they referred to as a privacy interpretation that was recently issued by the American Library Association. This was obviously and very clearly motivated by the enactment of the Patriot Act, and the issues that it raises within the library community. And you see them here reiterating the Library Bill of Rights, and — the final sentence there: “When users recognize or fear that their privacy or confidentiality is compromised, true freedom of inquiry no longer exists.” — and I think that’s obviously applicable in the university environment as well.

Projected visual:

Fair Information Practices

So, when we talk about reaffirming ethical standards or beginning to come to grips with a lot of these issues I think it’s interesting to look back at something that’s been around for a long time and is really very basic and that’s the Fair Information Practices. And I think in the face of this new environment where it is increasingly likely that data creators and data handlers are likely to have less and less control over that information that these principles are probably now becoming even more important. And I guess the first one is really the most fundamental and the most important: “Limiting the collection and use of personal information for the purposes intended.” I think there do now have to be serious questions asked about is particular information really necessary for the desired purpose? To be honest I don’t know a lot about the kinds of records that all of you are likely to handle, but I know that there are certainly other examples of this that I think are very good indications. For instance, I mentioned early on the EZ Pass toll system that’s very prevalent on the East coast. These are the systems that allow people just to drive through toll plazas without actually throwing coins in baskets, but there is an electronic transponder that will record the fact that the car has gone through and will deduct the toll from that individuals account. That kind of system can be designed anonymously and fulfill the function that it’s designed to fulfill, which is paying a toll. When you throw a quarter in the basket there’s no record of the fact that that was you in your car, at that time, in that place. So, traditionally you have toll collection done anonymously without the generation of these records. Now because of the new technology you’re creating a record of something that has historically been anonymous. So the question in that environment arises, “Well, why can’t that system be anonymous? Why can’t they have machines that you could recharge the value on your account by placing a $20 bill in the machine?” The point is that if minimization of the amount of information generated by this kind of system was a design element when it was being, when the system was being designed, there are very easy ways to do that. But because that hasn’t been done we are increasingly seeing law enforcement requests for access to those records for the purpose of putting a particular person in a particular place at a particular time. So this is a problem that has been generated by the fact that the information now exists. I frankly think increasingly it’s likely that the administrators of the EZ Pass toll systems are going to find themselves with subpoenas in domestic relations cases. “My husband claims that he was going to his job. I want to show that he was going to see his mistress.” So I think it’s a great example of how the fact that information now exists, sort of creates a new market for that information and new individuals and entities that suddenly want that information.

There was also a good example of this about a year and a half ago when during one of the anti-globalization demonstrations in Montreal, apparently a police car was broken into and a police document was stolen out of the car. The contents of the document were later posted on a Web site in Seattle that was maintained by a group called the Independent Media Center. And the way that this Web site works is that basically anyone — it’s kind of like a message board — anybody who wants to post something can post it at this Web site. So once the Royal Canadian Mounted Police saw the contents of their stolen document on this Web site in Seattle, they obviously were interested in finding out who might have had access to the Web site during the period of time that the information was posted. They went to the FBI. The FBI served an order on the Independent Media Center for the logs for the web site, asking to see the IP addresses of everyone who had accessed that web site during a designated, I think it was a 48-hour period. The Independent Media Center when they received this order said to themselves, “Well, we really hadn’t even thought about the fact that these logs were being generated. You know, the Web software comes out of the box and this is how it works, and we never really gave it a lot of thought.” Well, this was a lesson that they learned, that they didn’t have any operational reason to maintain these logs, or if they did they certainly didn’t need to maintain them in perpetuity. And they started to realize that because of the political arena that they work in that increasingly their Web logs were likely to be of interest to investigative agencies around the world. So, as a result of that experience, they changed their practice. They purge the logs, and I think it’s probably true that in the future they’re less likely to have that kind of problem. So I think those are two good examples of how in the face of a likely increase in demands for information some thought can be given to what you’re generating and how you might be able to minimize it.

These are the rest obviously, the rest of the Fair Information Practices, which I think all make a lot of sense. They always have, and they obviously still do. So I would urge people to sort of reacquaint yourself with those principles.

Projected visual:

Conduct a Privacy Audit

Karen Coyle, “Make Sure You are Privacy Literate,” Library Journal, Oct. 1, 2002.

Here, also coming out of the library community, where obviously there’s been a lot of thought about all of this, is the suggestion to conduct a privacy audit. This is something that comes from an article by a librarian in California, Karen Coyle, in I guess is the current issue of Library Journal. And again, this is in some ways an expansion on the Fair Information Practices: “Determine what data are stored that could identify an individual; Decide how long you actually need to keep the data.” Then, there’s the suggestion that statistical anonymized information might serve the same purpose as something that might otherwise be personally identifiable. Look at “timetables and procedures for deleting inactive records,” and look at who has access and ensure that they need to have access. So I think those are all some very good recommendations that again, could over time minimize some of the problems that are likely to arise.

Now finally, I have just — and these, my slides, are in your materials — these are a couple of — or a few — resources that I think are worth taking a look at.

Projected visual:


The first one is some guidance that has been issued by the Department of Education on the Patriot Act amendments to FERPA. Then there is the paper by Jenny Rezmiersky that actually was pre–September 11th, but probably is now all the more relevant, that looked in a university setting at how much information on university networks is in fact being logged kind of as a matter of course without a lot of thought necessarily being given to it and the issues raised by that activity. And then the final one: this is a new paper that comes out of the criminal justice environment. The courts increasingly are starting to ask themselves how to handle information that they are making available on-line. Some interesting issues raised, for instance, with bankruptcy records, which tend to contain a lot of personally identifiable financial information, and the reason I’m suggesting that is I think it provides a good framework for looking at privacy issues generally, and thinking through what appropriate privacy policies are.

So, I think I will stop there, and see if there are any questions or comments that any of you might have. Yes, sir.

[Question unintelligible]

I think it’s — you know, I think there is a real conflict, and I think you see it in a lot of different ways. I think there are certainly good reasons for maintaining records to provide accountability. You know, an example that my organization has just recently encountered — and I’m not sure that I know the right answer to this — is the following: We’ve been very interested in finding out about the actual operation of this new, very widespread video surveillance system that has been put in place in Washington. We would like to know for instance, when there are political demonstrations in Washington whether there are being records images maintained of people participating in political rallys. We made a Freedom of Information Act request to the National Park Service for any images that they had recorded, I think specifically during the July 4th events in Washington. They wrote back and said, “Well, we have instituted a privacy policy that requires us to destroy any such records if there wasn’t any criminal activity.” In other words, they make the tapes, and then two days later if they realize that they have no reason for criminal investigative purposes to look at those tapes they destroy them. Well, we made a Freedom of Information Act request, which would normally freeze those records until our entitlement to those images could be somehow adjudicated. So here we were, a privacy organization that obviously doesn’t want to encourage the government to maintain pictures of people ending up in a position where in our attempt to oversee what the Agency was doing might have in fact interfered with their destruction plans. So you know, I don’t know that there’s any really good answer. I think if the minimization of the collection is in place at the outset, then hopefully you’re not talking about preserving material that maybe never should have been collected in the first place.


[Question unintelligible]

Well, one of the real problems is getting a handle on what setting will arise in which it can be challenged. There are generally two ways to challenge a statute: one is when it has been applied against you, in particular. In the case of the Patriot Act that would probably mean some terrorism prosecution, which is not the most appealing setting in which to challenge the constitutionality of the Patriot Act. Whether it’s, you know, an al-Qaeda suspect who’s been wire tapped under the Patriot Act, you know, raises the issue. I don’t think anyone in the civil liberties community really looks forward to that being the setting in which it’s challenged because, you know, we don’t think we’re making these constitutional arguments on behalf of al-Qaeda. We’re making the arguments on behalf of library patrons. So, then the question is, “Can it be challenged on its face?” Meaning: Without even being specifically applied to any individual, can the ALA or a university sort of initiate a generic challenge that says, “This appears to require us to do things in the future that we think are going to be problematic.” And I don’t think there’s a very good basis for such a lawsuit. I mean, typically facial challenges to statues are raised in First Amendment cases where — you know, the Communications Decency Act is a good example: it said it made it a crime to post indecent material on the Internet. So there you can say, “Well, you know, I have a Web site that deals with fairly racy material. None of it is obscene, and I’m now chilled in the operation of my Web site because I’m concerned that if I put the stuff on my site that I usually put on my site I’m going to be prosecuted.” That’s sort of a classic facial challenge where you say, “It’s now inhibiting me from exercising my rights.” It’s a lot harder to say that with the Patriot Act because the Patriot Act tends to raise Fourth Amendment–type issues, and those issues are typically raised in a defense, in a criminal prosecution. So it’s something that the civil liberties community has been grappling with for the last year, and I don’t think there’s any great way to deal with the problem. So I think unfortunately it probably will be in terrorism prosecution cases that we’re going to start to resolve some of these issues, which are not, I say, which are not the best facts.

Anyone else? Yes.

[Question unintelligible]

Well, yeah, I mean I think at least before September 11th, you know the sense was that in the United States, the concern was about the government — what the government had access to. So, privacy vis-à-vis the government — that was the biggest concern, and there was less concern about the private sector, and this would seem to explain how freely people seem to share information, and — you know, fill out warranty cards, and for some reason feel like a company giving them a warranty on a toaster needs to know their annual income and everything else. So I mean, that phenomenon had been observed for a long time: that people would freak out about a census form, because that’s going to the government, but would fill out these warranty cards. And then the flip side of that was that supposedly in Europe it was the other way around: that they were very concerned about the private sector, and felt that the government was their protector, which in fact is really demonstrated in the EU privacy directive, which is sort of a very heavy, governmental, regulatory hand on what the private sector is doing with personal information. So that was sort of the sense of where things were culturally between the United States and Europe at least. And then after September 11th, I think a lot of polls indicated that the concern about the government in the United States really disappeared at least for a while, and you know, you saw people saying things like, “I don’t care if the government reads my email if it protects me against terrorism.” I think that was, you know, a momentary blip, and that over time we’re likely to get back to the more traditional American attitude which is a lot of concern about what the government has access to.

Yes, Rob.

[Question unintelligible]

Yeah, I mean, actually I recently have started to question how useful the terminology “opt-in” and “opt-out” is. I mean, I thought that really sort of explained what the differences were until in the context of wireless privacy issues. This is the whole location privacy, you know, the fact that suddenly a cell phone is able to generate a detailed record of where you were at a particular time kind of like the EZ Pass issue. And the wireless industry has adopted an opt-in approach to dealing to collecting and using location information. So initially I thought that was a great thing, and then there were some submissions to the FCC on that issue where some of the companies explained what they meant by “opt-in,” and apparently what some of them meant was that when a customer initially signed the service agreement there would be a statement that says, “By entering into this service agreement, I hereby agree — ‘opt-in’ — to the company’s use of my location information in a manner that they deem appropriate.” So at that point I started to realize that those terms have sort of lost their meaning now, because now you get into the more difficult sort of questions as to “How is the opting-in going to be expressed, and does it have to be transaction by transaction?” You know, my sense of what it means to “opt-in” to the use of location information on a cell phone would be: You’re talking to someone on the phone, and they say, “We’d like to recommend a restaurant nearby close to where you are right now. If you would like us to do that, press the little ‘find me’ button on your phone, and then we’ll know where you are, and we can tell you what a good restaurant is.” I mean, to me that’s what “opt-in” on the use of location information is, but some of the companies think that the fact that I have the phone is my “opt-in,” so I think things are likely to get very complicated in that area.

[Question unintelligible]

Well, I mean, I think the Graham–Bliley notice process has been totally discredited, and I’m not sure that there’s anyone who is seriously defending it as a meaningful privacy measure anymore. So, you know, that’s sort of a great example: we’re talking about “opt-in” and “opt-out” but that’s sort of a great example of how the privacy issue can be “co-opted,” I think. Because everyone starts to say, “Okay, we’ve put in place this great privacy regime,” and it doesn’t do anything.


[Question unintelligible]

No. I mean, I think that’s the problem with this gag order scenario, that the universities are prohibited from making that information known. And I would assume that even in a conference like this, where typically there would be that kind of exchange of information, if any of you were directly involved in executing such an order you couldn’t mention it to any of your colleagues at this conference. So, I just think that’s a real problem, and I’m not sure how we’re ever going to get a good handle on that when there’s this new government investigative power that no one can know anything about. I mean it’s something that seems very contrary to the way we’re used to doing things.


[Question unintelligible]

Well, I’m hoping that there is going to be a movement in that direction. I mentioned that the House Judiciary Committee has requested that kind of statistical information from the Justice Department, and has been frustrated in getting it. I think that’s likely to result in a statutory reporting requirement, because we have it in other areas. For instance, the wiretap statute: Every year results in a very comprehensive report on the number of wiretap warrants issued not just by the Federal Government but in all of the States. So there’s certainly a tradition of at least reporting statistically on these, what everyone recognizes are very intrusive investigative techniques. So, I think it’s a possibility.

Well, if those are all the questions I thank you for your attention, and I’ll — I’m speaking on a panel tomorrow morning on ethics issues also, and would be glad to talk more to all of you during the course of the conference. So, thank you very much.