I enjoy shopping online. As a college student in rural New Hampshire, the abundance of online retailers is a dream come true, as it allows me to buy the latest fashions and other items directly from my dorm. But what price do I pay for such luxury? I compromise my privacy as a consumer and open myself up to a world of customer profiling, targeted advertising, and analysis of my online behavior.
Currently, there are no all-encompassing legal restrictions on the collection and use of customer-provided data, clickstream data, and other forms of personal information collected about adult consumers over the Internet.1 Instead, we rely on a system of industry self-regulation, built on a market model, to protect consumer privacy. There are several problems with this system. First, it is not universally implemented; sites are not required to disclose their privacy practices. Second, since online businesses stand to gain financially from the use of personal data, especially in targeted marketing campaigns, and because most consumers are not knowledgeable enough to protect themselves, companies may not actually be driven to protect consumer privacy by the market, as was originally thought. Instead, legislation, similar to that passed in 1998 by the European Union, may be required to guarantee Americans’ online privacy.
Defining Fair Information Practices
First, it is necessary to define privacy and fair information practices as they pertain to online commerce. Back in 1973, the US Department of Health, Education, and Welfare developed a Code of Fair Information practices (US Dept. of Health 1973). It is based on five general principles (US Dept. of Health 1973):
* There must be no personal data record-keeping systems whose existence is a secret.
National Security vs. the Right to Privacy
Abstract: Electronic mail is quickly becoming the most prevalent method of communication in the world. However, e-mail systems in corporate, institutional, and commercial environments are all potential targets of monitoring, surveillance and ultimately, censorship.
Electronic mail is a phenomenon that has begun to pervade all aspects of our lives today. We use e-mail in our personal lives, at our schools, at our jobs, and everywhere in between. However, very few of us consider the fact that even though our e-mail is composed by the sender, and is intended to be read only by the recipient, it actually passes through many hands in between. Transmitted e-mail will often travel through up to 5 or 6 different servers on its way from sender to recipient. Along the way, it can be read, changed, and even destroyed by any party with the means and the inclination to do so.
The decision to monitor e-mail is left to the organization that provides the e-mail service to users. These organizations can range from educational institutions and private corporations, to governments and non-profit organizations. Each of these different types of organizations has a different agenda and goals, not only in general, but also for their members-and more specifically, for their members’ e-mail. While educational institutions can provide e-mail facilities to their constituents for the purposes of convenience, employers almost always maintain e-mail facilities for the sole purpose of improving the on-the-job productivity of their employees.
Richard Epstein’s The Case of the Killer Robot, provides an ideal demonstration of the benefits of e-mail monitoring. “Silicon Techronics Employee Admits Faking Software Tests” (…
… middle of paper …
…. Ethics and computing: living responsibly in a computerized world. IEEE. 2001.
Cripps, Wayne. Dartmouth College, Department of Computer Sciences. Personal Communication, January 24th, 2001.
Epstein, Richard. The case of the killer robot: stories about the professional, ethical and societal dimensions of computing. John Wiley and Sons. 1996.
Federal Bureau of Investigation. “Congressional Statement -2000.” http://www.fbi.gov/pressrm/congress/congress00/kerr090600.htm.
Higgins, Kevan. Cleary, Gottlieb, Steen and Hamilton. Personal Communication, January 23rd, 2001.
Matthews, James. Dartmouth College, Department of Computing Services. Personal Communication, January 23rd, February 7th, 2001.
User Communications. Dartmouth College, Department of Computing Services. “Computer and Network Policy.” BlitzMail Bulletin. Wed, 15 Nov 2000 13:36:45.