Privacy Conference

CAMBRIDGE - A disproportionate number of Canadians were on hand at a conference held recently into the growing concern by Internet users about protecting their identities from fraud, government agencies and marketers.

"You know Canadians. We've always had a national identity crisis," joked Kim Cameron, a Canadian now based in Seattle with Microsoft as an architect specializing in this field. "There is a growing concern in the public because of an exponential growth of fraud. In five years, it will be incredible and in the technical world it takes five years to change anything. As people know more about computers they are less likely to do things on line. The negative effects are very profound."

Internet players like Microsoft and IBM attended the gathering in the interests of shoring up the integrity of the on-line world. A recent poll showed a sharp decline consumer confidence in shopping on-line.

There are three concerns: The use of personal information by commercial interests, by criminals and by governments.
Technology now exists to monitor everyone's movements, shopping habits and financial reputation. And this information may not be securely stored or used without permission.

A recent rash of burglaries in Quebec occurred when bikers tapped into a data base listing the addresses of purchasers of expensive electronic equipment.

"US businesses are starting to appreciate the extraordinary risk of selling information to thieves. It's risky to hold on to this stuff," said Marc Rotenberg, Executive Director of the Electronic Privacy Information Center in Washington DC.

The conference, held at the Berkman Center on Internet and Society, zeroed in on the issues and on the types of technologies needed to protect consumers.

For instance, Microsoft is coming out with an "info card" addition to their software that, among other features, will verify whether a website asking for personal information from a user is "real".

But crime is not the only concern. Privacy is becoming as big an issue in the United States as the public begins to realize that companies, search engines and websites collect massive amounts of credit card, search habit and shopping information about individuals. This is then used to target advertising or is sold to third parties as sales leads or for other unknown purposes.

"Big companies have been rotten about privacy over the past 100 years and we need holistic change in corporate approaches to privacy," Mr. Cameron told the high-level gathering of 60 software professionals. "In Canada, there has always been a different attitude towards privacy. In the 1970s, social insurance numbers stopped being used as identifiers."
By contrast in the U.S., shoppers must routinely, on-line and off-line, disclose their social security numbers and other personal information.

People also have no idea how valuable this type of personal information is to unknown intermediaries. In Canada, one company processes most credit card transactions then packages and resells shopping habit information. Another gives free software to pharmacies in return for consumer spending information which it sells to pharmaceutical companies.

Another issue raised at the conference is the "Big Brother" concern -- the fact that the installation of city-wide Internet access in Philadelphia, and soon in San Francisco, includes provisions allowing the service provider to keep and resell surveillance data.

Stefan Brands is a mathematician who devises algorithms to encrypt, or render anonymous, information. He is adjunct professor at McGill University and CEO of tech start-up Credentica Inc which has devised e-cash, a breakthrough technology for shopping. This "virtual currency" allows a consumer to click and buy, but also keeps him or her anonymous.

Phone giant Nokia has invested in his company in order to explore the possibility that a "virtual cash" feature could be added to its cellphones.

But banks are not interested, he said, "because this cannibalizes their business model".

He's also working on technology that would allow companies to "mine" data about individuals but without knowing their identities or personal information.

"Information like 80% of people in a certain locale over 18 years of age with two children buy twice as many of these products as others," he said. "This is important marketing research information and we are working on ways to find this out without seeing the individuals."

The conference was organized by Berkman Fellow John Clippinger who wrote the "Biology of Business" which exposed the information collection processes and its negative impact on individuals' market rights and civil liberties.

The other players in all of this are law enforcement officials and Homeland Security which need systems that invade privacy in order to do surveillance and investigations.

Mr. Clippinger summed all the angles deftly in his opening remarks.

"It's Benjamin Franklin's 300th birthday and he used 40 aliases during his lifetime to operate freely," he said. "And as Franklin said `they who would give up liberty for temporary security deserve neither liberty nor security'."