Home | Databases | WorldLII | Search | Feedback Privacy Law and Policy Reporter

Greenleaf, Graham --- "CFP 95' - Pulse of privacy in America" [1995] PrivLawPRpr 44; (1995) 2(4) Privacy Law & Policy Reporter 66

CFP '95 - Pulse of privacy in America

Graham Greenleaf reports on the Computers, Freedom and Privacy Conference

There is no better place to test the pulse of privacy concerns in the US than the fifth annual Computers, Freedom & Privacy Conference (CFP), which was held in San Francisco on 28 to 31 March 1995. CFP has become the main annual meeting ground for those who advocate 'freedom on the internet', business representatives concerned with government regulations, and some of the regulators. It is a very volatile conference, as a large part of each session is given over to audience questions, and many sessions are structures as debates.

At least three privacy themes emerged from the presentations and debates at this year's CFP: technological solutions to privacy protection got far more attention than legislative protections; a 'right' to anonymous transactions and communications recurred; and the unwillingness of most participants to look beyond the US Constitution and American approaches as a conceptual framework.

Encryption for the masses

Being able to encrypt messages, particularly when they are to be sent over relatively insecure channels such as the internet, serves both privacy protection and security of commercial data. Phil Zimmerman is author of the PGP (pretty good privacy) program which is generally accepted to be for all practical purposes 'uncrackable' (that is, 'strong' encryption, in contrast to 'weak' encryption which can be cracked with only moderate effort by security agencies and others with sufficient computing resources and expertise). He put PGP in the public domain, and it soon became available worldwide via the internet. For his efforts to bring strong encryption to the masses, the Electronic Frontier Foundation gave Zimmerman a Pioneer Award at the CFP conference.

However, Americans cannot export PGP, or include it in US software sold worldwide, because US export laws class strong encryption programs as a 'munition', and will only licence weaker forms of encryption for export. Zimmerman is being investigated by prosecutors for allegedly placing PGP on the internet, facilitating its 'export' (see Private Parts this issue). US and other companies must therefore use non-US programs of equivalent encryption strength for secure international data transfers. Software company representatives at CFP regarded this as a major commercial problem.

It would seem to be likely, on the evidence of the CFP conference, that the US authorities will soon be forced, by commercial pressures and the technical impossibility of prevention, to give up trying to prevent strong encryption being used by anyone who wants to. The idea of Government-held copies of all encryption 'keys' (a main element of the 'Clipper' proposal) is also likely to be abandoned in favour of some form of private 'escrow agents' holding copies of the keys used by companies, and therefore susceptible to disclosure to government agencies that can obtain an appropriate search warrant. The debate may shift to questions of when agencies should be able to obtain a warrant to obtain keys to decrypt communications, and how effective this is likely to be.

The implications for countries outside the US are significant, at least for countries such as Australia which have a policy of having the technical capacity to intercept all telecommunications (see (1995) 1 PLPR 161). The Barrett Review assumed that encryption was not 'a significant threat to interception, at least in the foreseeable future' (see (1995) 1 PLPR 162). If there is widespread use of strong encryption in the near future, the Barrett recommendations may require further review faster than anticipated.

Digital cash

A second form of 'technological fix' for privacy problems that caused interest at CFP was 'e-cash' or electronic cash, a method of payment for goods or services over telecommunications systems. The 'merchant' involved in the transaction does not necessarily obtain any identifiable information about the 'consumer' (in contrast, say, with the use of a credit card), but does get guaranteed 'e-cash' redeemable against the electronic 'bank' that provides the e-cash service. Nor does the 'bank' obtain information about which 'merchants' each customer dealt with, but does have evidence of how much 'e-cash' in a customer's account has been spent.

David Chaum of DigiCash, one of the inventors of the field, gave details of products now in use over the internet (as electronic 'coins' that you withdraw from the 'bank' and hold on your PC), and in the form of stored-value cards which can be used for transactions such as highway tolls.

'E-cash' of some type is likely to become a vital part of commerce conducted via the internet, and has considerable potential for privacy protection in relation to online transactions which can sensibly be conducted for the equivalent of (anonymous) cash, such as the cost of searching or browsing a database.

'Anonymous' remailers

A hot topic of dispute was the ethics (or long-term legality) of 'anonymous remailers'. These independently operated e-mail forwarding services on the internet allow A to send a message via remailer C to B (where B might be an individual or a discussion list, or many of each), so that remailer C strips from the message(s) all headers that identify A as the source of the mail (or even the computers that the mail has travelled through enroute to C). They are the e-mail equivalent of sending an anonymous letter or circular through the post, postmarked from a meaningless post office. Those relying on anonymous remailers must trust the operator to effectively and immediately destroy all incoming header information. In a recent case, US police (acting on a copyright complaint by the Church of Scientology) had a warrant served on a Finnish remailer who handed over information identifying the source of messages distributed via the service. However, if e-mail is sent via a chain of remailers, and encrypted until the last step, it is apparently nearly impossible to trace.

Anonymous remailers, like anonymous mail, allow the widespread dissemination of defamations, invasions of privacy, material which breaches copyright, erotic or violent or offensive material, and threats, without the sender being traceable. Unlike conventional mail, anonymous e-mail makes possible very cheap mass distribution, and is even more anonymous than the peculiarities of paper and ink. Since it can operate via remailers located anywhere in the world on the internet, it may be very difficult to sue or prosecute the remailer until there are uniform global laws governing the internet.

Will anonymous remailers be made illegal, just as anonymous radio or TV stations or newspapers are illegal in most countries in the world? Until 'caller-ID' arrived, telephone companies were for most purposes 'anonymous remailers' of phone calls. Or will there simply be an attempt to make the remailer liable for re-publishing certain types of communications? A CFP speaker suggested that it is only going to take one bomb threat delivered via anonymous remailer to bring the issue to the forefront of debate about regulation of the internet.

As Roger Clarke (the only non-American to appear in the CFP '95 panel) stressed, subtle differences between 'anonymous' and 'pseudonymous' need to be appreciated, with remailers and elsewhere. The Finnish remailer was clearly only pseudonymous (at least until it destroyed any message headers) - it may be justifiable to support pseudonymous remailers while opposing genuinely anonymous ones. The difference is essentially whether or not a search warrant will be effective!

A right to anonymity?

Digital cash is one technical aid toward what was seen by some commentators as a need for a right to insist on transactions being anonymous in some contexts, such as Intelligent Transportation Systems (ITS). The privacy implications of such systems are becoming a significant issue in the US and Canada, but a set of 'privacy principles' developed by a group of ITS developers indicates that they are not taking anonymous transactions seriously, and are instead intending to merely provide a right to consumers to 'opt out' of the re-use of their (already collected) information.

Are privacy rights irrelevant?

The increasing stress being put on a right not to have identifiable information collected at all, and on technical aids to protect such anonymity, is the 'just say no' approach to privacy protection. To some extent, at least, it reflects a cynicism about the usefulness of any legislation, codes of conduct, or other attempts to control the use of personal information once it has been collected. This is particularly so in the US, which has no national privacy laws worth considering, and no likelihood of getting any through Congress.

While the 'just say no' approach has a lot to be said for it, and will become far more important in future, a strange feature of the CFP conference was how little it seemed to be recognised that for most transactions, particularly those involving welfare, credit, insurance, employment and police systems, anonymity is simply not an option, and it is in those areas that many of the most systematic abuses of privacy occur. There was little discussion at CFP '95 of these traditional areas of privacy concern - either the 'netniks' weren't interested, or they had given up.

First amendment problem

From what was said by conference speakers, you could be forgiven for thinking that the internet stopped at the borders of the US. The international dimensions of privacy and other problems were hardly mentioned, and possible international approaches to solutions not at all. Many speakers were obsessed with what was or was not permissible regulation in light of the first and other amendments to the US Constitution, giving the clear impression that the rest of the world could just be expected to adopt whatever domestic solutions the US arrived at. The approach that the Europeans are taking to the Data Protection Directive (see 2 PLPR 80) shows that it is unlikely to be that simple. Hal Abelson, chair of CFP '96, which is to be held in Boston, intends to have a more international focus.

[For an excellent detailed summary of the whole CFP conference, see Roger Clarke's personal notes on the internet at http://online.anu.edu.au/comm/staff/RogerC/Dataveillance/CFP'95 ]

[Defining Rights at the Crossroads of the Information Age (Pre-proceedings of the fifth Conference on Computers, Freedom & Privacy), 28-31 March 1995 - 227 page copies available for US$30 plus postage from Stanford Law and Technology Policy Centre, PO Box 6657 San Mateo, California 94403, E-mail sklave@leland.stanford.edu, fax: +1 415 548 0840]