Roger Clarke's Web-Site

© Xamax Consultancy Pty Ltd,  1995-2024
Photo of Roger Clarke

Roger Clarke's 'Privacy on the Internet'

Privacy on the Internet

Threats, Countermeasures and Policy

Invited Address to the IBC 1997 Australian Privacy Forum, Gazebo Hotel, Sydney, 21-22 October 1997

Version of 19 October 1997

Roger Clarke **

© Xamax Consultancy Pty Ltd, 1997

Available under an AEShareNet Free
for Education licence or a Creative Commons 'Some
Rights Reserved' licence.

This document is at http://www.rogerclarke.com/DV/Internet.html


Abstract

This paper considers privacy in the context of the Internet. It identifies threats, outlines measures that can be taken to address them, discusses government policy considerations, and canvasses ways in which the net community can work towards more effective protections in the future. It comprises several documents, of which this is the central, organising paper. It provides references to the web-based and hard-copy literatures.


Contents

Introduction

Privacy Threats and Countermeasures

Generic Countermeasures

Public Policy

Conclusions

Resources


Introduction

The topic of Internet privacy is dynamic. The issues multiply and the sources increase, on a daily basis. This paper sets out to provide an overview of the issues, and bring some structure to them.

The scope does not extend to such abstract notions as 'the Information Infrastructure' (II), the information superhighway, the infobahn or the cyber-strada. Nor does it cover the emergent promise and threat of cable-to-the-home. Instead, it restricts its focus to the present incarnation of the II, the Internet.

It is assumed that the reader is familiar with the nature of the Internet, and of services available over the Internet, especially the most widely used services: email and the World-Wide Web. Familiarity with the protocols that underlie the services is, on the other hand, not assumed (in the case of the two primary services, for example, the corresponding protocols are SMTP and HTTP).

It is also assumed that the reader is familiar with the basics of privacy, and accepts that members of the public enjoy having private spaces, and want to keep them. Some basic references include:

The paper is structured as follows:


Privacy Threats and Countermeasures

This section provides a brief overview of specific threats to privacy that arise in the context of the Internet, together with countermeasures that are appropriate to each specific threat. Each of them is dealt with in greater detail in a related paper, to which links are provided.

Identity Matters

* Appropriation of One's Identity

People are at risk of other people making statements and performing actions, as though they were them.

* Appropriation of One's Mailbox

People are at risk of other people placing things, and quite possibly lots of things, in their electronic mailbox, which are not interesting, and which waste people's time, attention-span and money.

* Email-Transaction Identification

In general (and with some qualifications), each email message that a person sends identifies them to the recipient.

* Web-Transaction Identification

In general (and with some qualifications), each access a person makes to a web-server identifies them to that machine and its masters.

* Location Extraction

The Internet provides greatly enhanced means whereby people and organisations can find one another.

* The Possibility of Routinised Self-Identification

There are strong tendencies towards individuals being expected to identify themselves on a routine basis, when conducting transactions that have hitherto been anonymous or pseudonymous.

Personal Data Matters

* Transmission Insecurity

Data transmitted over the Internet is subject to the risks of non-receipt by the intended recipient; access by an unintended person or organisation; change to the contents while in transit; receipt of a false message; and wrongful denial (or 'repudiation').

* More Transaction Trails, of Greater Intensity

Internet transactions enable the automated maintenance of yet more trails of one's activities and locations.

* Personal Profile Extraction

The existing and new trails can together be exploited to yield intensive information about each person's behaviour

* Push-Marketing

This intensive data about each individual can be combined with emergent sender-driven technologies, to 'push' information at each individual and thereby exercise significant influence over their behaviour, and reduce their freedom of thought and action.

* Dataveillance

Together, these developments represent a further dramatic increase in the power of dataveillance technologies, to the detriment of society.


Generic Countermeasures

This section provides a brief overview of generic approaches that can be taken to dealing with the threats to privacy on the Internet. Each of them is dealt with in greater detail in a related paper, to which links are provided.

* Net-Community Information-Sharing

People can share information among themselves, in order to disadvantage privacy-abusive organisations, and reward fair dealers.

* Net-Community Direct Action

People can take a number of different kinds of action against privacy-abusive organisations, through a number of different channels.

* Industry Self-Regulation

Corporations may recognise privacy as a strategic factor, and act responsibly. Industry associations may encourage and coordinate efforts of this nature. Innovative products and services may assist this tendency.

* Anonymity and Pseudonymity Tools

A variety of tools are available, many based on cryptographic methods, which enable people to protect their privacy. A school of thought exists that suggests that the Internet, together with these tools, will fundamentally alter the balance of power between individuals and organisations.

* Privacy-Protective Infrastructure

Aspects of the Internet's architecture are capable of being adapted in order to encourage, and perhaps even mandate, privacy-protective patterns.

These approaches all have merit, and all are likely to make a contribution to a less privacy-invasive, and more privacy-protective Internet environment. Even in combination, however, they seem very unlikely to be sufficient to satisfy the public's desire.


Public Policy

This section provides a brief overview of policy aspects of privacy protection on the Internet. Each of them is dealt with in greater detail in a related paper, to which links are provided. At this stage, this final paper is available only in early draft form.

* The Legislative Framework for Privacy Protections

Internet-related privacy issues must not be addressed in a vacuum. They need to be placed within an existing legislative framework. Most desirably, this comprises legislated general principles, a regulatory agency, and processes for the establishment and maintenance of enfoceable codes of behaviour.

* Jurisdiction in Cyberspace

The Internet creates new possibilities for organisations and individuals to escape the strictures of geographically-based legal jursidictions. This qualifies the effectiveness of privacy protection laws, but does not remove the need for them.

* Privacy Protections and the Internet

A range of specific public policy actions are necessary, in order to address the new challenges. These include analysis, information provision, revision of codes, and initiatives in relation to identification schemes, anonymity and pseudonymity.


Conclusions

Privacy is a complex matter. If society is for people, then it is a vitally important interest. But privacy is under severe threat as a result of, among other things, the application of advanced information technologies. It is far from adequately protected against current, let alone near-future, threats.

The Internet provides a whole new set of specific ways in which people's privacy may be intruded upon, and adds new dimensions to existing problems. It necessitates the negotiation of a whole new set of balances among the various interests.

A major difficulty that has to be confronted is the almost complete lack of frameworks and infrastructure within which the negotiations can take place. If we are to sustain the sense of virtual community that came with the popularisation of the Internet, our behaviour, our tools, our services, and the underlying infrastructure need to mature very quickly. So too do legislative frameworks and codes of behaviour.


Resources


Australian Web-Sites


International Web-Sites (mostly U.S.)


E-Lists, NewsGroups, E-Newsletters

A valuable list of relevant e-lists and newsgroups is maintained by EPIC.

The primary e-newsletter is:

The primary discussion fora are:


Hard-Copy Periodicals

The primary Australian publication is:

U.S. commercial information services in the area are:


Books

Relevant books are available from EPIC's Online Bookstore.


Articles


Relevant Articles by the Author

Public Interests on the Electronic Frontier, Invited Address to IT Security '97, 14 & 15 August 1997, Rydges Canberra (August 1997), http://www.rogerclarke.com/II/IIRSecy97.html

Privacy and E-Lists (May 1997), at http://www.rogerclarke.com/DV/E-Lists.html

'Cookies' February 1977, at http://www.rogerclarke.com/II/Cookies.html

'Spam' February 1977, at http://www.rogerclarke.com/II/Spam.html

'Identification, Anonymity and Pseudonymity in Consumer Transactions: A Vital Systems Design and Public Policy Issue', Conference on 'Smart Cards: The Issues', Sydney, 18 October 1996, at http://www.rogerclarke.com/DV/AnonPsPol.html

'Trails in the Sand' (May 1996), at http://www.rogerclarke.com/DV/Trails.html

'Privacy, Dataveillance, Organisational Strategy' (the original version was a Keynote Address for the I.S. Audit & Control Association Conf. (EDPAC'96), Perth, 28 May 1996). At http://www.rogerclarke.com/DV/PStrat.html

Cryptography in Plain Text', published in Privacy Law & Policy Reporter 3, 4 (May 1996). At http://www.rogerclarke.com/II/CryptoSecy.html

'Crypto-Confusion: Mutual Non-Comprehension Threatens Exploitation of the GII' Privacy Law & Policy Reporter 3, 4 (May 1996). At http://www.rogerclarke.com/II/CryptoConf.html

'When Do They Need to Know 'Whodunnit?': The Justification for Transaction Identification; The Scope for Transaction Anonymity and Pseudonymity' Proc. Conf. Computers, Freedom & Privacy, San Francisco, 31 March 1995. At http://www.rogerclarke.com/DV/PaperCFP95. Revised version published as 'Transaction Anonymity and Pseudonymity' Privacy Law & Policy Reporter 2, 5 (June/July 1995) 88-90

'Human Identification in Information Systems: Management Challenges and Public Policy Issues' Info. Technology & People 7,4 (December 1994). At http://www.rogerclarke.com/DV/HumanID.html

The Digital Persona and Its Application to Data Surveillance' The Information Society 10,2 (June 1994). At http://www.rogerclarke.com/DV/DigPersona.html



xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021.

Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 29 April 1997 - Last Amended: 19 October 1997 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/DV/Internet.html
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2022   -    Privacy Policy