Roger Clarke's e-Transport and Privacy

How to Ensure That Privacy Concerns Don't Undermine e-Transport Investments

Roger Clarke

Principal, Xamax Consultancy Pty Ltd, Canberra

Visiting Fellow, Department of Computer Science, Australian National University

Version of 23 July 2000

For presentation at the AIC e-Transport Conference, Melbourne, 27-28 July 2000

© Xamax Consultancy Pty Ltd, 2000

This document is at http://www.anu.edu.au/people/Roger.Clarke/EC/eTP.html


Abstract

The application of telecommunications-based tools to commerce in the transport sector involves personal data, gives rise to data privacy concerns, and is subject to data protection laws. Beyond this, however, e-transport embodies the spectre of ubiquitous surveillance of people's locations, the paths that they follow, and the behaviour that they exhibit.

Legislatures have completely failed their responsibility to establish protections for privacy of the person, and of personal behaviour. As a result, e-transport technology providers and organisations that apply their products will be highly privacy-invasive, and will be seen to be so, and hence will attract public opprobrium. An outline is provided of how organisations can work to avoid privacy concerns undermining their investments in e-transport.


Contents


Scene-Setter No.1: Video-Surveillance Function-Creep

In late 1998, several Sydney people were charged with the murder of a diplomat in Canberra. A key factor was that the person's car had passed along the Hume Highway between the two cities on the night in question. This had been detected by the Safe-T-Cam system operated by the N.S.W. Roads and Traffic Authority.

For many years now, Safe-T-Cam systems have been in operation at at least nine locations on the State's highways. Their purpose is "to monitor heavy vehicle long-haul times for speed and rest periods, using digital plate recognition. The motion detection cameras were obtained from Kodak, San Diego, processor boards from Motorola, and data site equipment from Sun Microsystems. Video cameras are Sony. According to the installer, Advantra, the system can be used in a variety of situations where motion tracking is a feature of the surveillance" (DoS 1997).

There are several aspects to this matter. The first and most obvious is that highway surveillance and pattern recognition are potentially valuable supervisory tools for regulators, and investigative and forensic weapons for law enforcement agencies.

On the other hand, Safe-T-Cam has always been represented as a surveillance mechanism for trucks: "Safe-T-Cam is an automated monitoring system based on digital camera technology that takes pictures of heavy vehicles ... Safe-T-Cam only monitors vehicles with a Gross Vehicle Mass over 4.5 tonnes" (RTA, July 1999). Yet Safe-T-Cam has actually been implemented as a mass surveillance tool applicable to all traffic, including private cars. It appears that the capability has been actually applied in that manner, and without any form of public review.


Scene-Setter No. 2: Ubiquitous Driver Tracking

In 1999, a critical segment of Melbourne's inner-city road network was completed, and implemented as a toll-road. Melbourne CityLink, operated by Transurban, collects fees without requiring vehicles to even slow down, let alone stop. It achieves this by requiring the use of a card, dubbed an 'e-Tag', whose passage through tollgates is recorded, resulting in a fee being charged to the tag-owner's account.

This has had the effect of converting hitherto anonymous travel into identified transactions. The only practicable option for a user of this critical piece of transport infrastructure is to open an identified account, and disclose to the operator every use made of it. The lack of choice is underlined by the operator's privacy policy statement. It appears that this extraordinarily privacy-invasive modus operandi is to be the model for the rest of Melbourne's road network.

(Nominally, an anonymous option is offered; but it requires considerable persistence to discover that it even exists. Moreover, it appears that it is actually, at best, a pseudonymous arrangement (because it requires the vehicle to be registered, and clause 4.1 of the Terms and Conditions refers to the delivery of infringement notices by the police), and it may actually be to all intents and purposes fully identified).


Introduction

Privacy has often been dismissed as an obscure area that interests only people of paranoid persuasion. But in the information-intensive, highly-interconnected world that we are living in at the outset of the twenty-first century, inadequate handling of privacy concerns has the capacity to dramatically reduce the market capitalisation of corporations. An introduction to privacy matters is provided at Clarke (1997b).

This paper considers privacy aspects of electronic business and electronic commerce in a particular industry sector. Electronic commerce is used by this author to refer to "the conduct of commerce in goods and services with the assistance of telecommunications and telecommunications-based tools". A review of the underlying concepts of e-commerce is provided in Clarke (1997a).

The particular segment of e-commerce the paper addresses is 'e-Transport', which I understand to mean the application of electronic tools to commerce in the transport sector. It encompasses not only trading, logistics and settlement transactions among entities in a supply chain, but also internal transport-related communications within an integrated services organisation.

The paper commences by briefly considering the use of personal data in conventional e-commerce transactions in the transport arena, and privacy concerns and expectations that arise in that regard.

It then shifts its focus to a much more threatening matter, the inherent capability of e-transport technologies to support the surveillance of people's locations, movements and behaviour. It focuses primarily on road transport. A discussion of legal constraints and technological countermeasures leads to the conclusion that e-transport technology providers and user-organisations need to address privacy as a vital strategic factor.


Personal Data in e-Transport

Early reviews of e-commerce in trade and transport are provided in NCGT (1994) and Clarke (1994a). A more up-to-date assessment of e-commerce in road transport is in NOIE (1999).

A great many aspects of e-Transport are concerned with goods, packages and vehicles. Naturally, this paper focuses on those aspects of e-Transport that give rise to information privacy concerns.

A key issue is data concerning deliveries to consumers. This tends to identify people, and to associate with them both addresses and goods, and hence behaviour.

Moreover, there is an increasing tendency towards consumer commerce being conducted with remote suppliers, and with the goods delivered rather than fetched. Hence there is an increasing amount of personal data handled by intermediaries, and as a result there is a significantly increased scope for the construction of consumer profiles and the augmentation of existing profiles.

A further matter of concern is passenger manifests, particularly in the air transport industry. The very term, which derives from cargo services, is an indicator of the manner in which humans are being routinely treated as just another industrial artefact.


The Privacy Scene

Basic privacy concepts are introduced in Clarke (1997b). Privacy is the interest that individuals have in sustaining a 'personal space', free from interference by other people and organisations. It is often mistakenly assumed to be merely about the protection of personal data, or even just about the security of personal data. In fact, it is a complex of multiple related interests.

Privacy has been subjected to an increasing assault by organisations during the second half of the twentieth century. The general concept is of interest primarily to specialists; but many specific issues cause great concern to the public, and re-surface continually in the media.

Privacy is one value among many, rather than being an absolute right. Privacy protection is a process of finding appropriate balances between privacy and multiple competing interests. To date, the balances that have been, and are still being, established by governments and corporations fall vastly short of the expectations of public. Governments are prioritising social control well above privacy concerns; and private-sector marketers are evidencing privacy-invasive behaviour bordering on the Neanderthal (Clarke 1998a, Clarke1999b).

Legislation to protect information privacy was passed by many nations in the 1970s. Because of concern that privacy laws might negatively affect international business, the 'fair information practices' approach was codified in the OECD Guidelines (OECD 1980). For a summary of the OECD Guidelines, see Clarke (1989), and for a critique, see Clarke (2000a).

The U.S. continues to shy away from comprehensive legislation, with the result that (contrary to the mythology projected by spin-doctors in American government and business, and slavishly believed by naive Australians), it is the most heavily and confusingly regulated country in the world. Each new privacy issue produces one or more specifically targetted privacy statutes, overlaying and conflicting with existing laws. The array of about 200 U.S. federal and State privacy laws is documented in Smith (1976-). The explosion of public concern in relation to the many privacy-invasive practices currently being perpetrated on the Internet has resulted in the momentum towards comprehensive legislation becoming irresistible (Clarke 1999a).

In Australia, governments have been appallingly slow in protecting their citizens' rights. A Commonwealth statute was passed in 1988 regulating the public sector. To date, only one State has legislated for its own public sector (N.S.W.). A somewhat more effective Bill is currently before the Victorian Parliament. As regards the private sector, only the credit reporting sector is subject to regulation. For a summary of the situation in Australia, see Clarke (1998b).

A Government Bill currently before the Commonwealth Parliament would ostensibly impose regulation on the private sector. But it is actually designed as a means of legitimising all manner of privacy-invasive corporate practices, represents the world's worst privacy legislation, and will seriously harm public confidence in companies (Clarke 2000b).

Information privacy regulation has long been of serious concern, and all of the information in this section should be fairly familiar to any executive concerned with consumer relationships. The remainder of this paper is concerned with the even more substantial challenges posed by person-location and person-tracking technologies that e-Transport purveyors are foisting on an as-yet unsuspecting public.


Dataveillance in e-Transport

Dataveillance is is the systematic investigation or monitoring of the actions or communications of one or more persons. Personal Surveillance is the monitoring of an identified person, because grounds exist to suspect them of some characteristic or behaviour that marks them out, or as a means of deterrence against particular actions or behaviour. Mass Surveillance is the monitoring of groups of people, usually large groups. It may be used as a suspicion generator, i.e. to identify individuals who belong to some particular class of interest to the surveillance organization. It may also be used for its deterrent effects.

A general theory of dataveillance is expressed in (Clarke 1988). Further papers consider the question of human identity in information systems (Clarke 1994d), the digital persona (Clarke 1994b), identificaton, anonymity and pseudonymity (Clarke 1994-), and person location and tracking (Clarke 1999d).

Physical and even electronically enhanced surveillance are expensive, and can only be applied to relatively small numbers of specific people, or to relatively small populations, or to larger populations but with lower intensity. Dataveillance, on the other hand, can be very substantially automated. It is therefore increasingly widely practised, by both the public and private sectors. The economic factors that have constrained conventional surveillance do not apply to dataveillance, and the public is being subjected to invasive behaviours on a scale never before known in free countries.

The surveillance capabilities of Intelligent Vehicle Highway Systems (IVHS) (which are now more commonly referred to as Intelligent Transportation Systems - ITS) were analysed into the following categories (Agre 1995, referencing a consultancy report for the State of Washington Transport Department):

The consideration of privacy by the IVHS and ITS communities has been superficial (e.g. ITSA 1995, 1999, AS4721 2000), and no effective controls exist over system design and operation. Criticisms and constructive suggestions have been made, and essentially ignored (e.g. Daniel et al. 1990, Agre & Harbs 1994, Alpert 1994, Halpern 1994, Agre 1995, IPCO1995, IPCR 1995, Lappin 1995, Wigan 1995, Wiesenfelder 1996, Wigan 1996, IPCO 1998).

Characteristics of person-location and person-tracking technologies that influence their degree of privacy-intrusiveness are analysed in Clarke (1999e). Of particular relevance to e-Transport are the following factors:

A current development of considerable significance is the attempt to build auto-location into portable devices such as mobile telephones, and their successors as they converge with personal digital assistants, playstations, digital cameras, etc. Initiatives such as Mobile Origin Location Indication (MOLI) have been undertaken with massive cyncism by engineers eager to sustain the pretext that they are helping lost travellers and emergency services teams, when the real motivation and applications are for law enforcement and commercial purposes.

The MOLI documents include vague assurances that are designed to cause the unsceptical reader to infer that the data will merely be available to emergency services (and, of course, law enforcement agencies) (e.g. "Location information ... is intended for call processing and service access control within carrier networks only" (ACIF1999b, my emphasis). It is clear, however, that, like Caller-ID before it, the escape of locator information for handsets and other devices into broad usage will be aided and abetted by the parties involved. Already, related initiatives have been announced, such as the surveillance of vehicle movements in order to enable differential insurance premiums depending on when and where they are used.


Legal Controls Over Dataveillance

Current privacy law completely fails to address the impacts of modern technology. The 'fair information practices' school was a manoeuvre by business interests to avoid negative impacts by public concerns and government regulation. It was deficient when it was conceived in the years either side of 1970 (Clarke 2000a), and the following 30 years of technological advances have rendered it laughably inadequate.

The additional requirements are documented at Clarke (2000a). The Australian Privacy Charter (APCC 1994) puts it more succinctly:

The second of these has been expressed in the Privacy Commissioner's Principles for the private sector, and has accordingly been considered for incorporation in the Commonwealth government's private sector privacy protection regime.

Related consumer interests are that they have information, choice and recourse; and that they consent to identified personal data collection, use and disclosure, and do so through opt-in mechanisms and not default, opt-out arrangements (Clarke 1998a).

It is critical to the privacy interest that schemes such as Transurban's Melbourne CityLink be precluded unless they comply with quite specific requirements, including that:

It needs to be underlined that 'self-regulation' is an utterly inadequate and unconvincing response. Documents such as ITSA's 'Interim Principles' (ITSA 1995, 1999) and AS4721 might be well-meaning, but any impact that they have is so indirect, so vague, so unenforceable, and so long-term, as to be nearly worthless when it comes to actually protecting the public.

Engineering standards have a considerable degree of impact on designs not so much because of the fear of a lawsuit in negligence if they are not complied with, but because of the need for compatibility and, in the I.T. arena, inter-operability. Policy standards lack any such motivation for adoption. They are no more than an attempt to hold off genuine regulation (and, when governments with the ideology of the present Australian government are in power, often successful attempts). Guaranteeing public acceptance of privacy-invasive schemes demands action, and legally enforceable requirements on corporations and government agencies, and is not achievable through the chimera of self-regulation.


Technical Countermeasures Against Dataveillance

Are e-transport technologies capable of being avoided, undermined and subverted? In principle, highly secure schemes are feasible, which should make it very difficult and expensive for anyone to crack. Such security costs a great deal of money, however. There is a significant incentive for any technology provider to ensure that its product is cost-competitive, and the features that address risks rather than certainties are commonly the ones that are compromised first. In short, most schemes will be crackable by a well-heeled, determined or just plain smart opponent.

Straightforward approaches can be adopted, such as making the scheme appear to have malfunctioned, making the scheme actually malfunction (e.g. by interfering with data transmission, or with the power-supply), and the use of multiple identities.

Compromise of the scheme from within is one of the greatest risks. This will be aided and abetted by the need for powerful interests (such as the technology provider and the scheme operator, but also law enforcement and national security organisations) to have means for subverting the scheme in order to avoid disclosure of their own surreptitious activities. Third parties will inevitably become aware of the existence of such features (e.g. through employees working on the inside; and ex-employees of the technology provider and/or scheme operator).


Interests

A considerable range of privacy interests are seriously negatively affected by the privacy-invasive nature of data-handling in e-commerce, and the rampant dataveillance capabilities inherent in current e-transport designs. These include the following:

More specific consideration of the risks involved is provided at Clarke (1988) and Clarke (1999d).

But ubiquitous surveillance of people's movements threatens even more than people's privacy of people. Those e-transport technologists that are uninterested in the social and political implications of their schemes need to consider some other impacts.

For example, salesmen want to avoid their current targets becoming apparent to competitors; and business strategists want to avoid telegraphing their manoeuvres to their competitors, their takeover targets, and indeed to regulators. Governments, and at key times also opposition parties, seek to protect against inferences being drawn about their alliances and the directions of their policy changes. It would be highly naive to imagine that e-Transport scheme operators would or even could suppress personal data, and ensure that no-one can ever access it.


Organisational Strategy

As has been presaged over an extended period of time, privacy concerns are now having a substantial effect on business. Organisations need to appreciate the nature of public concerns, and the basic (but dated) information privacy principles, as expressed in the OECD Guidelines (OECD1980). They need to understand that ongoing attempts to subvert those principles by, most emphatically, the U.S. and Australian governments, are doomed to failure.

Organisations then need to appreciate the need for a great many more 21st century privacy principles (Clarke 2000a). Linked to that is the need for constructive application of the consumer protection principles of information, choice, consent and recourse (Clarke 1998a).

Organisations that are involved in e-Transport, whether as technology-providers, user organisations, law enforcement agencies, regulators, or unions, need to recognise that privacy is a significant strategic variable, and address it accordingly. Guidance is provided at Clarke (1996). See also Clarke (1999d). In particular, it proposes the principles of:

The activities can be divided into three phases:


Conclusions

The e-Transport community appears to be blithely assuming that the technologies they are peddling and applying are an unalloyed 'good thing'. On the contrary, blind design, unaware of the dramatic social and political implications of these technologies, is resulting in schemes that deserve and will earn, serious public distrust. Key questions that need to be addressed include:

There are many hurdles that need to be overcome if the promise of e-transport technologies is to be fulfilled. One that has been largely overlooked is acceptance by the public, by employees, and by more powerful groups such as companies' own executives and their customers. Key among the factors that could lead to e-transport initiatives failing to fulfil their promise is their use as a privacy-invasive weapon of surveillance. Organisations that fail to address the privacy issue are prone to sudden and substantial loss of shareholder value.


References

ACIF (1999a) 'Mobile Location Indicator For Emergency Services - Stage 1 Service Description Interim Mobile Location Indicator' Draft Specification Dr ACIF G530, Australian Communications Industry Forum, June 1999, at http://www.acif.org.au/ACIF/files/G530.pdf

ACIF (1999b) 'Specification of Signalling System No. 7 - Stage 1: Supplementary Service Description for Mobile Location Information - Mobile Origin Location' Specification ACIF G526, Australian Communications Industry Forum, October 1999, at http://www.acif.org.au/ACIF/files/G526.pdf

Alpert S. (1994) 'Privacy on Intelligent Highway: Finding the Right of Way', Santa Clara Computer and High Technology Law Journal, 11, 1

Agre P. (1995) 'Total Surveillance on the Highway', Risks Forum 17, 23, at http://catless.ncl.ac.uk/Risks/17.23.html#subj3

Agre P.E. & Harbs C.A. (1994) 'Social Choice about Privacy: Intelligent Vehicle-highway Systems in the United States', Information Technology & People 7, 4, (1994) 63-90, at http://www.mcb.co.uk/services/articles/liblink/itp/agre.htm

Alpert S. (1994) 'Privacy on Intelligent Highway: Finding the Right of Way', Santa Clara Computer and High Technology Law Journal, 11, 1

APCC (1994) 'Australian Privacy Charter', Australian Privacy Charter Council, December 1994, at http://www.apcc.org.au/Charter.html

AS4721 (2000) 'Personal privacy practices for the electronic tolling industry', Standards Australia, 2000, from http://www.standards.com.au

Cavoukian A. (1999) 'Privacy and Biometrics' , Proc. 21st International Conference on Privacy and Personal Data Protection, Hong Kong, 13-15 September 1999, pp. 10-18

Clarke R. (1988) 'Information Technology and Dataveillance' Comm. ACM 31,5 (May 1988) Re-published in C. Dunlop and R. Kling (Eds.), 'Controversies in Computing', Academic Press, 1991, at http://www.anu.edu.au/people/Roger.Clarke/DV/CACM88.html

Clarke R. (1989) 'The OECD Data Protection Guidelines: A Template for Evaluating Information Privacy Law and Proposals for Information Privacy Law' Working Paper (25pp.) (October 1989). At http://www.anu.edu.au/people/Roger.Clarke/DV/PaperOECD.html

Clarke R. (1994a) 'EDI in Australian International Trade and Transportation', Proc. 7th EDI-IOS Conf., Slovenia, June 1994, at http://www.anu.edu.au/people/Roger.Clarke/EC/Bled94.html

Clarke R. (1994b) 'The Digital Persona and Its Application to Data Surveillance' The Information Society 10,2 (June 1994). At http://www.anu.edu.au/people/Roger.Clarke/DV/DigPersona.html

Clarke R. (1994c) 'Information Technology: Weapon of Authoritarianism or Tool of Democracy?' Proc. IFIP World Congress, Hamburg, September 1994, at http://www.anu.edu.au/people/Roger.Clarke/DV/PaperAuthism.html

Clarke R. (1994d) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues', Information Technology & People 7,4 (December 1994) 6-37, at http://www.anu.edu.au/people/Roger.Clarke/DV/HumanID.html

Clarke R. (1994-) 'Works on Identification, Anonymity and Pseudonymity', indexed at http://www.anu.edu.au/people/Roger.Clarke/DV/AnnBibl.html#IdAnPs

Clarke R. (1996) 'Privacy, Dataveillance, Organisational Strategy' Proc. I.S. Audit & Control Association Conf. (EDPAC'96), Perth, May 1996), at http://www.anu.edu.au/people/Roger.Clarke/DV/PStrat.html

Clarke R. (1997a) 'Electronic Commerce Definitions, January 1997, at http://www.anu.edu.au/people/Roger.Clarke/EC/ECDefns.html

Clarke R. (1997b) 'Introduction and Definitions', August 1997, at http://www.anu.edu.au/people/Roger.Clarke/DV/Intro.html

Clarke R. (1997c) 'Chip-Based ID: Promise and Peril', for the International Conference on Privacy, Montreal (September 1997), at http://www.anu.edu.au/people/Roger.Clarke/DV/IDCards97.html

Clarke R. (1998a) 'Direct Marketing and Privacy', Proc. AIC Conf. on the Direct Distribution of Financial Services, Sydney, 24 February 1998, at http://www.anu.edu.au/people/Roger.Clarke/DV/DirectMkting.html

Clarke R. (1998b) 'A History of Privacy in Australia', December 1998, at http://www.anu.edu.au/people/Roger.Clarke/DV/OzHistory.html

Clarke R. (1999a) 'Internet Privacy Concerns Confirm the Case for Intervention', Communications of the ACM 42, 2 (February 1999), at http://www.anu.edu.au/people/Roger.Clarke/DV/CACM99.html

Clarke R. (1999b) 'The Willingness of Net-Consumers to Pay: A Lack-of-Progress Report', Proc. 12th International Bled EC Conf., Slovenia, June 1999, at http://www.anu.edu.au/people/Roger.Clarke/EC/WillPay.html

Clarke R. (1999c) 'Identified, Anonymous and Pseudonymous Transactions: The Spectrum of Choice' Proc. User Identification & Privacy Protection Conference, Stockholm, 14-15 June 1999, at http://www.anu.edu.au/people/Roger.Clarke/DV/UIPP99.html

Clarke R. (1999d) 'Person-Location and Person-Tracking: Technologies, Risks and Policy Implications' Proc. 21st International Conference on Privacy and Personal Data Protection, Hong Kong, September 1999. Re-publication forthcoming in Information Technology & People, at http://www.anu.edu.au/people/Roger.Clarke/DV/PLT.html

Clarke R. (1999e) 'Relevant Characteristics of Person-Location and Person-Tracking Technologies', at http://www.anu.edu.au/people/Roger.Clarke/DV/PLTApp.html

Clarke R. (2000a) 'Beyond the OECD Guidelines: Privacy Protection for the 21st Century ', January 2000, at http://www.anu.edu.au/people/Roger.Clarke/DV/PP21C.html

Clarke R. (2000b) 'Submission to the Commonwealth Attorney-General, re: 'A privacy scheme for the private sector: Release of Key Provisions' of 14 December 1999', January 2000, at http://www.anu.edu.au/people/Roger.Clarke/DV/PAPSSub0001.html

Dana P.H. (1994) 'Global Positioning System Overview', at http://www.utexas.edu/depts/grg/gcraft/notes/gps/gps.html, accessed 10 July 1999

Daniel M., Webber M.J & Wigan, M.R. (1990) 'Social impacts of new technologies for traffic management', Australian Road Research Board, Research Report ARR 184, 1990

Dixon T. (1995) 'Invisible Eyes: Report on Video Surveillance in the Workplace', Privacy Committee of N.S.W., Report No.67, August 1995, , at http://www.austlii.edu.au/au/other/privacy/video/index.html

DoS (1997) 'Australia - Surveillance And Monitoring', National Trade Data Bank Market Reports, U.S. Department of State, 1 September 1997

GPS (1999) 'GPS Tutorial', Gemini Positioning Systems Ltd, at http://www.gps1.com/tutorial.htm, accessed 10 July 1999

Greenleaf G.W. & Clarke R. (1997) 'Privacy Implications of Digital Signatures' Proc. Conf. Digital Signatures, Sydney, 12 March 1997, at http://www.anu.edu.au/people/Roger.Clarke/DV/DigSig.html

Halpern, S.W. (1994) 'The Traffic in Souls: Privacy Interests and the Intelligent Vehicle-Highway Systems', Santa Clara Computer and High Technology Law Journal, 11, 1

IPCO (1995) 'Eyes on the Road: Intelligent Transportation Systems and Your Privacy', Information and Privacy Commissioner/Ontario (March 1995), at http://www.ipc.on.ca/web_site.eng/matters/sum_pap/papers/its-e.htm

IPCO (1998) '407 Express Toll Route: How You Can Travel This Road Anonymously', Information and PrivacyCommissioner/Ontario, May 1998, at http://www.ipc.on.ca/web_site.eng/matters/sum_pap/papers/407.htm

IPCR (1995) 'Privacy-Enhancing Technologies: The Path to Anonymity' Information and Privacy Commissioner (Ontario, Canada) and Registratiekamer (The Netherlands), 2 vols., August 1995, at http://www.ipc.on.ca/web%5Fsite.eng/matters/sum%5Fpap/papers/anon%2De.htm

ITSA (1999) 'Interim Intelligent Transportation Systems Fair Information and Privacy Principles', 1995, rev.? August 1999, at ITSA, accessed 19 July 2000

ITU (1998a) 'Public land mobile communication systems location', International Telecommunication Union, M.624, March 1998

ITU (1998b) 'Automatic determination of location and guidance in the land mobile services', International Telecommunication Union, M.1307, May 1998

Lappin T. (1995) 'Truckin'' Wired 3.01 (Jan 1995), at http://www.wired.com/wired/archive/3.01/truckin_pr.html

NCGT (1994) 'Report on EDI Implementation in the Transport Sector: An Assessment/Stocktake' National Consultative Group on Transport EDI, Department of Transport and Regional Development (Clth), June 1994

NOIE (1999) 'Trucks Online: National Road Transport Scoping Study' National Office for the Information Economy' 1999, at http://www.noie.gov.au/projects/ecommerce/trucks/index.htm

OECD (1980) 'Guidelines on the Protection of Privacy and Transborder Flows of Personal Data', Organisation for Economic Cooperation and Development, Paris, 1980, at http://www.oecd.org/dsti/sti/it/secur/prod/PRIV-en.HTM, accessed 3 April 1998

OTA (1985) 'Electronic Surveillance and Civil Liberties' OTA-CIT-293, U.S. Govt Printing Office, Washington DC, October 1985

PCA (1998) 'National Principles for the Fair Handling of Personal Information', Office of the Privacy Commissioner of Australia, at http://www.privacy.gov.au/private/index.html#4.1

PI (1997) 'Video Surveillance', at http://www.privacy.org/pi/issues/cctv/

RTA (1998) 'Safe-T-Cam', May 1998, at RTA, accessed 19 July 2000

Smith R.E. (1976-) 'Privacy Journal Compilation of State and Federal Privacy Laws', Privacy Journal, updated approximately biennially since 1976, from Privacy Journal

Trimble (1996) 'All About GPS', Trimble Navigation Limited, at http://www.trimble.com/gps/index.htm, accessed 10 July 1999

Wiesenfelder J. (1996) 'The Information Superhighway (This is not a metaphor)', Wired 4.02, Feb 1996, at http://www.wired.com/wired/archive/4.02/smart.cars_pr.html

Wigan M.R. (1991) 'Data Ownership' in Clarke R. & Cameron J. (Eds.) (1992) 'Managing Information Technology's Organisational Impact, II', Elsevier, 1992

Wigan M.R. (1995) 'The realizability of the potential benefits of intelligent vehicle-highway systems: the influence of public acceptance', Information Technology and People, 7, 4 (1995) 48-62

Wigan M.R. (1996) 'Problems of success: Privacy, property, and transactions' In Branscomb L. & Keller J. (Eds.) 'Converging Infrastructures: Intelligent Transportation and the NII', MIT Press, 1996

Wormley S. (1999) 'Global Positioning System Resources', http://www.cnde.iastate.edu/gps.html, accessed 10 July 1999


Navigation

Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Created: 19 July 2000

Last Amended: 23 July 2000


These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).
The Australian National University
Visiting Fellow, Faculty of
Engineering and Information Technology,
Information Sciences Building Room 211
Xamax Consultancy Pty Ltd, ACN: 002 360 456
78 Sidaway St
Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, 6288 6916