6.805/STS085: Readings on Privacy Implications of Computer Networks
What do web servers know about
illustrates the information that web servers can routinely obtain
as soon as a browser references a page on the server.
What kind information is easily available to anyone?
If you're willing to pay $25-$100, can easily get a lot more
information (e.g., criminal history checks)
from companies that do database searches.
Here's one example.
Unlike the previous topics this semester, the privacy issue has not
really erupted yet, although there have been a few skirmishes, and
there has been a tremendous amount of concern expressed. Since there
is not (yet?) any clear privacy story to tell, this part of the class
readings remains as isolated topics and resources that should prove
useful for your final papers.
General resources on privacy and the Internet
Here are two overview articles that are good ways to get started:
- Marc Rotenberg,
Privacy and the Citizen in the Digital Age:
The Era of Political Action. Rotenberg is Director of the
Electronic Privacy Information Center. This is the text of a speech
he gave before the Council of Europe in October, 1996, pointing to the
need for political action to address privacy concerns.
- Rob Kling, Mark S. Ackerman, and Jonathan P. Allen,
"Information entrepreneuralism, information technologies and the
continuing vulnerability of privacy" from Computerization and
Controversy: Value Conflicts and Social Choices2nd Ed: Rob Kling
(Ed). Academic Press, 1995. The authors argue that economic factors
alone do not explain the growth of technologies that erode personal
privacy, and they point instead to the rise of "information
entrepreneuralism" and managerial strategies that rely on intensive
- Simson Garfinkel, 2048: Reconsidering Privacy in the Next
Century. Garfinkel is a writer and columnist on computer and
security issues, who will be our guest speaker on November 25. This
is a draft manuscript of his forthcoming book, which he has made
available for our class. There are several copies on
reserve for the course.
Resources on Privacy
Digital payments and electronic cash
One particular area where the internet is bringing privacy concerns to
a head revolves around electronic purchases. Records of electronic
purchases present opportunities for massive invasions of privacy.
Cryptographic techniques make it possible to implement anonymous
payment systems that will protect the privacy of buyers and sellers.
But, like other uses of cryptography, there's a lot of concern that
these systems may protect privacy too well -- leading to the
possibility of massive illegal transactions and money-laundering
- Amy Cortese and Barry Levine, The Future of Money, a
summer 1996 "Web production" of New York's WNET/wNetStation, is an
excellent overview of the continuing development of online payment systems.
- David Chaum,
Achieving Electronic Privacy,
from Scientific American, August 1992, p. 96-101.
"Digital cash" is a form of
electronic funds transfer which, like cash, permits untraceable
payments. Chaum, who is concerned about the privacy implications of
ordinary electronic funds transfer, developed the "blind signature"
technique that makes one form of digital cash possible. His company,
DigiCash, markets this technology. This article describes how blind
signatures and digital cash work.
Laurie Law, Susan Sabett, Jerry Solinas,
How to make a mint: The cryptography of anonymous electronic cash.
This June 1996 study by members of the National Security Agency
Office of Information Security Research and Technology
describes several anonymous electronic payment systems and some of the
risks from the law-enforcement perspective.
- Steven Levy, E-Money
(That's What I Want), Wired, December 1994. This is an
overview of electronic money, with a focus on David Chaum and
- Office of Technology Assessment,
Technologies for the Control of Money Laundering. This 1995 study
by the OTA gives an extensive background on electronic funds transfers
and money laundering. (These files are in Adobe Acrobat format. You
will need a copy of the Acrobat reader in order to look at them.)
- J. Orlin Grabbe, Cryptography and Number
Theory for Digital Cash, October 1997. This is a technical paper
that describes some of the cryptographic protocols, such as "blind
signature schemes," that are important in digital cash systems.
Privacy of electronic medical records
Another privacy issue that is generating great concern is access to
medical records -- both the insecurity and lax procedures of
hospitals and HMOs, but, more troubling, the accumulation of patient
information in insurance company data bases.
Hal Abelson (firstname.lastname@example.org)
Mike Fischer (email@example.com)
Joanne Costello (firstname.lastname@example.org)
Last modified: December 3 1997, 9:52 AM