At 08:46 PM 6/30/97 -0400, you wrote:

We hear a lot of steamy rhetoric about privacy and the information age, but few real-world examples. I'm working on a story now for Time about just this: what's happening to individual privacy today.

I assmue you will protect the anonymity of any contributors even while sharing your generous payment with them! ;)

Does the Net make us more exposed -- DejaNews and 411-type databases -- or does it provide us with more privacy through tools like anonymous remailers and pseudonymous identities?

As a reader of cpunks the following should be obvious: the access to information from 411-etc. is simple and accessible to anyone who can type in a browser! On the other hand, remailers and nym servers are still solely the purview of propeller-heads. The remailer pages I have seen and tried to use are unreliable - and to use PGP remailers requires a level of PGP-ability that the average Joe won't invest in. Most people have Work to do, and cannot invest in the time to figure out how to use software. If we want to see pervasive use of privacy-preserving technologies then developers must realize this and develop for the Mass Market. PGP 5, PGPMail are certainly helpful and not enough. What I am concerned about is that in the absence of easy-to-use (that means no-effort-to-use) privacy software, the average Joe will rely on whatever is there for him: and in the limit this will mean whatever infrastructure the Powers-that-be want put in place for him, and not one that preserves his rights. (Forgive the gender bias: I'll switch now) There is no level of privacy afforded the average 'user' as simple to use as the intrusve technologies that are available to the snoop.

Can we trust the government to protect our privacy when it works tirelessly to invade it?

Sometimes it is better to trust Government than it is to trust Big Business, although too often they converge onto identical tracks becuase of the ownership of Gov't *by* Big Business. I see two equally onerous invasions: One is the insistence of Government that the benefit of crypto to the Four Horsewomen of the Infocalypse (Porn, Drug Dealing, Money Laundering, and Terrorism), and the corresponding threat to society, is so large as to warrant registering everyone's secret-telling capability. The other is the intrusion by Business and Employers into the habits of consumers and workers. From click-tracking on the Web to the recently reported monitoring of every 7-11 manager's move at the POS terminal, Business is no friend of the People. That this is perhaps the more insidious threat is manifest by your not even mentioning it or including it in the question set. I fear Businesses who say "Government leave us alone because the Free Market knows what's best" and then proceed to invade and intrude in ways that are equally damaging to the privacy of the individual. The philosophy that if Business invades privacy it's OK, and if Government does so it's bad, is to say that 2+2=5.

Much has been written about this. What I'm looking for now are examples. Have you used an anonymous remailer to cloak your identity, or been flamed through one? Have you been denied a transaction at a store because you refused to identify yourself? Have you hunted through databases to find someone important? Has sensitive information about you turned up in one?

I have been fairly careful and very jealous of my privacy; and then my name and home address showed up on one of the name-search pages. I don't know if it's still there, and I don't remember the link. But then the Similac marketing Geniuses sent me something in the mail that even included the due date of my expected child! I consider that sensitive as hell, and it didn't occur via the Web. The problem is across the board. I use anonymizing tools when I need to, to protect what I consider "things" that are too sensitive for the Web. I have looked up past friends on the Web, and then not called because I felt it would be an intrusion into their life. I have found the ability to search for information on PUBLIC figures important and useful, looking for items related to their professional activities, and I think this is an important capability. The opportunity for People to make sure that the elected officials they elect and pay for, and the businesses that pave their towns and dump toxics into their yards, are behaving responsibly, is one of the few remaining possibilities for positive change. In the meantime, I'm wondering, as I wander off to renew my driver's license, why they want my social security number. And I still don't know how Similac figured out when my wife and I had sex. (C) Copyright 1997 by ..... oops! I don't want to include my name.

I'd appreciate hearing some stories...

Thanks all,

Declan

------------------------- Declan McCullagh Time Inc. The Netly News Network Washington Correspondent http://netlynews.com/

-----BEGIN PGP SIGNED MESSAGE----- At 08:46 PM 6/30/97 -0400, you wrote:

We hear a lot of steamy rhetoric about privacy and the information age, but few real-world examples. I'm working on a story now for Time about just this: what's happening to individual privacy today.

I assmue you will protect the anonymity of any contributors even while sharing your generous payment with them! ;)

Does the Net make us more exposed -- DejaNews and 411-type databases -- or does it provide us with more privacy through tools like anonymous remailers and pseudonymous identities?

As a reader of cpunks the following should be obvious: the access to information from 411-etc. is simple and accessible to anyone who can type in a browser! On the other hand, remailers and nym servers are still solely the purview of propeller-heads. The remailer pages I have seen and tried to use are unreliable - and to use PGP remailers requires a level of PGP-ability that the average Joe won't invest in. Most people have Work to do, and cannot invest in the time to figure out how to use software. If we want to see pervasive use of privacy-preserving technologies then developers must realize this and develop for the Mass Market. PGP 5, PGPMail are certainly helpful and not enough. What I am concerned about is that in the absence of easy-to-use (that means no-effort-to-use) privacy software, the average Joe will rely on whatever is there for him: and in the limit this will mean whatever infrastructure the Powers-that-be want put in place for him, and not one that preserves his rights. (Forgive the gender bias: I'll switch now) There is no level of privacy afforded the average 'user' as simple to use as the intrusve technologies that are available to the snoop.

Can we trust the government to protect our privacy when it works tirelessly to invade it?

Sometimes it is better to trust Government than it is to trust Big Business, although too often they converge onto identical tracks becuase of the ownership of Gov't *by* Big Business. I see two equally onerous invasions: One is the insistence of Government that the benefit of crypto to the Four Horsewomen of the Infocalypse (Porn, Drug Dealing, Money Laundering, and Terrorism), and the corresponding threat to society, is so large as to warrant registering everyone's secret-telling capability. The other is the intrusion by Business and Employers into the habits of consumers and workers. From click-tracking on the Web to the recently reported monitoring of every 7-11 manager's move at the POS terminal, Business is no friend of the People. That this is perhaps the more insidious threat is manifest by your not even mentioning it or including it in the question set. I fear Businesses who say "Government leave us alone because the Free Market knows what's best" and then proceed to invade and intrude in ways that are equally damaging to the privacy of the individual. The philosophy that if Business invades privacy it's OK, and if Government does so it's bad, is to say that 2+2=5.

Much has been written about this. What I'm looking for now are examples. Have you used an anonymous remailer to cloak your identity, or been flamed through one? Have you been denied a transaction at a store because you refused to identify yourself? Have you hunted through databases to find someone important? Has sensitive information about you turned up in one?

I have been fairly careful and very jealous of my privacy; and then my name and home address showed up on one of the name-search pages. I don't know if it's still there, and I don't remember the link. But then the Similac marketing Geniuses sent me something in the mail that even included the due date of my expected child! I consider that sensitive as hell, and it didn't occur via the Web. The problem is across the board. I use anonymizing tools when I need to, to protect what I consider "things" that are too sensitive for the Web. I have looked up past friends on the Web, and then not called because I felt it would be an intrusion into their life. I have found the ability to search for information on PUBLIC figures important and useful, looking for items related to their professional activities, and I think this is an important capability. The opportunity for People to make sure that the elected officials they elect and pay for, and the businesses that pave their towns and dump toxics into their yards, are behaving responsibly, is one of the few remaining possibilities for positive change. In the meantime, I'm wondering, as I wander off to renew my driver's license, why they want my social security number. And I still don't know how Similac figured out when my wife and I had sex. (C) Copyright 1997 by ..... oops! I don't want to include my name.

I'd appreciate hearing some stories...

Thanks all,

Declan

------------------------- Declan McCullagh Time Inc. The Netly News Network Washington Correspondent http://netlynews.com/

-----BEGIN PGP SIGNATURE----- Version: 4.5 iQEVAwUBM7k0MjdEnrLKVNqJAQFijwf+M6Qq28YiBmfmxaMePf9QvZdSkHB2e51b 0XWX9n7CAcZVrK4YzcKfeII6Z4Z25BEK0Ddb0DdYJJWcWRKxe4pcYtr9Bb9/zMDf ii9PMquE7S/UXZGWqUgHsKx4BENwFYA9s4UF7ZWLLaD/A5ekL7kIAVFrd/52YFWO iycsGU3sdFw7xbzjCHHYUPwz51S6ger7c4YzNtlMVRKL4j0IiSLbWQ977Udp0vCj 4twqTu0l56GvkYMaybq3CHtU72bBY/6ckrqO8nmcMpZW1W2E5fKLhWsRLk2hepq1 wl7jTcU3HGvZH6ccgAfl8UtUxsyBTXL4S90dc0EsVE8XJBirTSNkUQ== =QJUu -----END PGP SIGNATURE-----