Sunday, June 25, 2006

New Privacy Laws for the USA?

Two interestingly almost simultaneous calls for a uniform set of privacy laws for the US, applicable to private as well as public sectors, have emerged in the last few days.

OUT-Law.com reports : "Google, Microsoft, Intel, eBay, HP, Oracle and Sun are amongst the signatories to a statement calling for personal information to be protected across the US. Non-profit lobby group the Center for Democracy and Technology organised the companies into the Consumer Privacy Legislative Forum.

"The time has come for a serious process to consider comprehensive harmonized federal privacy legislation to create a simplified, uniform but flexible legal framework," said the CPL Forum's statement. "The legislation should provide protection for consumers from inappropriate collection and misuse of their personal information and also enable legitimate businesses to use information to promote economic and social value." "

Meanwhile Hillary Clinton has called for a Privacy Bill of Rights. Hilary,a likely Democratic candidate for 2008, stated that she wanted to to create a "privacy czar" within the White House to guard against recent problems like the theft of personal data from the
Department of Veterans Affairs'. She also wants legislation to let consumers know what information companies are keeping about them and how it is used, and create a tiered system of penalties for companies who are not careful with consumer data. "Clinton also waded into the debate over anti-terror eavesdropping. ..Clinton said any president should have the latest technology to track terrorists, but within laws that provide for oversight by judges."

And a San Francisco Chronicle report notes inter alia that technological invasion of privacy is not only accelerating but is also becoming more and more consumer friendly and "cool".

"Americans' rights to privacy will be tested even more in the next few years as biometric technology creeps increasingly into everyday arenas. For example, on the campus of UC San Diego, biometric experts are testing a soda machine that uses both fingerprint and face-recognition technology. The machine is in a lounge for grad students in UC San Diego's computer science building.
"The students are very excited about getting it working," Serge Belongie, a UC San Diego associate professor of computer science, says in a phone interview. "People think it's very cool. ... No one uses money. They have accounts. What would be fun is if (the machine) recognizes you and says, 'Would you like your usual?' "

As I have often suspected, the report indicates that although biometrics can be far more privacy threatening than ordinary methods of ID consumers favour them due to convenience factors:

"If UC San Diego students are reluctant to use the machine, their privacy concerns are outweighed by convenience -- a sentiment echoed in survey after survey on biometric technology. In March, Unisys Corp. released a report on public perception of "identity management" that said convenience and efficiency were the two biggest reasons consumers would use biometric technology. (The most preferred biometric methods are fingerprints and voice recognition, according to the survey. The least preferred, because of its perceived intrusiveness, is an iris or eye scan.) "

But not everyone is enthralled by the "brave new world in aisle 5":

"Pay By Touch admits it has encountered some resistance among shoppers it approached in supermarkets that already use the company's fingerprint service. But Morris, its president, says many of these customers are quickly won over by the convenience of Pay By Touch, which is free for consumers, and that the company keeps data points based on users' fingerprints, not actual fingerprints. So far, supermarkets in 40 states use the Pay By Touch system. .. The company insists it will never sell users' personal information or fingerprints to anyone else -- a pledge that's backed up in writing when users sign up with the company. But what if federal authorities, citing national security, insist on the finger scan and payment history of a Pay By Touch user? "

The times they are a changing. Last year, at a workshop I organised in Edinburgh, Peter Swire, effectively Bill (not HIlary's) privacy czar during that administration, was pessimistic that post 9/11 there was much scope for the private sector and governmental privacy legislation that the Clinton era might have favoured. Is the pendulum swinging again, in the light of recent personal data scandals, to the point where privacy is a vote-getter in the USA? Watch this space.

No comments: