Privacy appliances are a bad idea, made worse by the IT industrys tendency to cave in to the search demands of law enforcement agencies.
Privacy appliances already exist and are being further developed by the Defense Advanced Research Projects Agency, or DARPA. Heres one reason they could prove dangerous: “MSN may access and/or disclose your personal information if required to do so by law or in the good faith belief that such action is necessary to … conform to the edicts of the law or comply with legal process served on Microsoft or the site.” Thats from The Microsoft Networks privacy statement, but I have yet to read a privacy statement on any commercial Web site that does not contain similar language.
Far from going to bat to protect user privacy, U.S. companies long ago surrendered to the idea that electronic records of any kind are subject to different and far more intrusive government scrutiny than paper-based records. For example, corporations dont let government agencies open and examine their postal mail.
Of course, search warrants are used to find paper records, but that isnt what the new breed of privacy appliances are designed to accommodate. One privacy appliance is under development for DARPA by the recently renamed Terrorism Information Awareness program. From available information, it appears that terrorism researchers would come up with scenarios—presumably using spending, travel and communication records—and then seek permission from private data sources such as credit card providers, airlines and telecom companies to search for pattern matches. The privacy appliance would make sure that no personally identifiable information would be included in the searched data.
Proponents of the program point out that audit logs and other security procedures would make sure that the privacy appliance would not be used for searches on specific people. In addition, DARPA researchers have stated that raw data wont be sent to the government. (Presumably, this means a privacy appliance will be installed in the corporate data center.) Even so, corporate resources will be consumed to support the database queries, and the enterprise will bear the burden of facilitating the wide-scale searches that are needed to find the small-scale patterns most DARPA researchers say they seek.
Further, the vast majority of the information to be searched will be lawfully conducted business. Library lending records, e-mail messages, credit card purchases and equipment rentals will all be subject to scrutiny by a government agent. Under the Patriot Act, libraries can be issued blanket subpoenas for patron lending records.
Privacy statements grant nearly blanket access to any Tom, Dick or Harriet with a “special” (that is, likely not individually reviewed by a judge) subpoena. These new subpoenas might be like the ones authorized in the 1998 Digital Millennium Copyright Act, which allow the music industry to compel corporations to provide data on the basis of a subpoena issued from any U.S. District Court clerks office without requiring a judges signature.
“Any departure, such as this, from the traditional requirements for law enforcement subpoenas will open the door to a significant increase in governmental access to personally identifiable information,” said David Sobel, general counsel for the Electronic Privacy Information Center.
Corporate databases and all customer and partner records are likely going to be subject to regular searches when the privacy appliances are finished and new legislation governing the use of the appliances is put into place. In fact, it is easy to imagine a time when data searches will become so frequent that service-level agreements will need to be rewritten to accommodate the load on network resources necessary to comply with government requests for new data.
Corporate owners of data should heed the words of U.S. Supreme Court Justice Louis Brandeis: “The makers of the Constitution conferred the most comprehensive of rights and the right most valued by all civilized men—the right to be let alone.”
Senior Analyst Cameron Sturdevant can be contacted at cameron_sturdevant@ ziffdavis.com.