IT Has a Vital Role to Play in the Assault on Privacy

Why industry and individuals should just say no to the USA PATRIOT Act

From 1946 to 1960, the FBI operated 3,000 wiretaps and 800 bugs on the NAACP (National Association for the Advancement of Colored People). Agents spied on Dr. Martin Luther King Jr. as part of a concerted effort to thwart his organizing efforts in the civil rights movement.

The USA PATRIOT (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism) Act grants even more wrong and intrusive search techniques than those used in the 1950s. As observed by the Electronic Frontier Foundation, this act enables surveillance of the Web surfing of any individual, even one who is not suspected of any crime, merely based on "relevance" to an ongoing criminal investigation. It also expands government powers to compel ISPs to release user activity information with only a subpoena, and allows ISPs to release a lot of information without even this level of due process. In addition, the act broadens the range of other laws by extending the scope of the legal definition of "terrorist" acts. The 342-page law modifies more than 15 other laws, making it impossible to assess its provisions completely without reading the entire affected body of legislation.

The most intrusive provisions of the bill depend on IT systems and products that must be newly built or integrated from existing offerings, giving IT developers and service providers a special role to play in the defense of privacy. The IT community should refuse to cooperate beyond the strict letter of the law, and should take the governments abusive course as a signal that private-sector practices should be designed to minimize the value of intrusive, unfounded inquiries.

As the tools of warfare generally outstrip the ability of medical technology, so, too, has our ability to destroy privacy exceeded the protections offered by the Constitution and the political short-sightedness of Congress. As I mentioned in an earlier eLaboration, J. Edgar Hoover, the infamous director of the FBI, started the domestic spy operation COINTELPRO in 1956 in the heat of the cold war. Hot on the heels of the U.S. Governments shameful internment of 120,000 Japanese-Americans, including 80,000 U.S. citizens, Hoover spread a wide net for people he thought hostile to the current way of thinking—and in the process made a mockery of personal freedom and dramatically extended the power of law enforcement.

Then Hoover turned his attention to attacking the blossoming civil rights movement.

Today, not quite 50 years later, the USA PATRIOT Act has started us down the same, wrong road. And it is in the power, and is therefore the ethical responsibility, of the IT community to slow or even stop some of the worst excesses planned by Attorney General John Ashcroft.

First, dont keep records of customer transactions any longer than absolutely necessary. Some courageous public librarians, who work in the living legacy of the radical changes advocated by people including Benjamin Franklin, have started to routinely destroy patrons lending records as soon as the borrowed books and materials are returned.

Others who keep extraneous customer records should follow these librarians example. It might mean a setback to a companys personalization efforts, but its worth it in the long run because people who know their privacy is protected are more likely to engage in online commerce.

The City of San Francisco and 36 other municipalities have passed resolutions directing their employees, to the greatest extent possible, not to cooperate with federal officials seeking data on individuals, groups or organizations. Companies should also adopt this attitude. Stand behind the privacy policies that litter the Web and dont volunteer information just because law enforcement asks for it. Demand to see the warrant, and even then, only follow it to the letter. Better yet, initiate a suit to protect the privacy of your customers and business partners.

Dont develop products that destroy personal privacy. Its a tough economy, but surely a clever person can find something better to do than create products that enable the destruction of personal privacy.

Its also imperative that IT make its case for privacy to our elected officials. Several initiatives are currently in the works to stop the federal governments equally odious Total Awareness program, and there should be more. Dont be one of the people who helped make George Orwells "1984" a reality in 2003.

This issue goes to the heart of how we use technology. The IT community makes choices about what products to develop and how to enable processes to achieve productivity gains and lower costs. We need to start making better choices today because the industry made enough wrong choices in the 1990s that our quota of bad moves has been exceeded until at least 2015.

Remember the recent lessons of terrible governmental excesses and dont help the USA PATRIOT Act destroy something that was never the problem in the first place: personal privacy.

If you dont have anything to hide, then what are you afraid of? Write to me at