Date: Fri, 23 Dec 94 05:53:10 EST Errors-To: Comp-privacy Error Handler From: Computer Privacy Digest Moderator To: Comp-privacy@uwm.edu Subject: Computer Privacy Digest V5#077 Computer Privacy Digest Fri, 23 Dec 94 Volume 5 : Issue: 077 Today's Topics: Moderator: Leonard P. Levine Season's Greetings Privacy Essay for Comment [long] Table of Contents, Computerization & Controversy Info on CPD, (unchanged since 11/28/94) ---------------------------------------------------------------------- From: "Prof. L. P. Levine" Date: 23 Dec 1994 05:40:01 -0600 (CST) Subject: Season's Greetings Organization: University of Wisconsin-Milwaukee --------------------------------------------+------------------------------+ _/I\_____________o______________o___/I\ | * / /_/ * __ ' .* | I"""_____________|______________|___"""I\ | *// _|__|_ . *. | [__][__][(******)__][__](******)[__][] \| |-\ ---//---*----(oo)----------| [][__][__(******)][__][_(******)_][__] | | \\ // >-( )-< | [__][__][_| |[__][__][| |][__][] | | \\)) . _.(......) * | [][__][__]| .|_][__][__] .|__][__] | | || * | [__][__][/ <_)[__][__]/ <_)][__][] | | || * | [][__][ /..,/][__][__][/..,/_][__][__] | | / \\ * | [__][__(__/][__][__][_(__/_][__][__][] | |______________________________| [__][__]] | , , . [__][__][] | [][__][_] | . i. '/ , [][__][__] | /\**/\ season's [__][__]] | O .\ / /, O [__][__][] | ( o_o )_) greetings _[][__][_] |__|======='=|____[][__][__] |_______,(u u ,),__________________ [__][__]]/ /|\-------/|\ [__][__][]/ {}{}{}{}{}{}{}{} ------------------------------ From: Rob Kling Date: 21 Dec 94 05:10:27 GMT Subject: Privacy Essay for Comment [long] This is an introductory essay in an anthology that is supposed to have some balance ... I'd appreciate comments re.. accuracy. clarity, gaps, etc. Thanks Rob Kling - - ------------------------------- SOCIAL CONTROL AND PRIVACY Introduction to Section V of: Computerization and Controversy: Value Conflicts and Social Choices (2nd Ed.) Rob Kling (Ed.) December 20, 1994-- Draft 1.01C - - --------------------------------- For: Computerization and Controversy: Value Conflicts and Social Choices. 2nd Ed: Rob Kling (Ed). Academic Press, 1995. Copyright, 1994. Rob Kling. Note: This article may be circulated for non-commercial purposes. Please contact Rob Kling or compare it with the final published version before quoting directly. - - -------------------------------- [9100 words] PRIVACY: WHO WANTS IT? Privacy is a powerful word with diverse connotations. Consider these examples: * The teenager who doesn't want her parents listening to her phone calls with her new boyfriend, and criticizes them for violating her privacy. * A family sitting down for dinner around 7PM gets frequent phone calls from telemarketers who want to offer them great deals on car loans or prizes for visiting delightful vacation properties. The family wants "more privacy" during the few minutes that they spend together each evening, but is reluctant to turn off their phones because they may lose emergency calls. * A young engineer is afraid to sign any political petitions, because she is afraid that her employer might learn of her signatures, not like her politics, and ruin her promising career. * A talented accountant moves to Texas to live closer to his aging parents. But he has serious trouble finding a new job because medical reports identify him as having lost work from chronic backpain, and credit reports inaccurately identify him as having mountains of unpaid bills. He is never called for an interview, and has trouble learning why he is ignored. * A systems analyst who works for an office supply company is fired after he criticizes his supervisor via "private email." He thought that he had a right to share his private views with a co-worker, and sees his company as an even worse place to work if his supervisor can read his subordinates email at will. * A college student in a mid-western university is mortified to find an anonymous mailing to a public electronic bulletin board which casually describes him as having served time in jail, in the context of a long note about the changing admissions standards. He is mortified and finds that some of his friends start avoiding him. He wants to have the offending note promptly removed, and wants to confront his accuser whose identity is masked by an anonymous electronic remailing service. Privacy has many connotations, and has become a catch- phrase to signify diverse issues such as these. In their landmark article, "The Right to Privacy," Warren and Brandeis (1890) characterized privacy as a person's "right to be left alone." This meaning catches some of what bothers the teenager, the family, and the young engineer. But privacy is an elastic term which has broader connotations. The family may also wonder, "why are they always calling us, and how did they get our names and phone numbers." (Culnan, 1993)? The accountant may wonder whether potential employers believe something about him that he doesn't know. After all, he doesn't want to be left alone: he wants a job. And he may soon want to know what information his prospective employers are using to screen their applicants, and what is contained in his profile. He would like to see employers' criteria for hiring, information which they treat as private. He would like to know that they are using his medical insurance records, and limit access to them. And he would like to know that his credit report is grossly inaccurate and be able to correct it. The accounts is caught up in a large web of personal record keeping systems about which he has little knowledge and over which he has little control. For the accountant, privacy refers to gaining control over the ways that information about him is collected, verified, and passed on to other organizations. The accused student may have served time in jail, but was looking forward to a new life that college would open for him. He would like to change his life, and also find out who is harassing him. Each of these examples illustrates some of the nuances of the term privacy. The first selection, "Your Personal Information Has Gone Public," by Professor David F. Linowes lists numerous additional cases in which people have been denied housing, insurance, and jobs because they were ignorant of the information about them that apartment owners, banks, insurers, and various employers were using to screen applicants and set prices. He also reports some shocking cases in which people had immense trouble in having their records corrected when they were grossly inaccurate. The strength of Linowes article is in the way that he concisely identifies the meanings of threats to, privacy through vivid examples of personal troubles. However, Linowes doesn't examine how these social practices developed. Linowes starts his article, with the provocative claim, "Privacy invaders are all around us." But many of the people and organizations who are seeking inofrmatioin about specific individuals or sharing what they know may not see themselves as "privacy invaders." Parents who are interested in the well- being of their children, may see eavesdropping as a fair way to learn about a secret, and potentially dangerous, relationship. The banks that employ telemarketers are seeking good clients for their loans, so that they can earn money on their deposits, and pay their account-holders higher interests rate. A manufacturing firm may carefully pre-screen applicants for an accounting job with credit checks after having been embezzled by an employee who had huge debts to pay off. And so on. The office supply supervisor may feel that the morale of his work groups is being undermined by a subordinate who continually criticizes him and makes fun of him to his co-workers. And so on. While some of these breaches of personal privacy could be obnoxious or harmful to one party, in most cases they are not merely frivolous. What kinds of guidelines should we have to balance a person's privacy with other social goods, such as parental guidance, the ability to conduct business, and the ability to have citizens participate freely in political life? Before examining some of the debates about these issues, it helps to examine how North American societies developed their current privacy practices. RECORD KEEPING IN MOBILE SOCIETIES In any society, people and groups spend some effort in learning about and regulating each other's behavior. But the means differ, and social issues raised by different means also differ. In relatively small social units, such as families and villages, people learn about each other's behavior through direct observation, inference, and gossip. And the forms of social control DD introduced to help insure compliance with social expectations DD can range from those that are gentle, to others that are harsh and even brutal. A distinctive feature of villages and small towns is that many business relationships are based on personal knowledge. For example, store keepers and bankers know most of the people to whom they offer credit, and they also know the extent to which their customers are reliable. Yet even in small town societies, people sometimes find it necessary to deal with large and distant organizations DD e.g., government agencies such as tax collectors and the military. During the last 100 years, there has been an astounding transformation in the ways that life in industrial societies is organized. New means of transportation DD trains, buses, cars, and airplanes DD enabled people to become very mobile. In the early 19th century, most people who were born in the United States lived and died within 50 miles of their birthplaces. Today, in a highly mobile society, a huge fraction of the urban population moves from city to city, following better jobs and better places to live. Adolescents often leave their home towns to attend college, and may move even farther away for jobs. Further, over 130 metropolitan areas in the United States number over 250,000 in population. Even moving "across town" in one of these cities can bring a person into a new network of friends, employers, and service providers. This combination of mobility and urban development means that many people seek jobs, goods, and services from businesses whose proprietors and staff do not have much firsthand knowledge about them. The scale of businesses and the number of government agencies with huge clienteles have also increased in the last 100 years. In the 19th century few businesses had thousands of clients. And a smaller fraction of the public interacted frequently with the larger businesses of the day. Similarly, government agencies were also smaller. Overall, most business was conducted through face to face (direct) relations. And only very specific government activities, such as taxing and drafting was carried out between people who didn't know each other at all. Craig Calhoun (1992), characterizes contemporary industrial societies as ones in which a significant fraction of people's important activities are carried out with the mediation of people whom they do not see and may not even know exist. Today, banks can readily extend credit to people who come from anywhere in the country. And they can do so with relative safety because of large-scale credit record systems that track the credit history of over 100,000,000 people. The credit check brings together a credit-seeker and employees of the credit bureau who are related indirectly. Other private firms, such as insurance companies and mail order companies, also extend services to tens of thousands of people whom local agents do not -- and could not -- personally know. In these transactions, judgments about insurability and credit worthiness are made via indirect social relationships, and are often mediated with computerized information systems that are operated by data brokers such as TRW Credit Data and the Medical Information Bureau. Furthermore, many new government agencies, responsible for accounting for the activities of millions of people, have been created in the 20th century: the Federal Bureau of Investigation (1908), the Internal Revenue Service (1913), the Social Security Administration (1935), along with various state departments of motor vehicles, etc. The sheer scale of these services creates "environmental conditions" which incentivize organizations to use computerized record systems to help routinize the maintenance of indirect social relationships. However, organizations of a similar kind and size, such as banks or police agencies, differ in their aggressiveness in using new technologies and management practices. The U.S. has developed a body of privacy law which gives people some explicit rights and protections in a few areas as well as restricting wiretapping and other invasive acts. . However, during the last 30 years, people have lost control over records about them. Increasingly, courts have ruled that records about a person belong to an organization, and the person to whom they apply cannot restrict their use. Consequently, inaccurate police records, medical records, employment histories, etc. can harm people without their explicit knowledge about why they are having trouble getting a job, a loan, etc. Although a right to privacy is not set forth in the Bill of Rights, the U.S. Supreme Court has protected various privacy interests. The Court found sources for a right to privacy in the First, Third, Fourth, Fifth, Ninth, and 14th Amendments to the Constitutions (U.S. Office of Technology Assessment 1994). As our next selection, we include the Bill of Rights to the U.S. Constitution. Many key social rights in the U.S. have been defended as privacy rights by the U.S. Supreme Court. Many of these privacy rights have little to do with computer systems, and are more linked to "a right to be left alone." Supreme Court Justices relied on privacy rights in Griswold v. Connecticut, 381 U.S. 479 (1965) which gave married couples to use birth control. Prior to this ruling, some states banned the sale of birth control devices. The majority opinion referred to "zones of privacy" created in the First, Third, Fourth, Fifth and Ninth Amendments. Similarly, Roe v. Wade, 410 U.S. 113 (1973), further extended the right of privacy "to encompass a woman's decision whether or not to terminate her pregnancy and justified its action by reference to the 14th Amendment (U.S. Office of Technology Assessment, 1994: 79; Garrow, 1994). VALUE CONFLICTS IN CONTROVERSIES ABOUT PERSONAL RECORD SYSTEMS AND PRIVACY Discussions of computerization and privacy are embroiled in a major set of controversies with big stakes. On the one hand, some people fear that emerging computer-based information systems are helping to erode personal privacy. They would like to see certain kinds of record systems regulated or limited in scope. Others fear that new ways of doing business DD taken together with computer systems DD have reduced people's control over their personal affairs. On the other hand, representatives of those private firms and government agencies that have an interest in expanding their computerized information systems frequently argue hard against legal limits, or substantial accountability to people about whom records are kept. They deny that problems exist, or they argue that the reported problems are exaggerated in importance. And they argue that proposed regulations are either too vague or too burdensome, and that new regulations about information systems would do more harm than good. The proponents of unregulated computerization have been wealthy, organized, and aligned with the anti-regulatory senti- ments that have dominated U.S. Federal politics during the last 15 years. Consequently, they have effectively blocked many attempts to preserve personal privacy through regulation. Managers and professional in business organizations and public agencies, characterize their searches for information about people in limited and pragmatic terms that improve their rationality in making specific decisions about whom to hire, to whom to extend a loan, to whom to rent an apartment, and whom to arrest. From the viewpoint of individuals, these searchers for personal information is sometimes fair and sometimes invasive of their privacy. Some of the key policy debates about computerization and privacy of personal records reveal conflicting values, not just conflicting interests. There are at least five major value orientations which influence the terms of key debates (Kling, 1978). These values can also help us understand the social repercussions of computer-based surveillance technologies: Private enterprise model: The pre-eminent consideration is profitability of financial systems, with the highest social good being the profitability of both the firms providing and the firms utilizing the systems. Other social goods such as consumers' privacy or the desires of government agencies for data are secondary concerns. Statist model: The strength and efficiency of government institutions is the highest goal--government needs for access to personal data on citizens. The need for mechanisms to enforce citizens' obligations to the state will always prevail over other considerations. Libertarian model: Civil liberties, such as those specified by the US Bill of Rights, are to be maximized in any social choice. Other social purposes such as profitability or welfare of the state would be secondary when they conflict with the prerogatives of the individual. Neo-populist model: The practices of public agencies and private enterprises should be easily intelligible to ordinary citizens and be responsive to their needs. Societal institutions should emphasize serving the "ordinary person." Systems model: Financial systems must be technically well organized, efficient, reliable, and aesthetically pleasing. In different instances, policies and developments may support, conflict with, or be independent of these five value models. Each of them, except the Systems model, has a large number of supporters and a long tradition of support within the US. Thus, computing developments that are congruent with any of these positions might be argued to be in "the public interest." Information entrepreneurialism is most directly aligned with the private enterprise value model for guiding social action. But the information capitalist approach can also support statist values in cases where public agencies use computerized information systems to model and explore alternative revenue-generating programs, to assess the effectiveness of social programs, or to track scofflaws through networks of records systems. It is conceivable that information entrepreneurialism could support neo-populist consumer control, by constructing databases that report on the quality of commercial products and services, or by enhancing access to government records systems. However, such uses are extremely rare, and are not accessible to the majority of people, who are not computer savvy. It is difficult to imagine that many new computerized systems would, on balance, automatically support libertarian values. In the last section, for example, we examined how electronic mail, which is stored in computer systems, can lead to losses of privacy between correspondents. However enhanced privacy regulations reduce the extent to which computerized systems which support statist or private enterprise values further erode personal privacy in the United States. The next six selections illustrate how debates about computerization and privacy are anchored in these value positions. The debates about computer file matching pit civil- libertarian against statist values. The debates about the proposed Clipper chip and government wiretapping pit statist values against libertarian and private enterprise values. And the debates about direct mail marketing pit private enterprise values against neo-populist values. Computer File Matching Government agencies are often charged with regulatory and policing activities DD social control on a large scale. Information about the activities of potential or real lawbreakers is a critical resource for their operations. But privacy issues have taken on a new form and a new urgency with the advent of computer matching, a technique involving large data bases with unrelated purposes which are cross- checked for consistency. For example, a state's automobile registration records might be matched against tax records, looking for individuals who own expensive cars, but who declared only small incomes. Computer matching has been used to track down and withhold tax refunds from parents whose child support payments are in arrears; to ferret out young adult males who have failed to register for the draft; to detect ineligible welfare and / or food stamp recipients; and to locate former students with delinquent loan payments. Advo- cates of this approach, such as Richard Kusserow in our third selection, argue that it is simply a tool necessary to carry out institutional mandates DD e.g., helping to insure that fathers pay child support. Critics rarely object to the specific ends to which matching has been put so far. They would like to see fathers pay their required child support, to reduce welfare cheating, etc. At the same time, they see matching as Big Brother's encroachment on individual privacy. Today, the examples of computer matching are relatively benign DD but there are no legal guarantees that the uses may not become more and more intrusive as we enter the 21st century. Matching can assist in controlling various illegal activities, which is why the 1984 Deficit Reduction Act required all states to participate in matching programs. Although the precise number of matches that have been conducted is difficult to determine because of the lack of a comprehensive reporting mechanism, the U.S. Congress' Office of Technology Assessment (OTA) testified that the number of computer matches nearly tripled between 1980 and 1983. OTA also conducted a survey on 20 percent of the federal-level computer matching programs that were carried out between 1980 and 1985. Even within that limited number of matching programs, agencies had exchanged 7 billion records. Moreover, estimates of the magnitude of computer matching benefits reported ranged from $4 to $54 for each $1 spent on a match (GAO, 1993). The fourth selection, by John Shattuck, reviews various dangers of computer matching, among them the idea that matching involves a presumption of guilt. [Check to see if he also anticipates the GAO's findings of lax oversight] Kusserow illustrates a "statist" value position and Shattuck's paper illustrates a civil libertarian argument. This debate illustrates some of the ways that statist and libertarian advocates frame privacy issues. Since this debate was first published in 1984, the US Congress passed the Computer Matching Privacy and Protection Act of 1988. The matching law permits government agencies to compare information from two or more sources to detect discrepancies, which are then examined to see if fraud or some other type of abuse has taken place. It also gives people affected by adverse findings in a matching process a way to appeal, and requires that people be notified 30 days in advance of the cutoff of benefits. Many of the issues raised in this debate also surface in other statist-libertarian debates over required identity cards to streamline healthcare services or to reduce the number of illegal immigrants in the United States. Wiretapping, Encryption and the Clipper Chip In the next selection, "Clipper Chip will Reinforce Privacy," Computer Scientist Dorothy Denning supports a new Digital Telephony law that the US Department of Justice and its Federal Bureau of Investigation proposed in 1992. This law would require telecommunications service providers to assist government agencies in tapping conversations and communications. In the U.S., the Omnibus Crime and Safe Streets Act of 1968 permits wiretapping only to investigate serious felonies, and only when other forms of investigation won't work or are too dangerous (U.S. Office of Technology Assessment, 1994: 116). In the U.S., taping phone conversations without the permission of all parties is against the law and a social taboo. As an extreme example, a woman in New York State was granted a divorce after her husband taped her phone conversations (Geyelin, 1991). According to testimony by an official of the Federal Bureau of Investigation, fewer than 1,000 wiretaps were authorized at the local state and federal levels in the U.S. in 1992 (U.S. Office of Technology Assessment, 1994: 116, note 10). FBI officials fear that new encryption devices can scramble telephone calls so effectively that a simple phone tap won't let them actually hear an intelligible voice. They have been eager to promote a specific family of encryption methods that would make it easy to unscramble encrypted phone calls when a wiretap was authorized through a court order. In addition, new digital switching systems could mix diverse phone calls on the same line in such a way that it could be hard for a tap to isolate a single specific phone line and conversation. FBI officials argued that they needed new help from telephone companies and other telecommunications services to be able to effectively tap phones in the future. Since telecommunications systems and networks are often used in the furtherance of criminal activities including organized crime, racketeering, extortion, kidnapping, espionage, terrorism, and trafficking in illegal drugs, the FBI argued that it would be ineffective without an ability to conduct wiretaps. Denning's article articulates these issues from the viewpoint of the FBI, and also explains some of the subtle technicalities that underlie this proposal and subsequent debates. The proposed Digital Telephony law ignited a firestorm of controversy. Denning previous article advocating her positions first appeared in Communications of the ACM along with eight critical commentaries and one sympathetic commentary by William A. Bayse, an Assistant Director of the FBI's Technical Services Division. The criticisms came primarily from two major value positions: civil libertarian and private enterprise. The next selection, by Marc Rotenberg, a lawyer who then directed CPSR's Washington office, illustrates a civil libertarian analysis. Rotenberg acknowledges the legitimacy of wiretapping in very special cases. But he is wary of the FBI's proposal because they haven't documented their case. In an earlier publication, Rotenberg (1993) also observed that the FBI has not acknowledged its history of abusing wiretaps and harassing groups that sought progressive social change, especially in the 1950s and 1960s (see Churchill and Van de Wall, 1990). Direct Mail Marketing There is a good chance that every day you receive some mail from banks, credit card firms, political groups and/or mail order firms with whom you've never done any business. You might enjoy some of the unsolicited mail, and find some of it to be a nuisance and a waste of paper and postage. The average U.S. household receives between eight and nine pieces of promotional mail per week A confirmed mail order buyer may receive about 1,000 pieces a year (Hatch, 1993).The privacy issues in direct mail differ from those of other practices in that the recipients of unwanted mail or phone calls are not deprived of jobs or important services. At worst, it can seem to be a manageable nuisance. One key issue is the question, "how did they get your name?" In the next selection, "Privacy: How Much Data Do We Really Need?" Denison Hatch argues that direct mail marketers often collect much more personally sensitive data than they need. He argues that direct mail marketing firms should regulate their own behavior in a way which is respectful of potential customer's sense of comfort. Hatch is not a strong libertarian, and in fact, he is very critical of "the forces arrayed against us--the media, government, liberal do-gooders, as well as those in our own industry whose zeal for profits overwhelms their common sense and decency." Even so, Hatch argues that direct mailers should be sensitive to public concerns out of self-interest, and regulate their own behavior through specific "opt out" and fair information practices lest they be regulated. In the next selection, Robert Posch, a vice president of legal affairs for Doubleday Book & Music Clubs, Inc. argues vehemently against Hatch's concerns about the public's annoyance with some of the sloppy direct mail-phone marketing campaigns. He argues that the Mail Preference Service (MPS) which has allowed about 3 million people to opt-out of receiving unsolicited direct mail, is primarily a public relations device. Writing in Direct Marketing, he argues: "Our opponents are competitive media (television, magazines, newspapers, etc.) which have the power to editorialize and create value perceptions in their product." Posch wants advertising mail to be treated as (commercial) free speech and to be given first amendment protections. While Posch is a staunch advocate of private enterprise values, his article also points to schisms in the business world -- between mailing list services which facilitate direct mail-phone campaigns and print and television media that thrive on mass advertising. INDIVIDUAL, REGULATORY AND MARKET APPROACHES FOR BALANCING PERSONAL PRIVACY WITH OTHER SOCIAL VALUES Some people do not find extensive personal record-keeping objectionable, arguing that "If you haven't done anything wrong, you have nothing to worry about". They think of record-keeping that fits the routine behavior of legitimate organizations DD banks wanting to know credit histories, courts wanting to know prior criminal records etc. Computer-based information systems can be used in a myriad of ways that fit organizational practices. Many of these practices are legitimate; some may be questionable; and some may even be illegal. Problems arise under a variety of circumstances, e.g., when the records about people are inaccurate and they are unfairly denied a loan, a job, or housing. In large-scale record systems (with millions of records) there are bound to be inaccuracies. But people have few rights to inspect records about them DD except for credit records. During the last 30 years, people have lost control over records about them. Increasingly, courts have ruled that records about a person belong to an organization, and the person to whom they apply cannot restrict their use. Consequently, inaccurate police records, medical records, employment histories, etc. can harm people without their explicit knowledge about why they are having trouble getting a job, a loan, etc. Many of the issues of data ownership are complex and contro- versial in themselves. For example, today there are major controversies about whether people who test positive for AIDS should be able to keep that information completely private. In principle, the question has nothing to do with computer systems. The controversy focuses in part on the public good served by being able to identify AIDS carriers versus the concern that many people may avoid AIDS testing if they cannot be assured of the privacy of their test results. In practice, the ability of organizations to share files electronical- ly makes it more likely that personal information can pass across organizational, state, and national boundaries, if it is shared at all. This approach has a certain clarity. But it is misleading as well. First, almost everyone recognizes some point at which one's personal activities are nobody else's business. A person may wish only a specific party to know certain information DD the bank to know the purpose of a loan, the doctor to now the reasons for a visit, etc. Second, as the White House "enemies" list and the Japanese-American incarceration sadly show, it cannot be assumed that (legally obtained) information will always be used for legal and ethical purposes. Last, in a society where so many records are not under the control of individual citizens, and are unavailable for people to review for accuracy, people may be denied key social goods DD like employment, housing, or credit DD when inaccurate informa- tion about them is passed through the files of businesses and public agencies without audit. Studies of existing records have revealed widespread inaccura- cies and ambiguities, with some state criminal history systems having a majority of their records being inaccurate or incomplete. As Kenneth C. Laudon (1986) demonstrates, a person's arrest record almost always remains "in the system", regardless of the disposition of the case (conviction, dismissal of charges, etc.). All too often, the records show no disposition whatsoever. And many employers are unwilling to hire applicants with an arrest record, no matter how the case against them was eventually resolved. Laudon also found that employers and apartment house owners, not just police, were major users of criminal history systems. Many citizens have grown so accustomed to detailing their medical histories and handing over their social security numbers that they scarcely give the matter a second thought. Probably few of them realize the extent to which computeriza- tion provides a record of individual activities: an electronic trail of one's whereabouts is available in the records of Electronic Funds Transfers (EFTs), airline reservation systems, rental car agencies, telephone calls, and credit card purchases. In certain emergency situations, these records may be used for salutary purposes; the movements of accused killer Ramon Salcido were reportedly traced by monitoring his ATM transactions. But in less extreme circumstances, certain aspects of one's life are arguably a private matter. Some video stores, for example, maintain an ongoing record of each customer's rentals, until these records were protected by the Federal Video Privacy Protection Act in 1988. Given cheap long-term information storage, combined with interconnected data systems, it becomes progressively difficult for anyone to escape the record of activities that have long past. Diverse personal information is subject to compromise and abuse any time that an unauthorized party gains access to it, and there is plenty of evidence that today's large-scale computer systems are not adequately secure. (Issues concerning the reliability and security of computer systems are discussed in Section VI of this volume.) A huge fraction of the literature about computerization, social control, and privacy refers to regulatory strategies for striking fair and sound balances between conflicts values and interests. These regulatory strategies vary widely from one country to another. For example, in 1973 Sweden instituted a nation-wide Data Inspection Board which licenses all data bases with significant personal records (Flaherty, 1989: 93-94). In contrast with this highly centralized and bureaucratic approach, the United States regulates very few uses of personal data. And Hiramatsu (1993:74) notes that "Traditionally, the Japanese have not been very sensitive to the right of privacy." The Fair Credit Reporting Act of 1970 (15 USC 1681) was the first comprehensive piece of Federal legislation to give consumers legal protections from difficulties of inaccurate credit records. The Act requires credit bureaus to have "reasonable procedures" for insuring that information that they collect and disseminate is accurate. It permits consumers to see any credit information that has been used to deny them a loan, and also contains provisions for consumers to contest inaccurate information or to fill in incomplete information. But few people check their credit records with major data brokers like TRW until they have been denied a loan, and it can then take precious months to straighten out inaccurate records or problems of mistaken identity. As a U. S. Government report aptly noted, The fact that the Fair Credit Reporting Act will enable him to get errors in the record corrected can be small and bitter comfort to a traveler stranded in a strange city late at night because information about his credit-card account status was inaccurately reported to an independent authorization service. In 1974, US Congress passed a Federal Privacy Act that embodies five major principles of fair information practices. While the Privacy Act applied only to Federal agencies, these principles have influenced many people's thinking about an appropriate structure for regulating other personal records systems: 1. There must be no secret personal data record keeping system. 2. There must be a way for individuals to discover what personal information is recorded and how it is used. 3. There must be a way for individuals to prevent information about themselves, obtained for one purpose, from being used or made available for other purposes without their consent. 4. There must be a way for individuals to correct or amend a record of information about themselves. 5. An organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for its intended use and must take reasonable precautions to prevent misuses of the data. (U.S. Office of Technology Assessment, 1994:xxx). The Privacy Act gives individuals the right to access much of the personal information about them kept by federal agencies. The Privacy Act of 1974 also established a Privacy Protection Study Commission, which in 1977 issued a substantial report on its findings and recommendations. Although comput- erization was not a focal point in the report, it is never far below the surface. The Commission made 155 recommendations to develop "fair information practices". Many of these recommendations gave people the right to know what records are kept about them, to inspect records for accuracy, to correct (or contest) inaccuracies, to be informed when records were transferred from one organization to another, etc. Less than a handful of these proposals were enacted into Federal Law. In the last 15 years, numerous privacy laws have been introduced into various state legislatures and into the U.S. Congress. Most of these laws were effectively killed by representatives of the industries whose actions would have been constrained. Even so, a few laws have passed where organizations have had a strong interest in drawing customers with promises of confidentiality. The Right to Financial Privacy Act of 1988 and the Family Educational Right to Privacy Act. These Acts enable the right of access and review by the data subject, require that data be accurate and place limitations on access by third parties (Trubow, 1992). In addition, the Video Privacy Protection Act of 1988 prohibits disclosure of personal information in video rental records and the Cable Communications Policy Act of 1984 regulates the disclosure of cable television subscriber records. But these few national laws are exceptions. Aside from the regulation of personal records maintained by Federal agencies, whole domains of record keeping and record sharing, such as medical, employment, and insurance records, are open to the preferences of the record keeping organizations. In discussing the regulations about telecommunications in the U.S., Law Professor George Trubow observes: Subsequent to the break-up of our Bell System, a variety of entrepreneurs have begun to provide telecommunications services which vary from state to state and are virtually unregulated with respect to customer information practices. "Caller I.D.," for instance, has been approved in some states without any opportunity for the caller to block disclosure of his phone number; other states have required this option. Additionally, the regional Bell companies which replaced the national Bell System have recently been permitted to develop and market data bases so they themselves can supply information about customers; previously, message-switching was the principal function of the "Baby Bells" (Trubow, 1992). Analysts respond in diverse ways to this state of affairs. Private enterprise advocates like Robert Posch and statist advocates like Richard Kusserow are relatively happy, and criticize additional legislation as hampering the competitiveness of business or the efficiency of government agencies. Civil libertarians like Marc Rotenberg and Management Professor H. Jeff Smith (1993, 1994) seek policies and laws which give people fair protections against record keeping and information sharing practices which harm people and which do not result in a compelling social good. Civil libertarians face difficult dilemmas because new technologies can support new services or organizational practices which can reduce people's privacy. There are a few technologies, such as encryption, where more powerful methods can enhance the privacy of communicants. But encryption is the rare example, in contrast with the diverse technologies for collecting data, storing, manipulating, retrieving, portraying, and communicating it. In the U.S., privacy laws tend to be reactive -- to be enacted after some explicit damage has been documented. For example, the Telephone Consumer Protection Act of 1991 was enacted after many people were sick and tired of receiving numerous prerecorded telephone solicitations when they were selected with autodialers and specialized databases. After a reporter obtained a list of videos rented by Robert Bork, a nominee for the U.S. Supreme Court in 1987, Congress passed the Video Privacy Protection Act in 1988 (Flaherty, 1989:451). Some civil libertarians believe that passing privacy protection laws is insufficient, since the U.S. legal system now puts the burden of enforcement on individuals who have been harmed and who must seek redress through the courts. Historian David Flaherty concluded his study of privacy protections in the Germany, Sweden, France, Canada and the U.S. with the observation that an agency to enforce privacy laws is a necessary part of an effective regulatory apparatus (Flaherty, 1989:381-385). Some civil libertarians who have been long term observers of the dramas of computerization and weak public privacy protections in the U.S. and Canada have become discouraged with the possibility of creating an effective protective framework based on the current regulatory approaches. Kenneth Laudon develops a new approach, in the next selection, "Markets and Privacy." He argues that giving people property rights in data about themselves and creating markets where people can receive fair compensation for data about themselves is a viable alternative. Laudon provides a broad sketch of his approach and anchors it within interesting economic theories. The core issues are important: that personally sensitive data can have economic value, and that individuals can make the tradeoffs between their preferences for privacy and the value of the data that they could sell. Unfortunately, Laudon doesn't examine the nitty gritty details. Could an insurance company reduce its rates by 20% to clients who are willing to share all of their medical data? Would personal privacy be primarily a luxury, or would most data sell for so little that only those who don't care or are relatively poor would be very open? Even so, Laudon's market proposal sets a controversial new direction for structuring privacy protection and information access. In the selection "What to do When they Ask for Your SSN," Chris Hibbert takes an activist stance. Hibbert is interested in making laws effective by encouraging people to know their rights and to argue for them when they are asked for personally sensitive data. His article builds on a deep American tradition of informed citizens actively protecting their rights (also see Smith, 1979). Hibbert's article also tells us about the history and controls over the use of the Social Security number. THE CONTINUING GROWTH OF PERSONAL RECORD SYSTEMS AND SUPPORTING TECHNOLOGIES What are the forces that underlie the expansion of organizations' gathering records about people's lives? One view is that bureaucracies have a natural appetite for informa- tion, since information represents a source of power. A second explanation is proposed by James B. Rule and his colleagues (1980) , who argue that much of the pressure for information gathering stems from public demand that organizations make "fine-grained" discriminations in determining eligibility for goods and services. If, for example, all citizens were entitled to free health care, the need to collect information about insurance and employment would disappear. If all car drivers paid similar rates DD rather than receiving "good driver discounts" and paying higher rates for many driving offenses D- the demands for driver history information would be reduced. Mark Ackerman, Jonathan Allen and I examine a third view in the final selection, "Information Entrepreneurialism and the Growth of the Electronic Cage." We link the adoption and use of new computer technologies for large-scale record keeping to a set of social practices we refer to as information entrepreneurialism. Information entrepreneurial explanations focus on the active attempts of coalitions within organizations to organize production in such a way as to take advantage of changes in society and information technology. The internal structure of organizations has been transformed by the rise of professional managers who have been trained and rewarded to pursue managerial strategies that depend upon data-intensive analysis techniques, such as precision direct mail marketing and data-mining. Information entrepreneurial practices are made efficacious by some of the major social transformations in industrialized society over the past century: the increasing mobility of populations, the growth of nationwide organizations, and the increasing importance of indirect social relationships. Information entrepreneurial practices are also encouraged by the development of more cost-effective technologies for managing large-scale databases. As an organization shifts its managerial style to be more information entrepreneurial, analysts organize, implement, and utilize information systems to improve marketing, production, and operations. Information systems multiply, as cost accounting, production monitoring, and market surveys becomes a key resource in advancing the organizations' competitive edge. Only a small fraction of these information systems contain personally sensitive data. But across the United States, these can lead to hundreds, if not thousands, of new personal record systems created every year. We argue that information entrepreneurialism relies on a set of skills that people are likely to learn in certain academic programs, such as MBA degree programs. We examined some popular MBA texts which teach students about information systems, and found that their discussions of privacy issues were relatively superficial. Schooling is, however, just the beginning for many of the managers who seek to innovate. The business press publishes (and exaggerates) stories of computerization efforts that promise better markets and profits. Magazines like The Harvard Business Review and Business Week publish stories about using information technology, including data systems with privacy dimensions, for competitive advantage. But they rarely highlight the privacy issues in their enthusiasm to excite managerial readers about new ways of conceiving of business opportunities. In addition, professional associations help managers learn diverse approaches to their trades. But in some professions, such as marketing, finance, and operations management, computerization strategies play an important role. Professional associations in these fields offer talks, workshops and publications for their members which also help popularize key aspects of information entrepreneurialism. Professor David Linowes started the first selection with the provocative claim, "Privacy invaders are all around us." Mark Ackerman, Jonathan Allen and I believe that "privacy invaders" can be information entrepreneurs; and they are made rather than born. Our article is a provocative sketch of the social system that rewards informational entrepreneurship, as well as some of the ways that talented people learn the relevant skills and orientation. CONCLUSION Debates about computerization and fair information practices will not go away DD even though they catch public attention intermittently. For a variety of "sensible" social reasons, organizations expand their computerized record systems and their use of dataveillance techniques. As Roger Shattuck notes, it is difficult to document cases of real harm, because there are no agencies collecting such information. Conse- quently, those who see people losing control, and organizations becoming less accountable, hang a lot of weight on the relatively small number of well-documented problems. But, we wonder, is this an appropriate state of affairs? What social costs are we incurring as we wait for problems to become visible, or to mount until regulation - however late DD becomes necessary. In the meantime, computer professionals play key roles in expanding the variety and uses of personnel systems. But, given that many such systems raise important ethical issues, the question arises as to why some computer professionals often seem untroubled by their advocacy. Some may argue that they are unaware of any ethical repercussions; others maintain that computer science is a technical discipline, unconnected with value questions; and still others say that "If I don't do it, somebody else will anyway". We examine these and other ethical matters in Section VII. ARTICLES IN THIS BOOK: SOURCES Linowes, David. 1993. "Your Personal Information Has Gone Public." Illinois Quarterly. (6)2:22-24. Murphy, Gerald. (ed.) Bill of Rights of the U.S. Constitution. Distributed by the Cybercasting Services Division of the National Public Telecomputing Network (NPTN). **Shattuck, John. 1984. "Computer Matching is a Serious Threat to Individual Rights." Communications of the ACM. (27)6(June):538-5. **Kusserow, Richard P. 1984. "The Government Needs Computer Matching to Root Out Waste and Fraud." Communications of the ACM. (27)6(June):542-545. Dorothy Denning. "Clipper Chip will Reinforce Privacy." Insight. (Oct, 24, 1994):18-20. Rotenberg, Marc. Wiretapping Bill: Costly and Intrusive. Insight. (Oct, 24, 1994):20-22. Laudon, Ken. 1994. "Privacy and Markets." [Original article for book.] Posch, Robert. 1994. "After MPS - Then what?" Direct Marketing. (56)11(March):63-64. Hatch, Denison. 1994. "Privacy: How much data do we really need? Target Marketing. 17(2)(Feb):35-40. Hibbert, Chris. 1993. "What to do When they Ask for Your SSN." Computer Professionals for Social Responsibility. (November 1994). Rob Kling, Mark Ackerman and Jonathan P. Allen. "How the Marriage of Management and Computing Intensifies the Struggle for Personal Privacy: Value Conflicts and Social Change." ARTICLES IN C&C1 [to integrate into refererences] Clarke, Roger C. 1988. "Information Technology and Dataveillance." Communications of the ACM. (31)5(May):498-512. Kling, Rob. 1983. "Value Conflicts in EFT systems". Excerpted from "Value Conflicts and Computing Developments: Developed and Developing Countries". Telecommunications Policy. (7)1(March): 12-34. Laudon, Kenneth C. 1980. "Comment on 'Preserving Individual Autonomy in an Information-Oriented Society.'" In Lance J. Hoffman et. al. Computer Privacy in the Next Decade. New York: Academic Press. 89-95. Privacy Protection Study Commission. 1977. Personal Privacy in an Information Society. U.S. Government Printing Office. 3-37. Richards, Evelyn. 1989. "Proposed FBI Crime Computer System Raises Questions on Accuracy, Privacy . . ." The Washington Post. (February 13.) [Posted on RISKS- FORUM Digest. (8)27(February 16)]. Rule, James B. et. al. 1980. "Preserving Individual Autonomy in an Information-Oriented Society." In Lance J. Hoffman et. al. Computer Privacy in the Next Decade. New York: Academic Press. 65-87 REFERENCES Bennett, Colin J. 1992. Regulating privacy : data protection and public policy in Europe and the United States. Ithaca: Cornell University Press. Burnham, David. 1983. The Rise of the Computer State. New York: Random House. Calhoun, Craig. 1992. "The Infrastructure of Modernity: Indirect Social Relationships, Information Technology, and Social Integration." In H. Haferkamp, and N. Smelser. (eds.) Social Change and Modernity. Berkeley: University of California Press. Churchill, Ward and Jim Vander Wall. 1990. The COINTELPRO Papers : Documents from the FBI's Secret Wars Against Domestic Dissent. Boston: South End Press. Culnan, Mary J. 1993. "How did they get my name? An Exploratory Investigation of Consumer Attitudes Toward Secondary Information Use. MIS Quarterly. (17)3(September):341-363. Denning, Dorothy. "To Tap or Not to Tap." Communications of the ACM (36)3 (March, 1993):26-35 Flaherty, David H. 1989. Protecting Privacy in Surveillance Societies : the Federal Republic of Germany, Sweden, France, Canada, and the United States. Chapel Hill: University of North Carolina. Garrow, David J. 1994. Liberty and Sexuality : the Right to Privacy and the Making of Roe V. Wade. New York: Macmillan. Geyelin, Milo. 1991. "Husband's Wiretap is Grounds for Divorce, New York Judge Rules." Wall Street Journal. (Monday, November 11):B3(W), B3(E), col 4. Hatch, Denison. 1993. "The True Cost of Our Excesses." Target Marketing. (16)12 (December):22. Hiramatsu, Tsuyoshi. 1993. "Protecting Telecommunications Privacy in Japan." Communications of the ACM. (36)8(August):74-77. Hoffman, Lance: "Clipping Clipper" Lance Hoffman. CACM 36(9)(Sept 1993):15-17. Kling, Rob. 1978. "Value Conflicts and Social Choice in Elec- tronic Funds Transfer Systems." Communications of the ACM. (21)8(August):642-657. Landau, Susan, et al. 1994. "Crypto Policy Perspectives." Communications of the ACM. 37(8)(August):115-121. Mitgang, Herbert. 1989. Dangerous Dossiers. New York: Ballantine Books. Posch, Robert J Jr. "1994." Direct Marketing v57, n6 (Oct 1994):68-69+. Rotenberg, Marc. 1993. Commentary on "To Tap or Not To Tap." Communications of the ACM v36, n3 (March, 1993):36-39. Rule, James, Douglas McAdam, Linda Stearns, and David Uglow. 1980. The Politics of Privacy: Planning for Personal Data Systems as Powerful Technologies. New York: Elsevier North-Holland Smith, Jeff. 1993. Privacy policies and practices: inside the organizational maze. Communications of the ACM v36, n12 (Dec):104-119. Smith, H. Jeff. 1994. Managing Privacy: Information Technology and Corporate America. Chapel Hill: University of North Carolina Press. Smith, Robert Ellis. 1979. Privacy, how to protect what's left of it. Garden City, N.Y.: Anchor Press. Trubow, George B. 1992. The European harmonization of data protection laws threatens U.S. participation in trans border data flow. Northwestern Journal of International Law & Business v13, n1 (Spring/Summer 1992):159-176. U.S. Office of Technology Assessment. 1994. Information Security and Privacy in Network Environments. OTA-TCT-606 (September). Washington, DC: U. S. Government Printing Office. United States General Accounting Office. 1993. (Computer matching report). Get Title. FOR FURTHER READING Agre, Philip E. 1994. Surveillance and capture: Two models of privacy. Information Society v10, n2 (Apr-Jun):101-127. Branscomb, Anne. Culnan, Mary. 1993. "How Did They get My Name?" MIS Quarterly. (17)3(September):341-363. Clement, Andrew. 1994."Considering Privacy in the Development of Multi-media Communications." Computer Supported Cooperative Work. 2:67-88. (reprinted in Section VII of this book) Freedman, Warren. 1987. The Right of Privacy in the Computer Age. New York: Quorum Books. Kling, Rob and Suzanne Iacono. 1984. "Computing as an Occasion for Social Control." Journal of Social Issues. (40)3:77-96. Laudon, Kenneth C. 1986. Dossier Society: Value Choices in the Design of National Information Systems. New York: Colum- bia University. Lyon, David. 1994. The Electronic Eye. Minneapolis, Minn: University of Minnesota Press. Lyon, David and Elia Zureik (Eds). (in press). New Technology, Surveillance and Social Control Minneapolis, Minn:University of Minnesota Press. Marx, Gary. 1985. "I'll Be Watching You: Reflections on the New Surveillance." Dissent. 32(Winter):26-34. Privacy Protection Study Commission. 1977. Personal Privacy in an Information Society. 052-003-00395-3. Washington, DC: U.S. Government Printing Office. Riley, Michael G. 1990. "Sorry Your Card is No Good: A Nightmarish Tale from the Realm of Consumer Credit Ratings." Time Magazine. (135)15(April 9):62. Rubin, Michael Rogers. 1988. Private Rights, Public Wrongs : the Computer and Personal Privacy. Norwood: Ablex. ------------------------------ From: Rob Kling Date: 21 Dec 94 05:11:48 GMT Subject: Table of Contents, Computerization & Controversy For context re. the intro that I circulated for comments/corrections, I'm sending the anthologies' table of contents. Best wishes, Rob Kling --------------- COMPUTERIZATION AND CONTROVERSY: Value Conflicts and Social Choices. 2nd Ed: (Draft 4S9 D:\PUBS\CC2\TOC\READ94s9.WPO) Rob Kling (Ed). Academic Press, 1995. Dec 20, 1994 The 2nd edition of Computerization & Controversy will include about 60 articles which examine the social aspects of computerization from different perspectives. Some of the articles are paired to form a head-on debate. Many articles represent important viewpoints which are not often heard in the conventional discussions. The articles are written by scholars and professionals in computer science, information systems, management, journalism, psychology, law, library science, sociology. Each of the book's 7 sections is introduced with a 15-27 page essay that frames the major controversies, locates the selections within the debates, points to other literature, etc. The 2nd edition will be similar in length and appearance to the first edition (750 pages and a pleasant font). However, I have selected a larger number of shorter articles, so as to better represent a larger variety of issues and perspectives. [Note: **'d articles are being retained from the first edition.] In contrast with the 1st edition, the 2nd edition shifts the focus towards networking/cyberspace as an arena for examining the social dimensions of computerization. The introductions have been completely restructured and rewritten to address new issues and to better focus the debates. Table of Contents: ** Preface ** Social Controversies About Computerization: An Introduction -- Rob Kling (17 pages) I. THE DREAMS OF TECHNOLOGICAL UTOPIANISM -- (Note: These articles generally illustrate technological utopianism and anti-utopianism in non-fiction works.) A. Technological Utopianism -- An Introduction -- Rob Kling (18 pages) B. Kelley, Kevin. "The Electronic Hive - Embrace It" Harper's 228 (1728)(May 1994):20-25. (Adapted from Out of Control: The Rise of Neo-biological Civilization. Addison-Wesley, 1994). C. Birkerts, Sven. "The Electronic Hive - Refuse It" Harper's 228 (1728)(May 1994):17-20 (Adapted from The Gutenberg Elegies: The Fate of Reading in an Electronic Age. Faber and Faber in press.) D. Stewart, Thomas A. "Boom time on the new frontier." Fortune 128:7 (1993) (Autumn, 1993):153-161. E. Weiland, Ross. "2001: A meetings odyssey. Successful Meetings, 42:13 (Dec. 1993):34-39. F. Winner, Langdon. 1992. "Silicon Valley Mystery House" in Variations on a Theme Park: The New American City and the End of Public Space. edited by Michael Sorkin. New York: Noonday Press. (2 page excerpt). G. Suzanne Iacono and Rob Kling. "Computerization Movements and Tales of Technological Utopianism" [new article for C&C2] (8600 words) II. THE ECONOMIC, CULTURAL and ORGANIZATIONAL DIMENSIONS OF COMPUTERIZATION A. The Economic, Cultural and Organizational Dimensions of Computerization: An Introduction -- Rob Kling (21 pages) B. Ariav, Gadi and Seymour Goodman. Israel: Of Swords and Software Plowshares. Communications of the ACM 37(6)(June 1994):17-21. C. **Feder, Barnaby J. "Getting the Electronics Just Right: Wells Fargo is a Case Study in How a Company can Exploit the Information Revolution." New York Times, Business Section, Sunday, June 4, 1989: pp 1,8. D. Morton, Michael Scott. Excerpt from The Corporation of the 1990's: Information Technology & Organizational Transformation. Michael Scott Morton (ed).(Oxford U Press, 1991) (6000 word excerpt from intro). E. **Frantz, Douglas. "B of A's Plans for Computer Don't Add Up." Los Angeles Times. (Sunday). February 8, 1988. F. Kirkpatrick, David. "Groupware goes boom."(effects of groupware software packages on corporations) Fortune (128)16 (Dec. 27, 1993):99-103. G. Orlikowski, Wanda. "Learning from Notes: Organizational Issues in Groupware Implementation." Proc. Conference on Computer-Supported Cooperative Work, Jon Turner and Robert Kraut (Ed.) New York, ACM Press, 1992. H. Becker, Henry Jay. "A Truly Empowering Technology- Rich Education-- How Much Will it Cost?" Educational IRM Quarterly 3(1)(September 1993):31- 35 (with figures). I. Hodas, Steven. "Technology Refusal and The Organizational Culture of Schools." Previously published (Sept 1993) in the e-journal, (10800 words) J. **Baily, Martin Neal. "Great Expectations: PCs and Productivity" PC Computing 2(4) (April 1989): 137-141. N. Attewell, Paul. "Information Technology and the Productivity Challenge." O. King, John. Where is the Payoff from Computing? (Original article for this book). (6000 words) Q. Kling, Rob and J.P. Allen. "Can Computer Science Solve Organizational Problems?: The Case for Organizational Informatics." [Original article for this book. (6100 words)] III. COMPUTERIZATION AND THE TRANSFORMATION OF WORK A. Computerization in Work: An Introduction -- Rob Kling (This section has fewer articles than others. But many articles in other sections examine work issues, included those Winner, Hodas, Kling, Markus, RSI debates, Dahlbom & Matthiasen, Wagner). (27 pages) B. **Kling, Rob and Suzanne Iacono ``Office Routine: The Automated Pink Collar" IEEE Spectrum (June 1984):73-76. C. Marx, Gary. The Case of the Omniscient Organization. Harvard Business Review. (March-April 1990):4-12. [8 pages, est.] D. Horwitz, Tony. Mr. Edens Profits from Watching His Workers' Every Move. The Wall Street Journal. Dec 1, 1994, page A11. (2000 words) E. Clement, Andrew. Computing at Work: Empowering Action by 'Low-level Users'. Communications of the ACM (37)1 (Jan. 1994):52-65. (9889 words) [revised for C&C2] F. **Bullen, Christine and John Bennett. "Groupware in Practice: An Interpretation of Work Experience" [original article] G. Poltrock, Steven E and Grudin, Jonathan, 1994. " Interface Development in a Large Organization: An Observational Study." ACM Transactions on Computer and Human Interaction. 1(1)(March 1994): 52-80 (revised to 9200 words). G. Suchman, Lucy. "Supporting Articulation Work: Aspects of a feminist practice office technology production". To be published in the Proceedings of the 5th IFIP WG9.1 Conference on Women, Work and Computerization, Amsterdam, Elsevier. 1994. [[revised for C&C2]] IV. SOCIAL RELATIONS IN ELECTRONIC COMMUNITIES A. Social Relations in Electronic Communities: An Introduction -- Rob Kling (22 pages) B. Sproull, Lee and Sara Kiesler. "Increasing Personal Connections." Connections. Cambridge: MIT Press. 1991. p. 79-102. (7910 words). B. Markus, M. Lynne. "Finding a 'Happy Medium': The Explaining the Negative Effects of Electronic Communication on Social Life at Work" from ACM Transactions on Information Systems. (12)2 (April 1994):119-149. C. Mantovani, Giuseppe. 1994. Is computer-mediated communication intrinsically apt to enhance democracy in organizations? Human Relations v47, n1 (Jan):45-62 [edited for C&C2 (6750 words)] D. Kaufman, Margo. "They Call it Cyberlove" Los Angeles Times Magazine (Sept 12, 1993): 45-62. E. ** Lindsy Van Gelder, "The Strange Case of the Electronic Lover: A Real-Life Story of Deception, Seduction, and Technology". Ms., (14)4 (October, 1985), pp. 94, 99, 101-104, 117, 123, 124. F. Van Tassel, Joan. "Yakety-Yak, Do Talk Back: PEN, the Nation's First Publicly Funded Electronic Network, Makes a Difference in Sanata Monica." Wired 2.01 (January, 1994):78-80. (3 pp w/box. (1878 words) G. Dibbell, Julian. 1993 "Taboo, Consensus, and the Challenge of Democracy in an Electronic Community." .(originally titled) .. "A Rape in Cyberspace or How an Evil Clown, a Haitian Trickster Spirit, Two Wizards, and a Cast of Dozens Turned a Database Into a Society" (From The Village Voice, December 21, 1993, pp:36-42.) [8500 words] H. Kadie, Carl M. "Applying Library Intellectual Freedom Principles to Public and Academic Computers" Proc. Computers, Freedom, and Privacy '94 (March 1994) I. Okerson, Ann. "The Electronic Journal: What, Whence, and When?" The Public-Access Computer Systems Review 2, no. 1 (1991): 5-24. (5800 words) J. Crawford, Walt. "I Heard It Through the Internet." .(originally titled) . "And Only Half of What You See, Part III: I Heard It Through the Internet." The Public-Access Computer Systems Review 5, no. 6 (1994): 27-30. Or, use the following URL: gopher:// info.lib.uh.edu:70/00/articles/e-journals/uhlibrary/pacsreview/ v5/n6/crawford.5n6. (895 words) K. Gregorian, Vartan. 1994. "Information Technology, Scholaship and the Humanities" originally titled -- "Technology, Scholaship and the Humanities: Implications of the Electronic Age." Leonardo. (27)2:155-164. [3750 word excerpt of 5200 word article] L. Richard Sclove and Jeffrey Scheuer. "On the Road Again: If Information Highways Are Anything Like Interstate Highways -- Watch Out!" [Original article for this book.] [4300 words] V. PRIVACY and SOCIAL CONTROL A. Privacy and Social Control: An Introduction -- Rob Kling (21 pages) B. Linowes, David. "Your Personal Information Has Gone Public." Illinois Quarterly 6:(2) 22-24, 1993. C. Bill of Rights (Amendments to the US Constitution) [536 words] D. **John Shattuck, "Computer Matching is a Serious Threat to Individual Rights", CACM, (27)6 (June, 1984), pp. 538-541. E. **Richard P. Kusserow, "The Government Needs Computer Matching to Root Out Waste and Fraud", CACM, (27)6 (June, 1984), pp. 542-545. F. Dorothy Denning. "Clipper Chip will Reinforce Privacy." Insight. (Oct, 24, 1994):18-20. (about 3,000 words) G. Rotenberg, Marc. Wiretapping Bill: Costly and Intrusive. Insight. (Oct, 24, 1994):20-22. (about 3,000 words) H. Hatch, Denison. 1994. "How much data do direct marketers really neeed?" (originally titled) "Privacy: How much data do we really need? Target Marketing 17(2) (Feb):35-40. (3850 words) I. Posch, Robert. 1994. "Direct Marketing is Not a Significant Privacy Threat" (originally titled) "After MPS - Then what? Direct Marketing 56(11) (March):63-64+. J. Hibbert, Chris. "What to do When they Ask for Your SSN." (posted on alt.privacy, comp.answers and news.answers) [4915 words] K. Laudon, Ken. "Markets and Privacy." [original ms.] L. Rob Kling, Mark Ackerman and Jonathan P. Allen. "Information Entrepreneurialim and the Growth of the Electronic Cage." [original ms.] VI. SYSTEM SAFETY and SOCIAL VULNERABILITY A. System Safety and Social Vulnerability: An Introduction -- Rob Kling (18 pages) B. ** " Risks of Voicemail Systems That Expect a Human at the Other End" Posting by R. Aminzade, RISKS- FORUM Digest, Vol. 9, Issue 61 (January 20, 1990) C. "Ottawa Library fines people using unreliable automatic calling system" Posting by Michael Slavitch, RISKS-FORUM Digest, Vol. 15, Issue 54 (November 1994) (353 words) D. **Jonathan Jacky, "Safety-Critical Computing: Hazards, Practices, Standards and Regulation". Original manuscript for C&C, updated for C&C2. E. Stix, Gary. "Aging Airways." Scientific American. (May 1994)270(5):96-104. F. **Brian Cantwell Smith, "The Limits of Correctness". Issued as Report No. CSLI-85-35 by the Center for the Study of Language and Information (Stanford University), (Copyright 1985 by Brian Cantwell Smith). (Also printed in the ACM SIG journal Computers and Society, combined (14)4 and (15)1, 2, 3 (Winter / Spring / Summer / Fall, 1985), pp. 18-26. G. Williamson, Evan. 1994. Caught in the Grip of RSI: A First-hand Account. Managing Office Technology 39(5)(May):40-41. H. Khalil, Omar E M and Melcher, Jessie E. 1994. Office Automation's Threat to Health and Productivity: a New Management Concern. SAM Advanced Management Journal 59(3)(Summer):10-14. I. Computer Emergency Response Team. 1994. "Ongoing Network Monitoring Attacks." CERT Advisory CA-94:01 (February 3). [1922 words] J. Neumann, Peter G. Risks of technology. (attitudes) (Inside Risks) Communications of the ACM (36)3 (March, 1993):130 [Draws upon Jerry Mander's 10 Principles from in the Absence of the Sacred : the Failure of Technology and the Survival of the Indian Nations San Francisco : Sierra Club Books, 1991. VII. BEYOND OUTLAWS HACKERS and PIRATES: ETHICAL PERSPECTIVES AND PROFESSIONAL RESPONSIBILITIES FOR INFORMATION AND COMPUTER SCIENCE PROFESSIONALS A. Beyond Outlaws, Hackers and Pirates: An Introduction to Ethical Perspectives and Professional Responsibilities for Information and Computer Science Professionals. -- Rob Kling (17 pages) B. Parker, Donn B.; Swope, Susan; Baker, Bruce N.; Weiss, Eric A. 1990. "All in a Day's Work: Nine Provocative Examples in the Practice of Computing Professionals" (excerpted and adapted from) "Self-assessment procedure XXII.:Ethical values in computer professions" Communications of the ACM (33)11 (Nov, 1990):110-133. (Edited cases -- 1878 words) C. Anderson, Ronald, Johnson, Deborah G.; Gotterbarn, Donald; Perolle, Judith. "Codes of Professional Ethics" from From: "Using the new ACM Code of Ethics in decision making." CACM 36(2)(Feb, 1993):98-108. [439 words] D. Association of Computing Machinery. 1993. "ACM Code of Ethics and Professional Conduct." Communications of the ACM. 36(2)(Feb.):99-103. [3376 words] E. Wagner, Ina. 1993. "Confronting Ethical Issues of Systems Design in a Web of Social Relationships" was published as "a Web of Fuzzy Problems: Confronting the Ethical Issues." Communications of the ACM 36(4) (June):94-101. F. Dahlbom, Bo and Lars Mathiassen. 1993. "Power in Systems Design." Excerpts from Chapter 9 of Computers in Context. Blackwell Pub Co. G. Clement, Andrew. 1994. "Considering Privacy in the Development of Multi-media Communications." Computer Supported Cooperative Work, 2:67-88. H. Wenk Jr., Edward. 1988. "New Principles for Engineering Ethics" was published as "Roots of Ethics, Wings of Foresight: " BENT of Tau Beta Pi.: 18-23 (6000 words). ------------------------------- VIII. Resource List A. How to contact key organizations: CPSR, Electronic Freedom Foundation, SIGCAS, B. How to get copies of your records from TRW CreditData, the Medical Information Bureau. C. Key Internet resources: comp.risks, comp.society, where to find rsi.faq D. Teaching & supporting materials for C&C2. ------------------------------ From: "Prof. L. P. Levine" Date: 28 Nov 1994 08:46:14 -0600 (CST) Subject: Info on CPD, (unchanged since 11/28/94) Organization: University of Wisconsin-Milwaukee The Computer Privacy Digest is a forum for discussion on the effect of technology on privacy or vice versa. The digest is moderated and gatewayed into the USENET newsgroup comp.society.privacy (Moderated). Submissions should be sent to comp-privacy@uwm.edu and administrative requests to comp-privacy-request@uwm.edu. This digest is a forum with information contributed via Internet eMail. Those who understand the technology also understand the ease of forgery in this very free medium. Statements, therefore, should be taken with a grain of salt and it should be clear that the actual contributor might not be the person whose email address is posted at the top. Any user who openly wishes to post anonymously should inform the moderator at the beginning of the posting. He will comply. If you read this from the comp.society.privacy newsgroup and wish to contribute a message, you should simply post your contribution. As a moderated newsgroup, attempts to post to the group are normally turned into eMail to the submission address below. On the other hand, if you read the digest eMailed to you, you generally need only use the Reply feature of your mailer to contribute. If you do so, it is best to modify the "Subject:" line of your mailing. Contributions generally are acknowledged within 24 hours of submission. An article is printed if it is relevant to the charter of the digest and is not redundant or insulting. If selected, it is printed within two or three days. The moderator reserves the right to delete extraneous quoted material. He may change the subject line of an article in order to make it easier for the reader to follow a discussion. He will not, however, alter or edit or append to the text except for purely technical reasons. A library of back issues is available on ftp.cs.uwm.edu [129.89.9.18]. Login as "ftp" with password identifying yourid@yoursite. The archives are in the directory "pub/comp-privacy". People with gopher capability can most easily access the library at gopher.cs.uwm.edu. Mosaic users will find it at gopher://gopher.cs.uwm.edu. Older archives are also held at ftp.pica.army.mil [129.139.160.133]. ---------------------------------+----------------------------------------- Leonard P. Levine | Moderator of: Computer Privacy Digest Professor of Computer Science | and comp.society.privacy University of Wisconsin-Milwaukee | Post: comp-privacy@uwm.edu Box 784, Milwaukee WI 53201 | Information: comp-privacy-request@uwm.edu | Gopher: gopher.cs.uwm.edu levine@cs.uwm.edu | Mosaic: gopher://gopher.cs.uwm.edu ---------------------------------+----------------------------------------- ------------------------------ End of Computer Privacy Digest V5 #077 ****************************** .