Who is Big Brother?

Before 1949, Big Brother had just one meaning, an older brother. But in 1949, George Orwell coined a different meaning of the term big brother, an all-powerful government or organization monitoring and directing people's actions. On the first page of his book he writes:

"On each landing, opposite the lift-shaft, the poster with the enormous face gazed from the wall. It was one of those pictures which are so contrived that the eyes follow you about when you move. BIG BROTHER IS WATCHING YOU, the caption beneath it ran."¹

This is the political satire novel, "1984" by George Orwell. Probably the most important thing to remember while reading "1984" is that Orwell never intended the book to be a prediction of the future. The book features the main character, Winston Smith, who is a man in his late 30's and a member of the 'outer party' - the lower of the two classes. As the book is beginning, Winston begins to contemplate setting himself against Big Brother and the Party, but of course is reluctant, knowing that even thinking about such a thing could easily result in his death.

The book forecasts what the world could look like under communism. In this world the government controls everything about you, your sounds and actions by "Telescreen", what you see and read through the media, both past and present. The Government goes as far as controlling even your most personal and private possessions – your thoughts!

But 1984 came and went and so did the cold world and any threat of communist rule. Democracy won out and now established in this New World order is the Internet and the great rule in which democracy lies on – "Capitalism". No longer do we have to worry about big brother watching our every step, controlling our every action. We are Free! Or are we…

The New World Order…

"It’s a warm sunny summer afternoon and you are flying down the street on your new personal transportation device, a hydrogen fueled, no-emission scooter. Your cell phone tells you that you have a message. The message is that you are approaching your lunchtime and that you are also approaching a local fast food franchise. They are having a special for the next 50 nano seconds on ChickSoy Nuggets. If you agree (by pressing *67), they will have it ready for you to pick up in 3 minutes and charge it to your personal credit account."

You wonder, "How do they do that?" Well, since you have eaten at this fast food franchise plenty of times before and cash is a thing of the past (oh, you can use cash but there is a service charge of $3.00 for every bill you need printed, never mind the administrative charge incurred when trying to use cash…). The franchise not only knows what you buy, they know what you like and when you like it. Their records indicate that over the past year you have ordered the ChickSoy Nuggets the most AND that you seem to do most of your food purchases between 11:30 am and 12:00 pm AND that you seem to favor discounts over taste, AND that on Tuesday’s you usually only have 45 minutes for lunch from your day job as a Personal Marketing Enthusiast AND that because all Cell Phones come with a GPS device installed, The fast food franchise was not just randomly advertising, the were looking for YOU…

That’s right, It was the capitalists that we should have feared! Instead of poor Winston Smith being tortured and brain washed to love "Big Brother", We are being tortured and brain washed to love what corporations have to offer us! The Corporations are the new Thought Police and they are plugging into every conceivable wire to watch everybody all the time! With every transaction, every movement scrutinized for profit!

Why are companies and corporations doing this? Because they can and because of profit. The United States currently has no global privacy law. Many companies make money on selling personally identifiable information to other companies (ever wonder why you get so many credit card offers?).

This all may sound like fiction, but if you look around it is already happening. Using such things as cookies, logins, and imbedded URLs has done this for some time now.

"Treating those visitors as individuals is the key. Show them what they want and use their personal profiles to figure out what they might want. You'll be able to cross-sell and up-sell like a pro. That's the best way to get those electronic prospects to the finish line."⁸

Also using cash is becoming less and less a necessity. Credit cards and debit cards are used more and more each day. Other things like speed passes to pay for gas, and tollbooth car tags to collect highway tolls are in place. There is also in the works a way of paying for things with your cellular phone.⁷

The site: http://gpsnow.com/gmnt.htm is an example of how you can already buy a cell phone with a global positioning system (GPS) device installed.

New Laws designed to protect privacy

There is hope. Although government does not loom over us as depicted in "1984", government does serve a purpose in policing and regulating how people, companies and corporations interrelate. New laws and regulations are being carved out to help protect individuals privacy. Laws such as HIPPA, COPPA, and GLB are now in place (or very soon) to protect individuals privacy. Listed below is a summary of what these laws are and what areas they target:

HIPPA – Health Information Portability and Accountability Act of 1996

HIPPA’s objective is to assure health insurance coverage after leaving your job by simplifying the administration of the information but also to protect the sensitive information. This law will carry two important rules, a privacy rule and a security rule and if not followed with in the next couple years could mean fines and possible jail time for officers of a company or corporation who do not protect this information.

COPPA - Children's Online Privacy Protection Act of 1998

COPPA’s objective is to assure protection of personally identifiable information about children under the age of 13. This statute can carry civil penalties of up to $11,000 per violation and requires web sites that collect this type of information to: (1) Have a detailed privacy policy; (2) notify parents of this policy; and (3) and in most cases, obtain verifiable consent from parents for collection and use of the individually identifying information. Even though the law pertains mostly to child-oriented sites, you could come under FTC scrutiny if there is anything that on your site that could lure or entice children.

GLB - Gramm-Leach-Bliley Act

GLB, also referred to as the "financial modernization act," places far-reaching restrictions on financial institutions' information management and sharing practices. Consumers must, before certain information is shared, be offered the opportunity direct their financial institution not to share information with most third parties (so called "opt-out"). Moreover, institutions must provide customers with instructions for exercising their right to opt-out.

New Laws being considered this coming year by the 106^th Congress are:³

Terminology note: opt-in means that on entering a web site you are notified of the company’s privacy policy and given the option to continue. Opt-out usually means that you must search for the policy.

Foreign Laws

Most all of the laws listed above are still being worked out or not being enforced. However, any company doing business outside of the US or with in the US and luring European countries have a more immediate concern – The 1998 European Union Directive on Privacy Protection requires companies that gather information on European citizens must adhere to strict levels of privacy protection. Fearing costs and commercial damages, the US balked at becoming apart of this. They did however, enter into a "Safe Harbor" agreement with the European Commission. This agreement states that among other rules, companies that collect personally identifiable information from European citizens must obtain user consent, its use must be limited to the reason collecting the information (it can not be resold), and the data must be destroyed once its use is no longer appropriate.

Although this has not been tested to date companies could face legal battles with the foreign countries as well as U.S. Federal Trade Commission for deceptive trading practices.

Role of the Computer Security Professional

Suddenly the work of the computer security professional has exploded. The job is now taking on more and more responsibility. No longer does the computer security professional just worry about contingency plans and tape backups. The computer security professional needs to be a network administrator, communications specialist, a teacher, private detective, and even a lawyer. The job entails a mixture of technical solutions and administrative procedures. The computer security professional needs to understand the business, understand the law, communicate the technical layout in non-technical terms to business leaders.

As described above, "It’s a warm sunny summer afternoon and you are flying down the street…" your private information is whizzing around at the speed of light to get you lunch just the way you want. But is it the way you want? Or the way the companies servicing you want? What choices do you have? Is exchanging this type of information legal? Is Joe Hacker sitting behind the billboard logging the whole transaction? Who is being sold this information for marketing purposes or another not so obvious purpose? Who is actually cataloging this information and storing the transaction? What if the computer flips a bit^* and suddenly you owe a little more then you thought.

Most all of these new laws are targeted to protect people as they surf the web. The laws also state that web site owners or businesses can safely operate and be in compliance by implementing a safe, sound computer security program. This entails having a security officer or manager who runs a program that includes such things as developing policy, conducting training, and checking the program with documented testing and auditing.

Will these laws work, maybe yes maybe no. It’s a shame that children are welcome to view all the free porn they can find online, but they need to obtain their parents' consent before using some of the fun services offered by Disney, Nickelodeon and other kid-oriented web sites. But companies need to keep abreast of the ever changing online environment and what the next new law is around the corner and how it will effect their web sites. These laws are necessary, because with out them we could have another Ford/Firestone incident where the almighty buck outweighs human life. In this instance the almighty buck outweighs the consumer’s privacy.

And why are people so concerned with privacy? Usually it's because they're afraid that someone with power will misuse data. You're worried your boss will fire you if he finds out what Web sites you're visiting. You lie awake at night wondering whether your insurance company will deny you a new policy when it finds out you have a genetic disorder. And so on.

Privacy involves soft issues of dignity as well—you may feel inhibited in the park about whispering in your lover's ear if you think you can be heard by others—but the most pressing issues deal with the interaction between privacy and the abuse of power. Privacy is no different from other areas where people abuse power, whether it's a city councilor denying a building permit to a citizen who irks her or a lumber tycoon deciding to put thousands of acres of Indonesian rain forest to the torch. In short, you can't get far with privacy unless you're also willing to address abuses of power.

Bibliography

References:

1. Orwell, George. Nineteen Eighty-Four. New York: Harcourt Brace and Company, 1949.

2. Garfinkel, Simson. Database Nation: The Death of Privacy in the 21^st Century. Sebastopol: O’Reilly & Associates, Inc., 2000.

3. Hatlestad, Luc. "Privacy Matters." Red Herring January 16, 2001 (2001): p52.

4. Doug Isenberg. "The Problems with Online Privacy Laws". July 2000. URL:http://www.gigalaw.com/articles/isenberg-2000-07a-p1.html

5. Russel Mokhiber and Robert Weissman. "Prosecuting Corporate Criminals". September 2000. URL:http://www.sfbg.com/focus/100.html

6. Zimmerman, Michael. "Lawmakers Mull over Net Taxes, Online Privacy at Comdex". April 2001. URL: http://www.zdnet.com/zdnn/stories/news/0,4586,2704222,00.html

7. Lisa Nadile. "Call Waiting: A Cell Phone ATM". January 2001.
http://www.wired.com/news/business/0,1367,41023,00.html

8. Jim Sterne. "Customer Interface: Customer-Colored Glasses". October 1997.
http://www.targeting.com/Colored-Glasses.html

Resources

http://epic.org/ ; Electronic Privacy Information Center.

http://www.privacybot.com/ ; Web Site Privacy Policies and Privacy Seal Trustmarks.

Brock N. Meeks. "Privacy Blitz is Coming". April 2001.

http://www.msnbc.com/news/554838.asp

http://www.ftc.gov/ogc/coppa1.htm; Children’s Online Privacy Protection Act of 1998.

http://members.cotse.com/dlf/news/privacy_watch.htm; COTSE Privacy Watch.

http://www.fsround.org/Issue1.html; Key Privacy Provisions in the Gramm-Leach-Bliley Act.

http://www.redherring.com/index.asp?layout=story_generic&doc_id=RH1760015576

member states of the European Union. http://europa.eu.int/abc/eu_members/index_en.htm

Mcdonald’s using cell phone tech for paying. http://www.wired.com/news/business/0,1367,41023,00.html

Sample citation:

Stevens, W. Richard. TCP/IP Illustrated, Volume 1. Reading: Addison Wesley Longman, Inc, 1994. 70 – 71.

The basic rules are:

Author’s last name, author’s first name. Title of book. City of publication: Publisher, date of publication. Page number(s) (if applicable).

Citing Printed Works (Magazine Articles)

Sample citation:

Smith, Randy Franklin. "Effective Access Control for Win2K and NT." Windows 2000 Magazine October 2000 (2000): 65 – 69.

The basic rules are:

Author’s last name, author’s first name. "Title of Article." Title of publication. Volume (year of publication): page numbers

Sample citation:

Hawkins, Iain. "The Clickable Mummy." Akhet Egyptology. 10 May 1997. URL: http://wkweb4.cableiniet.co.uk/iwhawkins/egypt/index.htm (5 Mar. 1998).

The basic rules are:

Author's last name, Author's first name. "Title of Document." Title of complete work (if applicable). Version or file number (if applicable). Document date or date of last revision (if different from access date). Protocol and address, access path or directories (date of access).

For instance, back in 1990 Congressman Tommy Robinson was running for governor of Arkansas. An insurer leaked to the press that Robinson had problems with alcohol. It turned out that the diagnosis was in error but the damage had been done. Congressman Robinson ended up losing and he attributed the loss in part to this. It turns out that this could have had a national impact, because the person who won the race for governor was Bill Clinton.

Companies like, doubleclick and akamai are logging information about you. Partnering with search engines like altavista, these companies can collect staggering amounts of information (and what’s scary, surprisingly accurate) all about you and store it away for later. Later is when these companies partner with companies like iwon.com and get you to register your name and email address. All that anonymous web surfing you have been doing, information was being collected about that anonymous person, now they got a name -YOU! Ever wonder where iwon gets all this money for all those prizes they reward?!…

http://www.privacy.net/

All this has become common place on the internet. But just because it has become common doesn’t make it less troubling. Aldous Huxley’s "Brave New World" book drives home one major point – the public would accept a totalitarian intrusion as a part of normal life. The book goes further to actually say that living under this watchful state is actually good for them.

We are fast approaching this state where we are inured to cameras recording us when entering banks and stores, or having to divulge personal information over the phone to get service or to a hospital administrator prior to receiving care. All that data, collected from the most disparate sources, is then recycled into recognizable clumps of information, slices of you, to be devoured by others. I think Scott McNealy, CEO of Sun Microsystems best says how companies really feel about consumer privacy. "You already have zero privacy. Get over it".

http://www.hamiltonspectator.com/reports/355538.html

http://www.privacy.net/track/

example of how cookies work to track aggregate data.

http://www.wired.com/news/business/0,1367,42778,00.html

EBay has changed its privacy policy. The new version, effective May 15, will allow the online auction company to share its database of user information with a new owner if the company is bought.

to top of page | to Privacy Issues | to Reading Room Home