PRIVACY IN E-PUB: SMOKE AND MIRRORS
Judith Axler Turner
The Journal of Electronic Publishing
 
What is the difference between America Online and the Internal Revenue Service, Lloyds of London, and L.L. Bean?

Only AOL tells you upfront and in great detail how it protects your privacy. (See the AOL Privacy Statement at <http://legal.web.aol.com/policy/aolpol/privpol.html> AOL says, among other things, "We do not give out your telephone number, credit card information or screen names, unless you authorize us to do so."

That's reassuring, but why is it necessary, especially since we don't ask for such assurances from other institutions, some of which get far more personal information about us. Where is the IRS's privacy statement? Does L.L. Bean tell us the kind of safeguards it has on its 800 number to protect us when we give our credit-card number over the phone? And what about those insurance companies? Earlier this year we changed our household insurance to a new company, and that company sent out its monthly newsletter listing my husband and me among its new customers. Moreover, the company managers couldn't understand why we objected!

The issue online is partially the relative ease with which someone can invade privacy: A snoop can find all sorts of information about us while sitting at a desk, sipping a latte, using just a computer and a modem. No more breaking into dozens of offices around the country in the dead of night, eluding night watchmen, and focusing a pencil-ray flashlight on a hastily grabbed file, then taking a picture with a tiny half-frame Minox camera. And an unscrupulous person, seeking to amass a file of potential suckers, can get current information quickly and far more accurately than by random phone calls to see who bites.

But the same technology that makes invasions easy also helps prevent them. Do you remember how long it used to take to change your address on magazine subscriptions? Or remember trying to track down your file when you had a case in a civil court? Now many businesses let you update your information online. Or they put their hands on it electronically when you phone in to find out your status.

The real issue is not technology. Any problem technology creates, technology can solve.

The real problem is the feeling of security, the belief in privacy. And that is the reason for all those laws and regulations that are being proposed (and, especially here in the E.U.), enacted. People are asking their governments to guarantee their privacy by imposing sanctions, some of them criminal sanctions, on companies that don't protect them.

Interestingly, most of the laws and regulations are less onerous than they seem at first. The general rule is No Surprises. If you want information from me, you have to tell me how you are going to use it, and then you have to keep your word.

Unfortunately, in this Information Society, many companies are guilty of hoarding whatever information they can get, in the belief that some day it will become valuable. They are like the misers of legend who, once they collect their gold, bury it in secret vaults to which only they have access so that the tax collectors, the charity collectors, and their relatives can't tell them how to spend it. And like those misers, the information hoarders (and many of us are in this group) don't even use the information. It's just nice to know it's there in case you find a good use for it.

So my message today is:
Give it up! Stop insisting that you need control of all the information you collect. Tell people in advance what you're going to do with the information, and then do only that.

At JEP we collect information about our subscribers. We ask them their names and e-mail addresses, we ask them where they work and what they do. We even ask them to tell us their favorite ice-cream flavors, although that information is not required. We also collect information that people don't volunteer, like what domain they are from, and what time they visit us. That information is collected automatically.

And here's what we tell them we will do with all that information -- and note that we have included in our explanation the fact that we collect information they don't offer, and we explain what we can and will do with that information, too.
 

WHAT WE COLLECT AND WHAT WE DO WITH IT
If you visit our Web site but do not subscribe or send us e-mail, we will not have enough information to contact you. We collect no e-mail addresses, only the domain names (the letters that follow the @ sign in your e-mail address) of visitors to our Web site. We tally what pages visitors visit, but do not trace the path of individual visitors. The information that we collect from readers is used only to improve the content of our site.

If you visit our Web site and send us e-mail, we will try to respond to your comment or question. If you write a letter to the editor, and it is published, your e-mail address will be posted unless otherwise requested. An e-mail address received that way will not be used for our own promotional purposes or shared with other organizations.

If you visit our Web site and subscribe (it's free!), we will send you a notice of each new issue when it appears. We will not sell or share our subscription list with other organizations. If you have subscribed and wish to unsubscribe, please contact us.

If you have questions or concerns about the online privacy policy of The Journal of Electronic Publishing, please contact us. E-mail: jep-info@umich.edu

Note that there is no fax number or postal address. That is intentional. This is, after all, the Journal of Electronic Publishing.

Privacy has to do with information about an individual, not aggregate information. By making that distinction, we can reassure people about privacy. It would be interesting to know that 72 people rented "Debbie Does Dallas," in the last six months. It is embarrassing to be identified as one of them. Laws and rules aside, it's an issue of trust. No matter what we think of the Internal Revenue Service (especially around April 15), we trust that it will protect our information. We don't insist on knowing what kind of encryption the IRS has on its computers, or whether they have a firewall between our tax return and prying eyes.

To keep the trust that we, as publishers in the scholarly environment have built, we need to reassure our subscribers, authors, and readers as we move into new technologies. And we can reassure them by letting them know "what" we collect, what we "do" with it, and what rights they have.

We need to face up to the issues, and answer the questions before they are asked.

• Do we keep a log of every search they do? Every article they call up?
• Do we keep track of what sites they visited before they came to us, or what sites they go to?
• Do we coordinate our subscriber data with their domains or e-mail so that we will know what they saw or said, and when?
• If we have personal information, how do we protect it?
• What procedures are there for correcting errors in our records?
• Do we use cookies, and if so why, and what do we do with the information?
• Do we make the names of members of our listservs available, and if so to whom?
• How long do we archive Web conferences and newsgroups?
• How do we protect the collection of information such as credit card numbers?

Most important, we need to use the technology to reassure our users. We can do simple things like not showing passwords or credit-card numbers typed on the screen (although the tradeoff is multiple mistakes by people who don't type well). We can have a "secure" section of our Web sites that require browsers that can accept the security. We can encrypt our transactions (although not yet internationally -- a subject of another workshop).

The U.S.General Services Administration has the following suggestions about privacy on Websites that we, as publishers, can adopt:

1. Place a high priority on protecting the public's privacy at web sites.
2. Stay up-to-date on the impact changes in web site technology have on privacy.
3. Notify the public using an appropriate privacy notice whenever you are collecting data on the Internet.
4. Use information only for the purpose for which it was gathered as disclosed in the privacy notice.
5. Protect privacy for all forms of data (text, graphics, sound and video).
6. Information obtained to conduct system administration functions must still be protected.