This is one of the lost chapters from my last book, "Invasion of Privacy”. The publisher deemed it too controversial to publish.


The Politics of Privacy
This era, “the information age”, is an accident of history, a perfect storm in which the future rear-ended the present. It was quite a fender-bender! Do you remember our fixation with the Y2K bug, all the news coverage and dire predictions and money down the drain? We took our eye off the ball! It wasn’t the end of the world, after all. It was one of the great miscalculations or hoaxes of our time! The cynic in me saw Y2K as a vehicle for the technology industry to sell yet another unnecessary incremental upgrade. I was not alone in my skepticism that the Y2K bug was mostly sales hype. The money wasted might have been spent securing the Web and upgrading the FBI’s antiquated technology infrastructure but the opportunity was wasted on Millennium madness. The credibility of the entire technology industry suffered when it became apparent that the Y2K bug was much ado about nothing.

Privacy is governed by the law, and our laws have not kept pace with technology! Events such as The Stock Market crash, the emergence of convergence, and 9-11, complicate matters. We lost more than our innocence on that tragic day when the Twin Towers collapsed in a plume of blood and dust. We lost civil liberties long since taken for granted and the freedom that America stands for! I’m referring to the passage of THE U.S.A. PATRIOT Act enacted by President Bush on October 26, 2001, which is based on the erroneous supposition that America’s national security must come at the expense of the civil liberties of its citizens. According to Laura W. Murphy, Director of the ACLU's Washington National Office, "The USA Patriot Act gives law enforcement agencies, nationwide, extraordinary new powers unchecked by meaningful judicial review."

Gregory T. Nojeim, the ACLU’s Associate Director adds, "For immigrants the law is a dramatic setback that gives the government the authority to detain - indefinitely in some cases - non-citizens who are not terrorists on the basis of vague allegations of a risk to national security." Among the USA Patriot Act's most troubling provisions, the ACLU cites:

• Indefinite detention of non-citizens who are not terrorists, on minor visa violations.
• Minimized judicial supervision of federal telephone and Internet surveillance by law enforcement.
• Expanded government capability to conduct secret searches.
• The power of the Attorney General and the Secretary of State to designate domestic groups as terrorist organizations and deport any non-citizen who belongs to them.
• Grants the FBI broad access to sensitive business records about individuals without having to show evidence of a crime.
• Large-scale investigations of American citizens for "intelligence" purposes.

The wiretapping and surveillance provisions in the USA Patriot Act minimizes the ability of a judge to ensure that law enforcement conducts legal wiretaps with the proper justification, and permits the government to by-pass criminal procedures that would normally protect our privacy. In addition, the USA Patriot Act dramatically expands the use of secret searches. Normally, a person is notified when law enforcement conducts a search. In some cases regarding searches for electronic information, law enforcement authorities can now get court permission to delay notification of the search. The USA Patriot Act extends the authority of the government to request "secret searches" to every criminal case. This vast expansion of power goes far beyond anything necessary to conduct terrorism investigations.

The Patriot Act also allows for the broad sharing of sensitive information in criminal cases with intelligence agencies, including the CIA, the NSA, the INS and the Secret Service. It also permits sharing of sensitive grand jury and wiretap information without judicial review or any safeguards regarding the future use or dissemination of such information. These information sharing authorizations and mandates effectively put the CIA back in the business of spying on Americans! Once the CIA makes clear the kind of information it seeks, law enforcement agencies can use tools like wiretaps and intelligence searches to provide data to the CIA. In fact, the law specifically gives the Director of Central Intelligence - who heads the CIA -- the power to identify domestic intelligence requirements. The fine print reads like George Orwell wrote it, not George Bush.

The USA Patriot Act allows the government to use its intelligence gathering power to circumvent the standard that must be met for criminal wiretaps. Surveillance under FISA, the Foreign Intelligence Security Act, does not contain many of the checks and balances that govern criminal wiretaps, and can be used only when foreign intelligence gathering is the primary purpose. The new law allows use of FISA surveillance even if the primary purpose is a criminal investigation. Intelligence surveillance merely needs to be only a "significant" purpose. This provision authorizes unconstitutional physical searches and wiretaps. Although it is searching primarily for evidence of crime, law enforcement can conduct a search without probable cause of a crime.

The USA Patriot Act extends a very low threshold of proof for access to Internet communications that are far more revealing than numbers dialed on a phone. Under current law, a law enforcement agent can get a pen register or trap and trace order requiring the telephone company to reveal the numbers dialed to and from a particular phone. To get such an order, law enforcement must simply certify to a judge - who must grant the order -- that the information to be obtained is "relevant to an ongoing criminal investigation." This is a very low level of proof, far less than probable cause. This provision apparently applies to law enforcement efforts to determine what websites a person had visited, which is like giving law enforcement the power - based only on its own certification -- to require the librarian to report on the books you had perused while visiting the public library. This provision extends a low standard of proof - far less than probable cause -- to actual "content" information.

In allowing for "nationwide service" of pen register and trap and trace orders, the Patriot Act further marginalizes the role of the judiciary. It authorizes what would be the equivalent of a blank warrant in the physical world: the court issues the order, and the law enforcement agent fills in the places to be searched. This is not consistent with the important Fourth Amendment privacy protection of requiring that warrants specify the place to be searched. Under this legislation, a judge is unable to meaningfully monitor the extent to which her order was being used to access information about Internet communications.

The USA Patriot Act grants the FBI broad access in "intelligence" investigations to records about a person maintained by a business. The FBI need only certify to a court that it is conducting an intelligence investigation and that the records it seeks may be relevant. With this new power, the FBI can force a business to turn over a person's educational, medical, financial, mental health and travel records based on a very low standard of proof and without meaningful judicial oversight.

The USA Patriot Act expands the trend of government access to personal financial information. While the need is real to shut down the financial resources of terrorists, the USA Patriot Act goes beyond its stated goal of combating international terrorism by prying into innocent consumer transactions.

The USA Patriot Act enables law enforcement to cast an even broader net for student information without any particularized suspicion of wrongdoing. When the changes in federal law dealing with the privacy of student records is combined with other information-sharing provisions contained in the new law, it becomes clear that highly personal student information will be transmitted to federal agencies in ways likely to invade the innocent students' privacy.

Particularly troubling, the USA Patriot Act is absolutely unnecessary! Laws were already in place before 9-11 that could have prevented the World Trade Center attack. We now know it was human error, bureaucratic bungling, and antiquated technology, not the law, which hampered authorities from protecting our American shores from terrorism. In his best-selling book, "THE BUREAU - THE SECRET HISTORY OF THE FBI", Ronald Kessler finds that FBI director Louis J. Freeh "almost destroyed the Bureau through colossal mismanagement, borne of sheer donkey-like stubbornness and arrogance." Kessler portrays an FBI that failed to grasp the importance of computer-assisted intelligence gathering during the height of the technology boom.

According to Kessler, “When Louis Freeh first took office in 1993, the first thing he did was get rid of the computer in his office. He didn't use e-mail. That tells you a lot about why the FBI's computers today are so primitive that they are 386 and 486 machines that no one would take even as a donation to a church. Freeh thought he knew all the answers, didn't listen to advice, and that is why the FBI's computers are such a scandal.”

Kessler reassuring concludes, "With the appointment of Robert Mueller, the FBI's eleventh director, the Bureau appears to be in good hands. The FBI has stopped terrorist plots in the past (some 40 in all), including the al-Qa'eda plot to blow up the tunnels around Manhattan. So the FBI isn't totally broken. But the FBI needs to learn to analyze a vast quantity of information and look for clues. Bob Mueller, the new FBI director, is creating analysis functions that will take care of that.”

Kessler, a former FBI agent himself, believes the Bureau’s human resources -- not its legal scope -- requires expansion. In an online chat hosted by USA Today in June 2002 Kessler stated, “It's easy to forget what happened on September 11 and to put out of one's mind the very real possibility that al-Qa'eda could unleash biological or nuclear weapons that could kill millions of people. I think any amount of money is worth it. The FBI budget of $4 billion is equal to perhaps two Stealth bombers.

Their agents of 11,500 compare to 40,000 officers in New York City. I think the FBI could be doubled in size, and we'd be a lot safer.” He thoughtfully added, “The reason I think the FBI should be doubled in size, is so that the Bureau can not only devote far more agents to counter-terrorism, but also to increase the focus on organized crime, white collar crime, espionage, political corruption, and violent crime.”

From J. Edgar Hoover to Louis Freeh, “The Bureau” provides a proverbial timeline of historic FBI blunders. First, there was the standoff at Ruby Ridge in which the FBI killed the suspect's wife, who was holding a baby, and their 14-year old son. Then, the FBI was involved in the fiery siege at Waco that killed 80 Branch Davidians, including many children. A U.S. special prosecutor found the FBI wasn't to blame, but it tarnished the Bureau's reputation and image all the same. Timothy McVeigh admitted that he planned the Oklahoma City bombing in retaliation for the Branch Davidian siege. The FBI then withheld evidence from defense attorneys in the Oklahoma City bombing case jeopardizing the government’s own case.

Then the FBI fingered the wrong man, Richard Jewell, for the Atlanta Olympic bombing. When they finally fessed-up and charged Eric Robert Rudolph with the fatal bombings at Centennial Olympic Park in downtown Atlanta, in addition to the bombing of an abortion clinic in Birmingham, Alabama, in which a police officer was killed and a nurse critically wounded, the double bombings at the Sandy Springs professional building north of Atlanta, and the double bombings at a Lounge in midtown Atlanta, the
FBI sent a posse into the woods to capture Rudolph but never could find him.

Due largely to hubris, the FBI refrained from administering polygraph exams to its own agents or doing periodic background investigations. As a result, Robert Hanssen, who had access to America’s top secrets, betrayed his country and the Bureau for fifteen years. Spurred by allegations from Frederic Whitehurst, an FBI lab chemist, the Bureau's lab came under scrutiny. Justice Inspector General Michael Bromwich investigated the facility for 18 month and subsequently blasted the FBI facility for flawed scientific work and inaccurate, pro-prosecution testimony in major cases, including the Oklahoma City bombing.

An FBI agent admitted giving false testimony against Wen Ho Lee, who was accused of passing nuclear secrets to China. Lee, a former Los Alamos scientist indicted on 59 criminal counts of mishandling nuclear weapons secrets, spent nine months in solitary confinement in a New Mexico jail. Lee was eventually released after 58 out of the 59 counts were dropped!

Finally, if there’s any doubt that J. Edgar Hoover kept secret files on celebrities and politicians obtained from illegal break-ins and wiretaps, which he then used for blackmail and to keep them in line, Kessler provides ample proof. Those files kept Hoover in office 48 years! Kessler views the Bureau as an agency comprised of mostly intelligent and dedicated employees plagued by a history of disastrous management. In my opinion the FBI in action bears a more striking resemblance to Jimmy Breslin’s
“The Gang That Couldn’t Shoot Straight!” The question that lingers is this.

DOES THE FBI REQUIRE THE UNCHECKED JUDICIAL AUTHORITY THE “USA PATRIOT ACT” UNLEASHES TO FIGHT TERRORISM OR DOES THE BUREAU SIMPLY NEED TO GET ITS OWN ACT TOGETHER?

If the FBI’s bungling of the recent anthrax investigation is any indication, they haven’t mended their ways. Heavy-handed tactics remain the Bureau’s forte. Didn’t they learn anything from Richard Jewell or Wen Ho Lee? Without a shred of physical evidence linking Dr. Steven J. Hatfill – who has forcefully proclaimed his innocence -- to the anthrax attacks, the FBI is still unwilling to clear him. I don’t know whether Hatfill is innocent or not. He certainly didn’t look guilty to me when I watched him face down the media, tearfully declare his innocence, and blast the FBI and Attorney General John Ashcroft for ruining his life. The FBI seems incapable of learning from its own mistakes! Even if the USA Patriot Act were necessary, which I doubt, I question whether the FBI is trustworthy of its newfound authority.

This is only a hypothesis. If the FBI had been using Google’s patented search technology instead of whatever database it was using, Google might have prevented 9-11! Think about it. Could a July memo by an FBI agent in the Phoenix field office “about Middle Eastern men possibly connected to Osama bin Laden taking flight lessons” have been linked by Google’s sophisticated search algorithm to the August arrest of Zacarias Moussaoui in Minnesota? In a stinging rebuke to FBI Director Robert Mueller, FBI attorney Coleen Rowley accused FBI headquarters of hampering field agents from fully investigating Moussaoui, the man officials now believe intended to be the 20th hijacker. Could Google have prevented 9-11? I posed this question to Google and to Ronald Kessler, the author of “The Bureau”.

Ron Kessler’s response... "Yes, absolutely. The FBI's computer technology is a joke, and all this info should have been brought together and analyzed. The FBI is now putting old info in a sophisticated data mining system. My point was only that doing that, while necessary to prevent the next attack, connecting the dots would not have prevented 9/11 because the information was not there. If the FBI had properly assimilated and analyzed the existing info, it might have started more aggressive investigations that could conceivably have uncovered something. We'll never know."

THE DEATH OF PRIVACY
“You have zero privacy. Get over it!” quipped Scott McNealy, the CEO of Sun Microsystems, in 1999. The debate over the death of privacy is nothing new. Compare these quotes from two essays bearing the name, “The Death Of Privacy”, which span the centuries.

“Recent inventions and business methods call attention to the next step which must be taken for the protection of the person, and for securing to the individual the right to be let alone. Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life and numerous mechanical devices threaten to make good the prediction that… “What is whispered in the closet shall be proclaimed from the housetops.”

The legal titans of their day, Louis D. Brandeis and Samuel D. Warren, wrote that in their famous essay, “The Death of Privacy”, which appeared in The Harvard Law Review in December 1890. Over a century later, in May 2000, A. Michael Froomkin, a technology expert, law professor, and privacy advocate, published this counterpart to the oft-quoted Warren and Brandeis essay in the Stanford Law Review. It’s called “The Death of Privacy?” (ending with a question mark) and the similarity between the titles -- and the question mark -- are no coincidence.

“Information, as we all know, is power. Both collecting and collating personal information are means of acquiring power, usually at the expense of the data subject. Whether this is desirable depends upon who the viewer and subject are and who is weighing the balance. A data subject has significantly less control over personal data once information is in a database. The easiest way to control databases, therefore, is to keep information to oneself: If information never gets collected in the first place, database issues need never arise.

The rapid deployment of privacy-destroying technologies by governments and businesses threatens to make informational privacy obsolete. These include: routine collection of transactional data, growing automated surveillance in public places, deployment of facial recognition technology and other biometrics, cell phone tracking, vehicle tracking, satellite monitoring, workplace surveillance, Internet tracking from cookies to “clicktrails,” hardware-based identifiers, intellectual property protecting “snitchware,” and sense-enhanced searches that allow observers to see through everything from walls to clothes.

The cumulative and reinforcing effect of these technologies may make modern life completely visible and permeable to observers; there could be nowhere to hide. Privacy-destroying technologies can be divided into two categories: those that facilitate the acquisition of raw data and those that allow one to process and collate that data in interesting ways. Although both real and useful, the distinction can be overstated because improvements in information processing also make new forms of data collection possible.

Cheap computation makes it easy to collect and process data on the keystrokes per minute of clerks, secretaries, and even executives. It also makes it possible to monitor their web browsing habits. Cheap data storage and computation also makes it possible to mine the flood of new data, creating new information by the clever organization of existing data.

Privacy encompasses much more than just control over a data trail, or even a set of data. It encompasses ideas of bodily and social autonomy, of self-determination, and of the ability to create zones of intimacy and inclusion that define and shape our relationships with each other.”

Froomkin’s arguments are far more eloquent than mine so I encourage you to visit the Stanford Law Review Web site at the link above and read his entire essay. Froomkin ends the title of his homage to Brandeis and Warren with a question mark because he believes – as do I – that a vigilant mindset and point-and-click technological countermeasures will stem the technological tide threatening our privacy until new laws are enacted that protect us.

Froomkin concludes.“All is not yet lost. While there may be no single tactic that suffices to preserve the status quo, much less regain lost privacy, a smorgasbord of creative technical and legal approaches could make a meaningful stand against what otherwise seems inevitable.”

POLITICS AND PRIVACY
Two things stand in the way of stricter privacy laws: politicians and lobbyists! Last year Senator Ernest "Fritz" Hollings sponsored sweeping privacy legislation that would have put the “opt-in” shoe on the other foot. S. 2201 --The Online Personal Privacy Act of 2002 – as proposed, would have opted-out an individual, by default, when entering into any Privacy Agreement. Hollings didn’t mince words when expressing his rational for The Online Personal Privacy Act, either.

“How can we trust companies with our personal information when their every economic incentive is to collect, compile, enhance, target and disseminate it for profit? It is like letting the fox guard the henhouse. Our bill grants consumers, not companies, control over their personal information on the Internet. And our opt-in component is the only method for ensuring that Internet users have the ultimate control in deciding where and for what their personal information is used. Public concerns over Internet privacy are the largest obstacles to individual users' true confidence in the Internet. Establishing good privacy protection is ultimately good business.”

Hollings was right on the money! His bill would have contemporaneously addressed evolving technology, which is exactly what good legislation should do. Had S. 2001 passed, as proposed, it would have been the biggest boon to consumer privacy in the history of congress! Unfortunately, Hollings’ bill didn’t pass as proposed because other senators, Bob Kerrey and Conrad Burns among them, cut Hollings off at the pass. Burns and Kerrey proposed competing legislation that persisted in “letting the fox guard the henhouse” and by the time S. 2001 did pass it was a watered-down compromise that lulled consumers into a false sense of security. As enacted, “The Online Personal Privacy Act of 2002” is the diametrical opposite of what Hollings originally proposed. It offers little, if any, real protection.

S. 2201 does extend privileged status to “sensitive personal information” defined as “financial, medical, Social Security, ethnicity, religion, sexual orientation, and political affiliation”.

“OPT-IN” CONSENT FOR “SENSITIVE” PERSONALLY IDENTIFIABLE INFORMATION: Internet companies must obtain affirmative consent from the consumer (Opt-in) before collecting and using or disclosing “sensitive” personally identifiable information.

Everything else is considered “non-sensitive personal information” and may be used for marketing purposes. In other words, it’s open season for corporate America to spy on, traffic in and profit from our personal information!

ROBUST NOTICE AND OPT-OUT FOR “NON-SENSITIVE” PERSONALLY IDENTIFIABLE INFORMATION: Internet companies must provide individuals ‘robust notice’ and provide opportunity to “opt-out” prior to collection and use or disclosure of “non-sensitive personally identifiable information”. Such notice must only be provided initially, at first collection of “non-sensitive” personally identifiable information.

“Robust Notice” by any other name is a USER AGREEMENT and the “opportunity to opt-out” is a PRIVACY AGREEMENT. Your “non-sensitive personally identifiable information” is virtually the story of your life! The names of you, your wife, children, pets, your address, phone numbers, vehicles, charge accounts, where your kids attend school, their ages, your buying patterns, employer, occupation, personal habits, favorites websites, email address, and that’s just the salt on the peanut. The techniques and technology used to harvest your confidential information could fill a book, and will be examined in detail throughout this one. Don’t be fooled into thinking this clause applies strictly to the Internet. The same law applies also to User and Privacy Agreements entered into with CONTRACTORS in the retail sector, covered on page _ in chapter 3.

PERMANENCE OF CONSENT: A user’s consent or denial of consent to information practices shall remain in effect until changed by the user, and applies to successor entities to the provider or operator that originally collected the information.

This means if you don’t take the time and effort to opt out early, anyone can collect virtually everything there is to know about you and use it in myriad exploitive and commercial manners not governed under the law. It also means that your information is out there in perpetuity and “successor entities” of the information seller can use your information in ways not governed under your original Privacy Agreement.