Internet Privacy: Who Makes the Rules

Yale Journal of Law and Technology, Sep 2017

Richard M. Smith, Chief Technology Officer of the Privacy Foundation, discusses the ways emerging technology infringes consumer privacy on the Internet. He believes the widespread use of cookies and the growing use of online profiling by companies like DoubleClick create serious privacy problems for people who use the Internet. The solution lies in combining the efforts of programmers, who can find ways to eliminate these profiling mechanisms online, and of lawyers, who can structure legal rules to proscribe information misuse.

Article PDF cannot be displayed. You can download it here:

https://digitalcommons.law.yale.edu/cgi/viewcontent.cgi?article=1004&context=yjolt

Internet Privacy: Who Makes the Rules

Yale Journal of Law and Technology Volume 3 | Issue 1 Article 5 2001 Internet Privacy: Who Makes the Rules Richard M. Smith Follow this and additional works at: https://digitalcommons.law.yale.edu/yjolt Part of the Computer Law Commons, Intellectual Property Law Commons, and the Science and Technology Law Commons Recommended Citation Richard M. Smith, Internet Privacy: Who Makes the Rules, 3 Yale J.L. & Tech (2001). Available at: https://digitalcommons.law.yale.edu/yjolt/vol3/iss1/5 This Article is brought to you for free and open access by Yale Law School Legal Scholarship Repository. It has been accepted for inclusion in Yale Journal of Law and Technology by an authorized editor of Yale Law School Legal Scholarship Repository. For more information, please contact . Smith: Internet Privacy: Who Makes the Rules Note: The following piece dates from 2000-01, at which time the publication was known as the Yale Symposium on Law and Technology. Page numbering, editorial style, and citation format may differ from that of the Yale Journal of Law and Technology. Internet Privacy: Who Makes the Rules t Richard M. Smith* Abstract: Richard M. Smith, Chief Technology Officer of the Privacy Foundation, discusses the ways emerging technology infringes consumer privacy on the Internet. He believes the widespread use of cookies and the growing use of online profiling by companies like DoubleClick create serious privacy problems for people who use the Internet. The solution lies in combining the efforts of programmers, who can find ways to eliminate these profiling mechanisms online, and of lawyers, who can structure legal rules to proscribe information misuse. Cite as: 4 YALE SYMP. L. & TECH. 2 (2001) I. INTRODUCTION 1 In my talk today, I would like to introduce some of the privacy concerns currently making news on the Internet. I will first look at who the players in the field are. I will explore the roles, sometimes competing and sometimes complementary, of lawmakers and programmers in resolving privacy issues. Second, I would like to show how the unique environment of the Internet has driven the development of privacy issues, notably online profiling, mostly through enabling technologies. Third, in an effort to help make some of these issues more tangible, I will discuss the role of DoubleClick, both as a source of trouble and as a would-be solver of problems. Finally, given the trajectory of development as it exists today, I will explore some possible developments in the near future of online profiling. II. WHO ARE THE PLAYERS? 2 Last September, I took a sabbatical from my company and, as sort of a full-time avocation, began looking into this issue of how companies spy. I t Edited transcript of remarks delivered to the Yale Law and Technology Society on September 12, 2000. : Chief Technology Officer of the Privacy Foundation Published by Yale Law School Legal Scholarship Repository, 2001 1 Yale Journal of Law and Technology, Vol. 3 [2001], Iss. 1, Art. 5 have come up with a lot of interesting stories. One of the things that has happened since I got involved with this is that I have met a lot of media folks, because they're interested in this issue. Since early 1999, there has been a lot of press attention on the issue of Internet privacy. I also happened to meet a lot of lawyers since many of them have taken an interest in this issue. 3 In my previous life, my dealings with lawyers were limited mostly to contracts (you get into a lot of licensing agreements running a software business). Now, with my new hobby, I have discovered a new aspect of things. This is what I want to talk about today. The title of my talk is "Privacy: Who Gets to Make the Rules, The Programmers or the Lawyers?" I chose that title because over the last year, I have come to realize while talking with lawyers that programmers think they get to make the rules since they create the products. One of the games programmers play when they create the products is that they create their own little world by making and determining the rules of that world. Then, there are the lawyers who actually make the laws. If you go to a legislative body, you will meet a lot of lawyers who are in the business of making rules. For example, at the Federal Trade Commission (FTC) the people there are all lawyers too (or at least they all seem to be lawyers) and they are in the business of making rules. I have also talked to what I usually call ambulance chasers (but they call themselves class action lawyers) who like to make rules by setting precedents. Last but not least, I have chatted with a number of state attorney generals' offices where they like to make rules too about Internet privacy issues. 4 This creates an interesting situation in which programmers (my own background) have built software systems and really have not interacted with lawyers. If we go back five or six years, most programmers were limited to worrying about copy infringement. They did not want to steal code too well, if you will, from somebody else and get into copyright issues. Even six or seven years ago there was not a lot of patent activity; there was some activity on software patents, but not a lot like there is today on the Internet. The marketing department was always in charge of naming the product, so programmers did not have to deal with trademarks either. 5 Things are changing with the Internet. Lawyers and programmers are going to have to communicate with each other. Ten years ago, most computers stood alone. The limit of connectivity was the local area network within the building with a file server and e-mail before Netscape and web browsing became big. Once all of these computers connected to the Internet and communicated with each other, things became a lot more interesting. https://digitalcommons.law.yale.edu/yjolt/vol3/iss1/5 2 Smith: Internet Privacy: Who Makes the Rules 6 I have been examining the tension that resulted when programmers began building interesting computer systems that work on the Internet and people did not like what they saw. They said, "Wait a minute, there is a little bit too much surveillance or tracking, or spying going on here." The types of lawyers I described earlier started to get wind of this and said, "Wait a minute, those are the issues that we worry about." The essence of the conflict resulted in this manner. 7 When we talk to programmers about these issues, they say, "Well, that is inevitable, that is the way the technology works, there is nothing we can do about it." It is like a car manufacturer saying, "All cars have to pollute and all cars have to be dangerous on the road." This the wrong answer, but it is given a lot. What the programmers are really saying is, "We do not consider things like privacy, or security, or liability important enough to worry about. If we did, if we found them interesting, then we would be saying something different." A lot of programmers leave the issue of privacy (...truncated)


This is a preview of a remote PDF: https://digitalcommons.law.yale.edu/cgi/viewcontent.cgi?article=1004&context=yjolt
Article home page: https://digitalcommons.law.yale.edu/yjolt/vol3/iss1/5

Richard M Smith. Internet Privacy: Who Makes the Rules, Yale Journal of Law and Technology, 2018, Volume 3, Issue 1,