Ignoring Real Privacy Problems
Guess Who Is the Most Egregious Violator of Your Privacy?
DECEMBER 01, 2000 by JAMES PLUMMER
James Plummer is a policy analyst with Consumer Alert, a nonpartisan market-oriented consumer group based in Washington, D.C.
The folks who make up the behemoth known as the federal government have been fretting about privacy, especially Privacy in the Information Age. Proposed commissions, innumerable conferences, and government reports hype the “danger” posed by online booksellers’ keeping a list of your favorite authors or your insurance company’s knowing if you’re sick.
All this fretting serves as so much smoke and mirrors for the very real violations of personal privacy perpetrated by the ever-growing state. Let’s take a quick look at ten issues that many self-proclaimed privacy advocates seem to dismiss as less egregious than amazon.com having the gall to recommend I buy a Bill Hicks CD.
1. Federal Web sites. The hypocrisy is perhaps most clearly evident in the privacy practices of government agencies. The Federal Trade Commission (FTC) is pressuring private e-commerce companies to follow stringent rules regarding the collection and use of consumer information. The FTC is seeking to codify their “rules” regarding whom businesses can sell or give the information to, and whether consumers can opt in or out of the information-gathering.
It turns out that only 3 percent of government agency Web sites audited by the General Accounting Office follow those FTC recommendations—and even the FTC was among the 97 percent of violators. Government Web sites apparently swap sensitive information on citizens like last month’s Pokémon cards. As House Majority Leader Dick Armey asked, “Which worries you more: the IRS disclosing your personal financial information, or Gap.com knowing how many pairs of jeans you’ve bought this year?”
2. Mailboxes. Individuals who don’t have too-permanent addresses find post office boxes a convenient way to receive mail. Those seeking a bit more privacy have found that private mailboxes, such as the ones available at Mail Boxes Etc., afford even more protection. But in late 1999, the U.S. Postal Service required that anyone wishing to open a new private mailbox supply his home address and two forms of identification. Groups including the National Coalition Against Domestic Violence have decried the new requirements, since it makes it that much harder for people to keep their whereabouts unknown from potential stalkers—not to mention government snoops. The Postal Service has so far refused to back down in the face of these protests.
3. Brady Law databases. When the Brady Act was passed, one of its key provisions was that background checks on gun buyers would eventually be instant and that federal authorities must immediately “destroy all records” created by the National Instant Criminal Background Check System (NICS). This was to assure that the federal government would not create a national database of firearms owners. But the FBI decided once again that the letter of the law was but mere suggestion. The bureau announced it would be saving records of gun sales for at least six months, ostensibly as an “audit record” to keep track of how well the background check system is working. (A National Rifle Association challenge to the FBI lost in the first court round, but an appeal is pending.)
In a related matter, the Veterans Benefits Administration has turned over 90,000 names to the FBI for inclusion in the NICS “no sale” list. The names are those of veterans, not convicted felons, whose supposedly private medical records included an administrative finding that they were “mentally incompetent.” Besides veterans afflicted with post-traumatic stress (a diagnosis on a written questionnaire), the list also includes “incompetent surviving spouses, adult helpless children and dependent parents” of vets.
4. Know Your Customer. If at first you don’t succeed, snoop, snoop again. That seems to be the government’s motto as Treasury et al. have tried to sneak through the backdoor of Congress bank-snooping rules that were defeated by a torrent of unfavorable citizen reaction. “Know Your Customer” rules would in fact require banks to spy on their customers and report anything “abnormal” about an individual’s pattern of withdrawals and deposits to the government.
Not to be deterred, anti-privacy forces tried to impose similar requirements on “inter-national” transactions, and the consumers who make them, in a supposed anti-money-laundering bill. Thankfully, that bill, HR 3886, seems dead for now.
5. National ID. Although the Social Security number is still too widely used as a de facto ID number, the federal government has been quite busy trying to saddle us with a de jure one. The first try was the HillaryCare program in 1993. Part of the proposed socialized health-care system would have mandated that every citizen carry a health identifier card, with medical history embedded on an electromagnetic strip—and with the potential, no doubt, for other kinds of information to be tied to those records. The bar-code crowd tried again with the Health Insurance Portability and Accountability Act of 1996, which directed the Department of Health and Human Services to tag every patient with a unique health identifier. Thankfully, amendments by Representative Ron Paul defunding the identifier have passed the last two appropriations processes. But, cash-poor as it may be, the provision remains on the books.
The national ID card reared its head again in 1996, when the President signed an immigration law, part of which mandated that a state driver’s license have the license-holder’s Social Security number printed on it. The thinking behind this is that only with a national ID system can we stop the scourge of illegal immigrants from “taking American jobs away.” Fortunately, that provision of the bill was repealed in 1999, before it went into effect.
6. Wiretaps. The ACLU and others who monitor civil liberties have noted that the Clinton regime has been the wiretap-happiest administration to date. Congress helped the administration earn this dubious honor by passing the Communications Assistance to Law Enforcement Act (CALEA) in 1994. CALEA forced phone companies to install wiretap devices directly into their systems to provide federal law enforcement with easier access to their customers’ communications. At the time, FBI Director Louis Freeh testified that the FBI would not use CALEA authority to trace the location of cell-phone users. But last year, in a familiar pattern, the FBI convinced the FCC that under CALEA, cell-phone companies must give the government the beginning and ending location of a cell-phone user’s call.
The FBI has also argued that it has the right to collect digital content after a call has gone through—keyed-in numbers such as extensions and bank account numbers—with only a “pen register” warrant issued by a federal magistrate. In the analog age, pen-register warrants enabled investigators to find out what number a call was placed to, as opposed to a search warrant issued by a judge, which was needed to actually listen in on phone calls. A federal court overruled that position in August. And in its fight to make sure it hears everything, the FBI has also had mixed success in barring foreign companies not subject to the FBI’s whims from domestic telecommunications.
7. IRS audits. Twenty-five years ago Richard Nixon was nearly run out of town for just suggesting the IRS take a closer look at his “enemies.” But under longtime Hillary Rodham Clinton friend Commissioner Margaret Milner Richardson and her successors, the IRS has acted like a political attack dog. One of the earliest targeted on the enemies list was the Western Journalism Center (WJC), whose Web site WorldNetDaily.com was asking a lot of inconvenient questions at the time about the strange death of Vincent Foster.
As a result, WJC has since spun off WorldNetDaily into a for-profit corporation. WND has continued tracking the IRS as they have gone after a virtual who’s who of Clinton antagonists, from the Heritage Foundation (its four-year audit is not yet over) to the Christian Coalition to Juanita Broaddrick, who has accused Bill Clinton of raping her in 1978.
8. Filegate. Another oldie but goodie, this one is still having repercussions today. When more than 900 FBI files of Republican political appointees mysteriously appeared in the White House, the Clintons blamed a “bureaucratic snafu.” Depositions by Linda Tripp and others taken in the ongoing civil litigation (available at www.judicialwatch.org) have revealed that information from the files was copied into White House databases for later use.
9. Echelon. First formed as part of the American-British alliance created after World War II, Echelon is an automated eavesdropping network that seemingly swaths the entire globe. Run by the intelligence agencies of five Anglophone countries (the United States, United Kingdom, Canada, Australia, and New Zealand) and headed by our own National Security Agency, the system intercepts “billions of messages per hour” from phone, fax, and e-mail communications. Recent investigations by the European Union and others have revealed that Echelon computers search through those messages and flag for human analysis those with keywords such as “bomb,” “Vince Foster,” or “CIA.”
And the keen part, from the spooks’ perspective, is that by having their pals in MI6 spy on Americans while the NSA spies on British citizens, the two can swap information while claiming not to violate laws barring them from spying on their own citizens.
10. Carnivore. Carnivore is the FBI’s answer to Echelon—a “black box” with secret software inside attached to an ISP’s computer network. Carnivore monitors all traffic (e-mail, Web surfing, chats, and so on) on the ISP and, the FBI claims, only gives the authorities the information they have a court order for.
Of course, there’s no way to keep an eye on the FBI. Clinton Attorney General Janet Reno sought some of that elusive verification in the form of an “independent” review by a leading university. But when universities saw all the secrecy restrictions and limits on what they would even be allowed to review, most blanched. Fox News reported that scientists at MIT, University of California, San Diego, and Purdue all declined to submit proposals. The Department of Justice finally settled on a team—larded with government contractors, ex-Clinton advisers, and security-clearance types—assembled by the IIT Research Institute in Illinois to conduct the review. (We only know so much about the review team because John Young of www.cryptome.org realized the electronically redacted proposal released by Justice could easily be unmasked.)
ISPs have understandably been rather silent on the issue ever since an unnamed ISP, presumed to be Earthlink, lost a court battle to keep FBI from installing Carnivore. They may get back some of their gumption now that Network Ice, a leader in the consumer firewall business, has released “Altivore,” a free program ISPs can install and run themselves so as to extract for the FBI only relevant court-ordered data.
Of course, this is but a partial list, and a case could be made for any number of government actions to be included among the top ten. If the debate in Washington continues to focus on the information practices in the private sector and ignores much-needed reform of government abuses, it will be that much harder to even agree on a top 100.