For example, video surveillance could be made more palatable if it worked more like an episode of "Cops," with people's faces blurred out. Only if a crime occurred would the more detailed images be made available. Massive databases designed to root out terrorists, meanwhile, might feel less intrusive if the actual names associated with the information being gathered were kept in a separate file that required a warrant or other authorization to access.
These were among the ideas that came up during a gathering of 150 academics and researchers this week at IBM's Almaden Research Center here to exploreamid an explosion in the amount of personal information that is being tracked electronically.
The challenge? Data is being gathered from a growing variety of sources. It's not just Internet browsing that's being monitored. Grocery store shopping patterns are being tracked via "club cards," video surveillance has increased and embedded sensors could eventually track any product or person.
"We're being taped right now," IBM Chief Privacy Officer Harriet Pearson told the crowd Wednesday to drive home her point.
In the early days of the Internet, privacy concerns were only an afterthought, Pearson said. Only belatedly was work done to try to bolt on standards for privacy, she said.
To retain any measure of privacy with these new technologies, work must be done now, she said. On the positive side, somewhat more attention is being given to privacy issues when it comes to new areas of connected computing such as Web services, grid computing and the mining of complex databases.
Although, expanding privacy regulations have spurred technology providers and standards groups to address the issue.
In the United States, medical and insurance companies are bracing for a key deadline involving the Health Insurance Portability and Accountability Act (HIPAA), which aims to protect the privacy of health records, among other things. Although that legislation was approved in 1996, the privacy provisions are only now beginning to take effect, with key compliance deadlines set to kick in Monday and later in the year.
Other recent privacy legislation includes the Gramm-Leach-Bliley Financial Services Modernization Act of 2001, which required that financial institutions disclose to customers how they use private information.
Such laws are providing an impetus for innovations in privacy technology. Last year, for example, the World Wide Web Consortium (W3C) approved a privacy standard known as the Platform for Privacy Preferences (P3P), which has been implemented as a feature in Microsoft's Internet Explorer and AOL Time Warner's Netscape browsers.
P3P allows surfers to specify which information, such as names and shipping addresses, they are willing to automatically share with Web sites. When a site seeks information that has not been cleared, such as a credit card number, a warning is displayed.
Not everyone thinks the privacy issue is one worth fighting for. Sun Microsystems CEO Scott McNealy famously told consumers some years ago that they have no privacy and to just get over it.
Learning from Hippocrates
However, most of those gathered here have no intention of throwing in the towel. Harry Guess, a researcher at pharmaceutical company Merck, noted that both an individual's privacy and the ability to track overall data are essential to the medical profession.
"If you cannot aggregate data, you could not track the SARS (severe acute respiratory syndrome) epidemic," Guess said. "You wouldn't know there was a SARS."
At the same time, Guess said, the idea that one's conversations with a doctor should be private date back to Hippocrates.
Aiming to follow those principles while still tapping today's technology, IBM demonstrated what it termed a "Hippocratic database" in which a samplereturned results based on the right to know of the individual making the query. A primary care physician might have total access to test results, while the billing department clerk could find out which tests a patient had, but not the results. A medical researcher might have access only to generalized information or to records from those patients that had opted to share their information to researchers.
Another option would be to allow the researcher to see whether there was a pattern among people whose blood pressure was elevated, but not allow the researcher to see people's actual pressure levels.
The principle underlying the database--which is a lab project rather than a product IBM is marketing--is to limit use of information based on the degree of consent a patient gives.
But even technology's biggest proponents agree that technology is only part of the solution. Regulation, marketing, financial incentive and culture change are all part of preserving some measure of privacy.
"Technology alone is not going to solve this problem," said IBM researcher Tom Rosamilla.
Rosamilla points to the popularization of seat belts as an example. It was the combination of seat belt laws, insurance industry mandates, advertising and a societal shift that finally led seat belt use to become ubiquitous--years after the technology first emerged.
Regulation, though seen as important, is also thorny in that it varies so much from one jurisdiction to another. While Europe has had
In an instant, Sept. 11, 2001,
reversed years-long momentum
to protect online privacy.
Even where there are laws on how data can be used, they are often difficult to enforce. That has led some to focus on minimizing the data that companies can collect as opposed to trying to regulate how the information can be used.
"It's hard to enforce that it is only used by the 'right' people for the 'right' purposes," said Marit Hansen, a computer scientist who works for a state-funded independent center for privacy protection in Kiel, Germany.
Another approach discussed was trying to reward companies that enact strong privacy protections. There seemed to be consensus that privacy will only take off in the marketplace if companies perceive it to be in their financial interest.
"We want businesses to know there are tangible benefits to offering privacy," said Ann Cavoukian, who is the privacy commissioner for Ontario and also author of a book on the subject, "Privacy Payoff."
But helping create those incentives can be problematic.
In the German state of Schleswig-Holstein, where Hansen is based, a 2000 law created a privacy seal for companies that meet certain standards and also offered preference in government purchases for products that have the certification.
So far, though, only three products have earned the seal, with another 15 or so seeking approval. A better approach, Hansen said, would have been a European or even an international standard, but Hansen said there was not enough will or cooperation for that to occur.
"We couldn't wait any more, so we started," Hansen said.