|
Module VI -
Self-Help Mechanisms: Cryptography, Privacy-enhancing Technologies,
and P3P
"[E]ncryption technologies are the most important
technological breakthrough in the last one thousand years."
--Professor Lawrence Lessig, Code and Other Laws of Cyberspace
36 (1999).
Assigned Reading:
1. Please read the Introduction
to this Module.
2. Please Read Cryptography
I. Introduction
II. How Does Encryption Work?
III. A Survey of the Issues Surrounding Encryption
IV. Arguments for Restrictions on Cryptography - Law Enforcement
V. Arguments against Restrictions on Cryptography - Free Commerce
and the Right to Privacy
VI. Another Way to Look at the Encryption Policy Debate: Individuals
v. Marketeers
3. Articles:
(a) The Platform for Privacy Preferences (P3P) and other Industry
responses to privacy concerns
1. Read section entitled "What is P3P?" http://www.w3c.org/P3P/
2. Read a comment by a critic of P3P:
Karen Coyle, A Response to "P3P and Privacy: An Update for
the Privacy Community" by the Center for Democracy and Technology
(May, 2000): http://www.kcoyle.net/response.html
3. Read the Center for Democracy & Technology (CDT) position
paper on P3P: http://www.cdt.org/privacy/pet/p3pprivacy.shtml
4. Peruse the website of the Network Advertising Initiative http://www.networkadvertising.org/
and read the basic principles promulgated by this consortium of
five major online advertising companies: http://www.networkadvertising.org/aboutnai_principles.asp
5. Read about TRUSTe, an industry consortium that sets certain minimum
standards of data collection and privacy practices for its members
to follow:
http://www.truste.org/consumers/users_how.html
(b) EFF's Top 12 Ways to Protect Your Online Privacy
http://www.eff.org/Privacy/eff_privacy_top_12.html
(c) EPIC's Online Guide to Practical Privacy Tools
(discussion & description of commercial products that help protect
privacy, including Snoop Proof Email; Anonymous Remailers; Anonymous
surfing tools; HTML Filters; Cookie Busters; Voice Privacy; Email
& File Privacy; Web Encryption; Encryption; Disk/File Erasing
Programs; PC Firewalls)
http://www.epic.org/privacy/tools.html
Discussion Topics/Assignment:
Please read through the following discussion questions. Use the
links after each question to submit your thoughts to the discussion
board. Feel free to address as many questions as you like.
1. What problems does encryption solve? Does encryption create
new problems? Consider, in this regard, the final section of the
article entitled "Encryption" on another way to look at
the debate about encryption.
2. Are you optimistic about the possibility of constructing checks
and balances
against the political and commercial forces that seek to centralize
data after September 11? Do the "self-help" measures listed
by groups such as EFF and EPIC solve users' online privacy dilemmas?
The assignments identify a number of industry efforts designed to
come to terms with the online privacy concerns manifested by numerous
privacy groups. Do TRUSTe and the Network Advertising Initiative
offer constructive alternatives to the position of many privacy
groups that no data should be collected beyond transactional data,
and that data should be destroyed as soon as possible? Which, if
any, are examples of technologies that effectively balance liberty
and security?
3. Does the Platform for Privacy Preferences (P3P) offer a reasonable
alternative to the present situation of lack of user choice? Does
P3P adequately protect user privacy?
4. What is the most startling technology you came across while
swimming in Silicon Valley?
What are examples of technologies that effectively balance liberty
and security? Can you give examples of technologies developed by
Silicon Valley for business intelligence that are now being applied
to national intelligence? Is there a historical precedent for the
search for silver bullet technologies in America?
5. Invasive technologies and technologies that protect privacy
sometimes seem to operate in leap-frog fashion. When a technology
develops that seems to threaten privacy (e.g., cookies), other users
develop counter-measures (e.g., cookie eaters). Should cyberspace
users defer to the technologists to develop privacy protection devices?
Or, should legislatures and courts be involved in setting privacy
protection measures?
Go to Discussion Summary
RETURN TO COURSE HOMEPAGE AND SYLLABUS
| 
