« Security firm trashes customer e-mails | Main | The Concealed I: Day 2 Morning events »

The Concealed I: Blog of Day 1 events

posted by:Alex Cameron // 06:04 PM // March 04, 2005 // Walking On the Identity Trail

Bonjour and hello! Events got underway today at our multi-disciplinary conference at the University of Ottawa, Faculty of Law: “The Concealed I: Anonymity, Identity and the Prospect of Identity”. This blog entry sketches events of the day in a general way, and without purporting to be an accurate or complete transcript of events.

Introductions and welcomes were made by Ian Kerr, Bruce Feldthusen (Dean of the Common Law Section, Faculty of Law, University of Ottawa) and Pamela Wiggin, (Vice-President, Knowledge Products and Mobilization, Social Sciences and Humanities Research Council).

Nature and Value of Privacy and Anonymity

Following the introduction to the conference, Valerie Steeves introduced the first panel, including Alan Westin. Alan set the scene for the morning’s events and for the conference. Drawing from his work, he conducted a fascinating review of the concept of anonymity in the biblical Hebrews, the Roman Empire, and the American Republic. Helen Nissenbaum, Dept. of Culture and Communication, New York University continued the theme of setting the stage for the conference by posing a number of additional thought-provoking questions for the audience to think about. These questions included: Do we have a right to anonymous speech? Do we have a right to read anonymously? Should we allow anonymous email? In thinking about ways that we might go about answering these questions, she explored several different layers of analysis. At bottom – interest politics. At top – conflicts of rights and values. Middle – social systems, institutions, cultures… etc. (eg. Walzer’s “Spheres of Justice”, Bourdieu’s “fields”, Luhman’s “systems”). She discussed norms of information flow in terms of appropriateness of the information and method/means of transmission. The presentation concluded with presentation of an “Application Heuristic” that asked the following questions: (a) what is the governing context? (b) what types of information are in question? (c) according to what principles is the information in question (e.g. identifying information) transmitted among (what) actors, in the context? A number of questions were posed by audience members and an excellent discussion ensued.

Public Perceptions of Privacy and Anonymity

After a short break, Steven Davis introduced our next panel, comprised of David Lyon (Prof., Dept. of Sociology, Queens University) and Gary Marx (Prof. Emeritus, M.I.T.). David Lyon’s presentation was titled “Systematic surveillance and perceptions of privacy”. David talked about aspects and preliminary results of his survey research into attitudes regarding privacy in Canada and other countries around the world. Further details can be found at http://www.queensu.ca/sociology/Surveillance/research.htm. Gary Marx’s presentation was titled “What’s in a Concept?: Some Reflections on the Complications and Complexities of Personal Information and Anonymity?”. Gary explored ideas about different types and sources of personal information, including indications of social perceptions and reflections of personal information and anonymity.

- Lunch -

Privacy Commissioners Panel

After lunch, Bruce Phillips gave an inspired introduction for the panel of privacy commissioner speakers. He praised the work of the commissioners and emphasized the importance of the public education aspect of the role of commissioners. He feels that people can make intelligent decisions about privacy, as long as they are informed!

The first speaker on the panel was the Privacy Commissioner of Canada, Jennifer Stoddart. The Commissioner spoke about the role of privacy commissioners and issues facing the commissioner’s community. She viewed the commissioners’ role as pragmatic, flexible to respond, and principally to apply the standards that are set down by legislation in response to the needs of local constituents. She noted that the commissioners themselves reflect a wide array pf personal information defining issue in the public and private sphere, making them a bell-weather of privacy issues. She emphasized the importance of public participation as a key to the solution to identity challenges through public education, public debate and education.

Frank Work, Information and Privacy Commissioner of Alberta talked about developments and privacy issues in Alberta. He noted that his office is now allied with police forces in the area of ID theft. He stated that his office now receives bags and bags of commercial papers. For example, where the police bust a drug operation, they will often find a lot of documents with personal information. These documents are referred to the privacy commissioner to look for possible ID theft and begin investigations where appropriate. Frank Work noted that his office has been involved in reviewing hundreds of PIAs. Finally, he stated that the government wants more information about his office because, in some cases, the government wants to service the commissioner better.

Peter Bower, Executive Director, Access and Privacy Ombudsman, Manitoba spoke about (1) state of information management (records management systems) and (2) state of research in social sciences and natural sciences, particularly medical research. Peter remarked that the state of information management is terrible. He noted that research into archives is being held up as a result of privacy concerns. While the medical community has made progress on this issue, the social sciences are way behind.

Mary O’Donoghue, Senior Counsel and Manager of Legal Services - Information and Privacy Commissioner/Ontario, spoke about recent issues facing the Ontario commissioner’s office. Among the issues discussed was police retention of fingerprint and photos. The IPC Ontario was able to persuade the police to reconsider their policy in light of privacy considerations. She also noted that a number of privacy issues had arisen in schools – searching students for drugs, strip searches, video surveillance, police dogs in schools etc. The IPC Ontario developed guidelines which are now in place and well-received.

Prof. Michael Geist asked the commissioners about outsourcing issue and international data transfers. He also asked about how commissioners’ viewed their jurisdiction to pursue foreign entities (eg.. the Abika complaint filed by CIPPIC). Commissioner Stoddart replied that they have material on their site regarding the outsourcing issue and pointed to a number of ongoing initiatives in the area. She also advised that her office is conducting an audit of transborder flow of data in the public sector. With respect to the collection of Canadians’ personal information by outside entities, she remarked that the chain of collection is partly in Canada and so they do have jurisdiction over that and are investigating it. Further, where a US company is doing the collecting, she stated that her office is in talks with the US FTC regarding the possibility of a joint approach to the issue.

Philippa Lawson of CIPPIC asked excellent questions about the decisions of the commissioners. Commissioner Stoddart responded to these questions. She noted that where there is a written complaint, the commissioner is supposed to respond in writing every time. Not the same with phone calls regarding complaints. Why not name names? The commissioner is actively looking into criteria for doing this soon. She advised that not every finding is published, but rather only those that bring up new educational value issues.

The Great Debate

Following the panel, Declan McCullough of CNet moderated a spirited and lively debate between Marc Rotenberg of EPIC and David Harris, Director of INSIGNIS and former Chief of Strategic Planning at CSIS. The topic: Be it resolved that a national identity card should be established in Canada and the United States. Following a great face-off between Marc and David, Declan asked a number of questions and moderated questions from the audience.

Is the Future the P.I.T.s?: Implanting and Extracting Identity

After a brief break, we reconvened and Paul Van Oorschot moderated an excellent panel of final speakers for the day: Ian Kerr, Latanya Sweeney ( and Michael Krawitz (Executive VP and CPO of Applied Digital).

Michael spoke first and discussed the VeriChip produced by Applied Digital. He focused his discussion on the medical, financial and security uses and advantages of VeriChip. He described the example of seniors using VeriChip to contain health information so that doctors and hospitals can rely on the chip rather than the imperfect memory of the person. He compared the VeriChip to a medic-alert bracelet. In the financial context, he described how VeriChip can be used to protect against ID theft by acting as a secondary authentication device.

Next up, Latanya Sweeney of the Data Privacy Lab at Carnegie Mellon (Associate Professor of Computer Science, Technology and Policy, Institute for Software Research International) gave an amazing presentation of her research areas. She reviewed a number of areas and focused her talk regarding RFIDs on ID theft. She described how Zip Code, Birth Date and Sex information can be used to link and uniquely identify 87% of US population. She talked about her Identity Angel project which scans the web to see if there is enough information available about you to enable someone to commit a fraud against you or to commit ID theft. The idea is to then contact the vulnerable person. The ID Angel project found evidence of online resumes with lots of information about people. For example, 140 or 150 resumes with SSNs. They contacted 105 of the people at issue and received a variety of different replies ranging from thanks to threats of lawsuit! She discussed how the VeriChip will eventually lead to all the same kinds of problems we see in the data explosion now and with online databases. For example, restaurants will want its customers to have VeriChips and to have access to information about allergies. Same thing for amusement parks and heart condition information as another example.

To conclude the presentations for the day, Ian Kerr gave an energized presentation “Still feelin ‘icky’: The Utopias of Conrad Chase, Kevin Warwick and other Digital Angels”. This presentation recounted Ian’s experience with the Baja Beach Club in Barcelona. This club was implanting customers with “VIP” chips that permitted access to the VIP lounge at the club and enabled payment. Ian’s presentation explored what it might be like to live in a wireless world in which our devices all talk to one another in an automated way that doesn’t necessarily involve us. We move from a world of local area networks to ‘PANs’ – Personal Area Networks. Ian discussed Kevin Warwick’s neural transducer surgical implants intended to send and receive signals from computers and others. Other implantable devices include insulin, cochlear implants (phones, MP3 players etc. can be linked). He pointed out that the nature of the information created in the PANs (like blood sugar, neural signals etc.) leads to heightened security and privacy needs. Are we moving from the network of ideas, to the network of things, to the network of people? Ian is very interested in this apparent move towards the merger of human and machines.

Great discussion ensued…. lots of questions for Michael!

End of Day 1!

Comments

Posted by: Cypherpunk at March 4, 2005 07:45 PM

Posted by: David Matheson at March 8, 2005 11:20 AM

Post a comment

Name:

Email Address:

URL:
Remember Me? YesNo

Comments: