[Ed. Note: this is the first in a series of blog posts addressing a range of technology and civil liberties issues we believe America's next President and Congress will have the chance to take a fresh look at, and the opportunity to set a policy course for the Internet that will keep it open, innovative and free.]

One of the biggest mistakes a new administration might make in its first 100 days would be to ignore the impact technology has had on the privacy of our communications and the striking need to update the law accordingly. If the President fails to act early in his first term he will miss a window of opportunity that won’t soon reopen, and it will be to the detriment of the Internet economy and to privacy rights.

The next President will have to resolve big-ticket items, like an economic meltdown, an unpopular war and an energy crisis. But when it comes to putting in place policies that will protect and promote Internet commerce, investing in timely solutions now will reap significant dividends for years to come.

Hi-Tech Discrimination
The revolutionary growth of digital storage capacity and online communications services means that more and more of our lives are spent online. We send email through web-based services and have growing opportunities to store our calendars, address books and the like with online service providers. Increasingly, sensitive information that used to reside on in our desks, on our desktops or stored on our home computers is shared with or stored by third parties who then convey it to others.

And when it does reside with third parties, our information loses much of the Fourth Amendment protection that it enjoyed when it was stored in your home digitally or on paper. For example, the government can easily require your web-based service provider to turn over an email message that you’ve saved for more than six months on your Gmail or Hotmail account—any web-based email account for that matter. The government does not have to prove to a judge that it has strong evidence – probable cause – that the message is relevant to criminal activity. To get that very same message saved on your desktop computer, the government would have to make that probable cause showing.
(more…)

War, financial crisis and the fate of a nation hanging in the balance. It sounds like a back-of-the-envelope outline for a spy novel, but it’s actually the current political climate in the U.S. Given that, it’s no surprise that discussion of Internet and technology issues is adrift, and that civil liberties protection has been pushed to the margins during this intense political season.

And yet this election cycle provides a great window of opportunity. The President and Congress will have a chance to take a fresh look at the challenges and opportunities of the Internet and set a policy course for this vital medium that will keep it open, innovative and free.

We often take the Internet for granted. In a short time it has become a powerful engine for innovation, economic growth and democratization. The Internet has changed the way we “do” politics. Ordinary Americans are making their voices heard and organizing online. Political candidates are building online networks of supporters, raising unprecedented funds from small donors, and educating the public on their policies and visions.

A few months ago CDT started a dialogue on what we believe are the key issues impacting the digital work-a-day world where most of us are spending an increasing amount of time. The ideas and feedback flowing from that discussion will help us craft a kind of blueprint for technology policy for use by the new Administration, noting things that can be done right now while also providing a strategy for achieving longer term goals.

Starting this week and following through until the election, CDT will focus on specific issue areas and write about each of them here on our Policy Beta blog. Our President, Leslie Harris, will add another level of insight and commentary on the issue in a companion article published in her Huffington Post column. And for those that want a daily dose of policy prognostication —in 140 characters or less—you can follow our efforts via Twitter.

We encourage you to push these blog postings out to your friends, family, forums and social networks. We welcome comments, criticisms and suggestions, all of which will help us sharpen our message and hone our suggestions for the next Administration and Congress.

Earlier this week, we set out our wish list for what we hoped to hear from witnesses during today’s Senate Commerce Committee hearing on behavioral advertising as this emerging online marketing practice comes under congressional scrutiny.

We are pleased that the telecom companies testifying today, AT&T and Verizon, appear headed in the right direction.

Both companies strongly embraced setting a high bar for engaging in behavioral advertising and challenged the rest of the industry to do the same. Dorothy Attwood, senior vice president of Public Policy and Chief Privacy Officer for AT&T, said her company was committing to a policy of “advance, affirmative consumer consent,” noting that the phrase is “generically referred to as “opt-in.”

Meanwhile, Tom Tauke, Verizon’s executive vice president for Public Affairs, Policy and Communications, said that any kind of consumer protection practices must include “meaningful consent” from the consumer. Tauke went on to explain that “meaningful consent” requires transparency, affirmative choice and consumer control.

Moreover, Attwood made clear that a “consumer’s failure to act will not result in any collection and use by default of the consumer’s information for online behavioral advertising.”
(more…)

Back in January I wrote an op-ed criticizing the Department of Homeland Security for flirting with the idea of creating a national ID database to implement the REAL ID Act. While CDT has been supporting the repeal of REAL ID or its major amendment, we believe that, should the law stand, it must be implemented responsibly.

The American Association of Motor Vehicle Administrators (AAMVA), a private organization representing the interests of state DMVs, has been a key proponent of creating a national ID database, which would hold highly sensitive personal information on virtually all Americans, because it already manages a similar central database for commercial drivers.

Although AAMVA is clearly pushing the centralized model, it has heard the cries of privacy advocates who have warned of the significant privacy and security risks of creating a national ID database. To its credit, AAMVA is putting together a white paper, due out in the next few weeks, analyzing the different system models that could ensure that an applicant doesn’t already hold a REAL ID card from another state (which is a requirement of the Act).
(more…)

On September 23, the Senate Select Committee on Intelligence will conduct a hearing on new Attorney General Guidelines governing FBI investigations and the collection of domestic intelligence. The Department of Justice first issued guidelines governing FBI investigations in 1974 and has loosened them virtually every time it has re-visited those guidelines.

Now, Justice is engaged in a substantial re-write. CDT was given a peek at the new guidelines while still in draft form. The real news behind the re-write is that when the dust settles, the FBI will be permitted to engage in intrusive investigative techniques without having a tip that a crime may be committed and without having evidence of a particularized threat to national security.

Look for senators to question the witnesses about “assessments.” The new guidelines would permit FBI agents conducting an “assessment” to recruit informants to surreptitiously attend meetings and events, to misrepresent their identities while engaging people in conversation in an effort to elicit information, and to indefinitely surveil homes, offices and individuals, all without any evidence of crime. Traditionally, such intrusive investigative techniques were reserved for investigating when there was evidence of a crime or of a threat to national security; now they would be used to investigate whether to investigate.

The Committee usually conducts its hearings behind closed doors; to its credit, the Committee decided to open this important hearing to the public.

For more background on this issue, check out our resource page on Attorney General guidelines. There you will find a list of all the guidelines that are going to be re-written.

Back in March, CDT welcomed Comcast’s announcement that it would move to a “protocol agnostic” technique for managing network congestion. No technical details were provided, but the announcement certainly seemed to imply that the new technique would steer clear of singling out particular protocols, services, or content for inferior treatment. In other words, it would avoid the kind behavior that gives Internet neutrality advocates fits and that puts network operators in a position to undermine unfettered innovation. To use a potentially loaded term, the announcement seemed to imply that the new technique would be neutral.

But we also noted that we would have to wait and see how the new technique actually works. However promising the term “protocol agnostic” might sound, it doesn’t exactly have a widely accepted meaning.

Well, Comcast has now filed with the FCC a description of the new congestion management technique it is rolling out. Based on that description, it appears to be the real deal.

Simply put, the new technique appears not to hinge on what applications or content a subscriber chooses to access. All it will know or care about is the volume of data each subscriber is sending over the network. When a particular part of the network starts experiencing heavy usage, the subscribers currently generating the most traffic (relative to the size of the connection they have purchased) will end up getting assigned a lower priority. As a result, their traffic may get slowed or perhaps experience some packet drops — but only if overall usage is so high that affecting someone’s traffic in this way is inevitable, and only until the affected individuals lower their usage a bit.
(more…)

Today is the third annual “Earth Day for the Internet,” and there are events all over the country celebrating the Internet, and I hope that you attend one or find a way to help. I’ve just come from an event in D.C. discussing the policy challenges facing the Internet and the ways that the Internet has enhanced the civic dialog. As Ellen Miller of Sunlight Foundation noted, in New York city they’re having an OWD party and rally while we have a policy discussion, but that’s “what we do,” in D.C.; we are creatures of the political climate and policy discussions are what we can offer to the Web. Readers of this blog are well aware what a marvel the Internet is, as well as the obstacles it faces here and abroad. Even so, it’s easy to take the Internet for granted. Luckily, we have a happy hour later today (information below) to balance the policy discussion - we would love to see you there.

Susan Crawford (a CDT fellow) started OneWebDay in 2006, in order to encourage people to become actively involved in the future of the Internet. This year the theme is civic participation in democracy, highlighting the role of the Internet in the upcoming election. People also depend on the Internet for communication, research, collaboration; the Net has become important in almost every facet of life.

To begin the discussion for OneWebDay D.C., Rep. Donna Edwards (D-MD) spoke of her long involvement with Internet issues that started well before she was a lawmaker. She also spoke of how to effectively exploit the Internet for the common good, rather than trying to lock it down. The Congresswoman talked about the obstacles to Internet use in communities without adequate broadband coverage, in some cases that means the public school down the street. We are in an environment with transitions that come more and more quickly, and we must engage all our communities in order to ensure that they can reap those benefits. She spoke of the Internet as a public good, and of our duty to maximize the free, open Internet for everyone. As a young adult, I can’t imagine the world without it.
(more…)

The Senate Commerce Committee has a hearing scheduled on Thursday to hear from ISPs about their plans for implementing behavioral advertising. CDT has been in discussions with many of these companies and believe that some have begun to make a commitment to getting policies and practices right and push others in the online industries to do the same, as they make decisions whether or not to go forward with behavioral targeting plans. Decoding congressional testimony is something of an art form; here’s what we’ll be listening for: words and phrases like “meaningful and affirmative consent,” “transparency,” and “user control.” If you check the box next to each of those you’ll know that things are on the right track, which will be a welcome change from the rhetoric we heard from the CEO of NebuAd during the last Senate hearing on behavioral advertising.

Obviously, the right words do not necessarily equal good practices; there is still hard work to be done to put these concepts into practice in the real work-a-day world.

CDT continues to believe that comprehensive privacy legislation would help to ensure that the privacy rules are rigorous for all and level across the marketplace. We believe that it is in the interest of every company in the Internet space to make sure that this legislation is part of the solution. We look forward to working with any company that is interested in getting to the right balance of legislation, self-regulation and technological solutions.

Just yesterday we blogged about how the government asked the full 3rd U.S. Circuit Court of Appeals to reconsider the decision of the three-judge panel that ruled the Child Online Protection Act (COPA) unconstitutional — for the third time. Just today the court denied the government’s request for a rehearing.

The government now has the option of appealing the case to the U.S. Supreme Court, which it will surely do. But as we said yesterday, it’s time for the government to stop wasting taxpayer dollars on fruitless litigation. Instead, that money should be used to spur the development of user empowerment technologies and to encourage parents to take control over what Internet content their children consume.

Television screens increasingly blaze in spaces outside of homes. In many settings, particularly at retail establishments, the TVs are perpetually tuned to a channel with nothing but commercials. In other instances, such as schools and government offices, the screens flash announcements and public safety information. This up-and-coming medium goes by different names, including captive audience networks, but the most common is digital signage.

Now, in a development with significant privacy implications, digital signage is slowly integrating identification technologies. The purpose is to boost audience measurement and exposure. The industry’s eventual wish is to target advertising to individual consumers based on demographics and shopping history.

Currently, most digital signs are just flat screens displayed in some trafficked area, playing a video loop. The contents of the video are often controlled via computer, enabling one master location to control thousands of connected units. However, from an advertiser’s perspective, a shortcoming of digital signage and billboards is the difficulty in determining who sees the display unit. This makes it difficult for advertisers or others to measure the size of the message’s audience and to target specific demographics within that audience. The industry’s solution appears to be teensy-weensy facial recognition cameras.
(more…)