by Michael Arnowitt
In the fall issue of The Northern Spy, we examined the increasing use of Social Security numbers as a possible precursor to a new national ID system which would, in essence, establish an "internal passport" which could be required for many activities citizens now undertake freely.
We also looked at the growing use of videotaping, audiotaping, and other forms of snooping by State officials and employers. No aspect of human activity is now unmonitored. It is increasingly likely that our privacy may be invaded at work, on the streets, on the telephone, and both outside and inside our homes.
In Part 2 of this series on privacy issues, we will look at how the details of our life history and preferences are digitized, transmitted, and sold. Welcome to the Information Marketplace!
How To Buy Information
Let's say you're a new business and wish to find out all you can about the potential customers in your area. If you don't want to do the legwork yourself, there are a growing number of companies ready and willing to sell you personal information.
Two years ago Lexis-Nexis announced to its 740,000 corporate and individual subscribers that it had developed a new product, P-TRAK, that "puts 300 million names right at your fingertips." P-TRAK's Person Locator service originally provided, for each person's name, the individual's birth date, Social Security number, maiden names, aliases, and telephone number. The company, after public protest, now no longer will disclose a person's SS number upon the input of a name.
Lexis-Nexis may have been one of the first companies to publicly market mass amounts of information about private lives, but it is not the only player. It was reported by C-NET News that Lexis-Nexis execs claim that they have five competitors in this field; CBD InfoTek and West Publishing Information America were mentioned by name.
International Research Bureau also maintains Social Security numbers in the information in their files. For about $20, the company will send you by mail whatever information is available on a Social Security number provided; information typically includes details about driving records, vehicles owned, and liens.
Another company actively involved in selling information on U.S. citizens is the national credit bureau Trans Union Corp., which maintains information on as many as 200 million U.S. citizens, according to the New York Times. The data sold includes information on consumers' credit card accounts, loan history, estimated income, and whether an individual has recently moved.
The Times recently reported a court ruling ordering Trans Union to stop selling its information to marketing companies, banks, and insurance firms without first obtaining the consent of the individuals in their records. Trans Union has stated, however, that they will continue to sell the information while appealing the judge's decision.
According to the Vermont Public Interest Research Group's policy director Jenny Carter, Vermont is the only state that requires permission from the individual before their credit report may be released by a bureau. In practice, with the exception of home-buying, Central Vermonters surveyed by The Northern Spy do not report ever seeing these disclosure consent forms.
Perhaps no information is regarded as more private than information regarding a person's health and medical history. But medical records, too, are for sale. According to Jim Sulanowski, of the Providence-based Privacy Journal, all the private insurance companies jointly pay for MIB, a national information clearinghouse operation in Massachusetts.
Whenever a consumer uses the insurance system, information is added to MIB's files; as consumers do switch insurance companies, the industry has found it useful to jointly agree to share records. For an annual fee, any insurance carrier can access all the clearinghouse's records built up over time, thereby obtaining a consumer's complete medical history.
The Dangers of Disclosure
But why buy something when you can get it for free? Many companies today now make it part of their routine to try to get consumers to volunteer information for their databases. Check-out cashiers will occasionally ask for your address, zip code, or telephone number. Caller ID is used to keep record of people who have contacted a business, and all this information is routinely sold. Joshua Diamond, a Montpelier attorney, points out that caller ID is not needed, at least for companies: a better alternative would be to allow callers to key in their identifying name so the individual would have control over whether or not to release this information.
With advancing technology, citizens may have less and less ability even to refuse to disclose information about their personal lives. On a recent trip to Service Merchandise in South Burlington, a clerk in the check-out lane stated out loud a customer's address and phone number after having been given their credit card, even though that particular customer had never shopped at Service Merchandise before and had not (and would not have) voluntarily revealed that personal information.
Of course, the most useful piece of personal information a business can extract from you is your Social Security number. When you give out your SS number, you are providing the key to your electronic dossier, access to information about yourself that you don't have the ability to control, as these electronic files are being maintained and updated by distant third parties.
As has been pointed out by Chris Hibbert of the California-based Computer Professionals for Social Responsibility, you are providing access to data that is irrelevant to most transactions but that will occasionally trigger prejudice. Since you provided the key "voluntarily," all the info discovered under your number will be presumed to be true and about you.
Even if you wanted someone to be able to find out some things about you, there's no reason to believe that you would want to make all records concerning yourself available. The Social Security number is nevertheless being used as a single identifier for multiple record systems, all intended to be easily accessible to corporations. It is difficult to allow a party access to only some of the information about you and not other topics; once they have your "password," they have access to the whole ball of wax.
Grand Union Card Update
The credit card is perhaps the most obvious device used to enable the business world to build up a database on a consumer's purchasing habits, but a corporation can more directly have individuals voluntarily reveal this information by issuing "discount cards."
In 1993, the Times-Argus reported that Grand Union "Savings Plus" cards were equipped with a metal stripe that allows a computer to extract the customer's name and address. An optical scanner gives an itemization of the customer's purchases.
At the time, Grand Union denied any correlations were made between names and purchases, and stated that the technology to do so was not currently owned by the company. During a recent trip to the Montpelier store, a staff person maintained that no purchasing information was stored or sold to marketing companies.
A copy of the current application form to receive the discount card reveals some modifications have been made since the original controversy five years ago. No longer are cardholders required to give their Social Security, driver's license, or bank account numbers. However, the card still contains in small print, next to the signature line, an identical sentence to what the Times-Argus reported in 1993: "I understand that my purchases may be recorded and may be used for marketing purposes."
Code of Fair Information Practices
Groups such as Computer Professionals for Social Responsibility have developed a code of fair information practices for the industry. If their code were adopted, all information collectors would have to provide individuals with descriptions of potential uses -- narrowly and clearly defined -- of any personal information in their database.
Data collected should be limited to only that which is necessary for the particular use in question. Upon request, a person should be provided copies of any information in their electronic file, and individuals should have the right to be able to dispute and correct any faulty information contained about themselves in a database.
It seems unlikely, barring more concerted grassroots pressure, that marketing companies and list managers would voluntarily take on all the extra work that such a code of conduct would require. In the meantime, if one wishes to avoid being reduced to a mass of computer keystrokes, the best recourse at the moment is to non-cooperate with requests for information and to avoid systems such as credit cards or electronic transactions, where your purchases can be easily digitized and transmitted.
Our day-trip to the Information Marketplace may have been a little disappointing. While the marketplace of commercial shopping is a glitzy, colorful world filled with celebrities, the information marketplace seems abnormally gray and sterile. Slowly but surely, enormous mountains of information on our lives is being compiled for every person in the land, from children to seniors.
It's a little hard to believe anyone would be interested in where you live, what you buy and eat, and other details of your lives such as your marital, health, and financial history. Yet this is precisely what interests today's increasingly-distant capitalists. As your privacy erodes, they have a much better picture than ever before as to how to addict you to their products.