A call for leadership and an Electronic Bill of Rights
- By Winn Schwartau
- May 18, 1997
"In cyberspace you are guilty until proven innocent." Our collective digital faces are rubbed into that unfortunate truism every day as decisions that affect each of our lives are made without our knowledge or consent.
As individuals we are known by our digital essence - embodied as bits and bytes and distributed among 50 000-plus anonymous databases to which we have no access or recourse to amend edit or correct. To prove this I hired my cyber-PI neighbor for $100 to assemble the medical financial and legal records and whatever else he could find on a local TV news reporter (with his consent). The results? Seventeen pounds of records 14.5 inches high. I went to the Internet and using my Visa card paid for on-line research in the hopes of further violating my victim's privacy. When all was said and done I spent less than $1 000 and knew more about the TV personality than he knew about himself.
This is morally and ethically wrong. The 200-year-old concept of public records did not envision Intel Corp. Microsoft Corp. or the Internet. The Constitution did not envision the records of 265 million Americans being sold on a CD for $29.95.
The solution is a simple yet bold one requiring political strength vision and the love of one's constituency more than oneself. The answer is a six-point Electronic Bill of Rights that takes into account the realities of modern technology:
* I own my name. My name is mine to do with as I please. Not yours.
* You as a business may use my name for the purpose of our transaction only. You may not sell barter or otherwise market my name or any information about me without my explicit permission.
* If you need to keep my name in files for the purpose of ongoing business you will protect it from abuse illicit access or accidental release.
* If you have any files containing my name you must notify me of the existence of those files send me copies upon request and provide a reasonable means to add delete or correct information.
* The government will create a new data classification called "personal but unclassified" and set standards for its protection in the private and public sectors.
* I will have civil and criminal recourse against persons and organizations public and private who either violate my electronic rights or permit them to be violated.
These simple principles will bring back much of the privacy that has been eroding since the dawn of the computer age. It places a common-sense limit to how my name may be used and it will add credibility and accuracy to existing databases. These simple principles also will cause a backlash by those organizations who do not believe in the privacy rights of the individual and who make their living by twisting the concepts of public records and unregulated databases for their personal profit.
But more importantly these simple principles will help us find the leaders in Congress who understand how critical and fundamental these rights are and should be. These new leaders will find the political courage to finally make cyberspace a much safer place to play live and do business.
-- Schwartau is the author of "Information Warfare - 2nd Edition - Cyberterrorism: Protecting Your Personal Security in the Electronic Age" and the president of Interpact Inc. a security consulting company that operates www.infowar.com and www.info-sec.com.