5 Va. J.L. & Tech. 6 (2000) <http://www.vjolt.net>
1522-1687 / © 2000 Virginia Journal of Law and Technology Association

VIRGINIA JOURNAL of LAW and TECHNOLOGY

Between Big Brother and the Bottom Line: Privacy in Cyberspace

By Seth Safier[*]

I. Introduction

II. Cyberspace and the Digital Revolution

III. The Reagan Revolution

IV. Digitarianism

V. A Digital Taxonomy

A. Collection

1. Traditional Collection

2. Transaction Generated Information

B. Storage and Processing

C. Use

1. List Vending and Direct Marketing

2. Intelligent Agents and Push Technology: Cyberapplications

VI. Existing Legal Protection

A. Federal Statutory Protection

1. Fair Credit Reporting Act

2. Privacy Act

3. Cable Communications Policy Act

4. Electronic Communications Privacy Act

5. Video Privacy Protection Act

6. Telephone Consumer Protection Act

7. Proposed Legislation

8. Federal Trade Commission Initiatives

B. State Statutory Protection

C. The European Model

D. Constitutional Protection

E. Common Law Protection

1. Tort

2. Contract/Property

XII. Self-Regulation and Market Based Solutions

A. Opt In/Opt Out

B. Anonimity/Encryption

C. OPS and P3P

VIII. The Existing Regulatory Debate

IX. Enhancing the Digital Trust

X. Shifting Ground

The right to be left alone--the most comprehensive of rights, and the right most valued by a free people.
Justice Louis Brandeis, Olmstead v. U.S., 27 U.S. 438 (1928)

I. Introduction

1. On January 25, 1994, in the prepared text of his first State of the Union Address, President Clinton declared,

   We must work with the private sector to connect every classroom, every clinic, every library, and every hospital in America to a national information superhighway by the year 2000. Instant access to information will increase productivity, help educate our children, and provide better medical care and create jobs, I call on Congress this year to pass legislation to establish the information superhighway.

2. In the speech, President Clinton formally introduced the population to what academics, computer scientists, techies and digerati call "Cyberspace and the Information Age." Over six years later, as the technology at the heart of the "information superhighway" continues to develop at exponential rates, cyberspace, the information age, and the information superhighway are not so easily defined,[1] established or developed, nor technically or sociologically understood.
   
   

   II. Cyberspace and The Digital Revolution [2]

3. In the mid-1960s, around the time that the first commercially successful computer, the IBM 360, was introduced, the business world was one of file cabinets, carbon copies, Dictaphones, ribbon typewriters and handwritten receipts and ledgers. Customers primarily bought goods and services with cash drawn from neighborly tellers on wages earned from local employers. Research and development were patriotic and the IBM man de rigeur.
   
   
4. Gradually, the research and development began to pay dividends, and rudimentary photocopiers replaced carbon paper, and cumbersome, incipient computers and printers replaced ribbon typewriters. File cabinets eventually gave way to databases, and cash transactions evolved to charge. By the late 1970s, computers were fixtures in most businesses, and growing numbers of consumers were buying home computers such as the Apple II, TRS-80 and Commodore PET. By the 1980’s, new computer chip driven technologies were exploding and heralding the information age. Cellular phones, fax machines, powerful personal computers, digital databases, electronic cash registers, and intricate interoperable networking systems bombarded businesses and consumers alike. By the early 1990s, mail had gone electronic, computing went super, voice went digital, cable went fiberoptic and "surfing" went from a board on the ocean to a mouse on a desktop.[3]
   
   
5. In a 1992 opinion survey, 79% of Americans agreed that "computers have improved the quality of life in our society."[4] The ubiquity of computers and networks had drastically affected daily existence in Western societies. Whether it be computer aided drafting, word processing, just in time manufacturing, finding point to point directions in less than 30 seconds on the World Wide Web ("Web" or "WWW") or visiting the ATM machine, computers enhanced efficiency, and consumers understood and appreciated it. Computer chips had established themselves as the engines driving the age.
   
   
6. With the same speed, however, these technologies and resultant social changes began to precipitate challenges to individual privacy.[5] Just as the advent of the wiretap created a dilemma for Fourth Amendment jurisprudence in 1928,[6] the digitization of records, parabolic microphones, remote sensing satellites, smartcards, lie detector tests, genetic fingerprinting, caller-identification, cookie.txt files,[7] clickstream data collection,[8] "push technologies" and "intelligent agents" are similarly forcing us to take pause and ask fundamental questions about cyberspace and the limits of individual privacy.
   
   
7. Due to enhanced processing, retrieval and storage power, intricate networks and the ubiquity of chip driven technologies, 68% of Americans surveyed in the same 1992 opinion poll, also agreed that "the present use of computers represents an actual threat to personal privacy," an increase from 1974 and 1978, when only 38% and 37% of Americans, respectively, agreed with the statement.[9] A 1993 public opinion survey subsequently revealed that 83 percent of Americans were "concerned" with threats to personal privacy.[10] And, a 1995 Louis Harris poll illustrated that the number of people who were "very concerned" about privacy had increased almost 50% between 1978 and 1995.[11] In recent years, numerous corporations and governmental organizations, including Lexis-Nexis,[12] Blockbuster,[13] Lotus Development Corporation, Equifax Marketing Decision Systems,[14] America Online[15] and the Social Security Administration,[16] have changed policies, or altered business decisions, in reaction to public outcry over privacy concerns.
   
   
8. While the collection, processing, use and storage of personal information in cyberspace may raise pivotal concerns about privacy, if numbers are accurate indicators, personal information primarily raises revenue. Venture capitalists are betting big dollars on cyberspace's potential in markets such as banking, wholesale business transactions, entertainment, retail, investment, marketing and, even, universal currency. The Internet[17] economy is estimated to grow to past the $1 trillion mark in 2001 and then to $2.8 trillion in 2003.[18] A recent study from Ciemax-WEFA, an economics consulting group, commissioned by the Direct Marketing Association, indicated that one of every 13 jobs in the United States was the result of direct marketing sales activity, including jobs designing and selling advertising, supplying or delivering goods, and selling other support services, such as customer lists and consumer profiles to direct-response businesses. The same study revealed that direct marketing sales to consumers reached $630 billion in 1996, up from $458 billion in 1991. Business to business sales were another $540 billion in 1996, up from $349 billion in 1991.[19]
   
   
9. Other than remarkable profit potentials, the common denominator of these chip-driven technologies--simultaneously improving our daily lives and threatening our privacy--is that they all function as gateways to cyberspace. Essentially, cyberspace is the space where digitized information lives, works and dies. More fundamentally, cyberspace knows few if any physical limitations; inherently, it is a social construct. Physics does not exist in cyberspace. Rather, the most comprehensible and malleable limitation in cyberspace is technology or, in Harvard Law School Professor Lawrence Lessig's terminology, code.[20] Thus, unless it is prohibitively expensive in terms of cost of storage, time or effect on customer relationships or unless the cyber transaction has been technologically secured,[21] in theory every purchase, page turned, call made, e-mail sent and key stroked can be archived, stored, filtered, correlated, networked, regressed, matched, connected, catalogued, categorized, compared and/or labeled.
   
   
10. As computers and advanced telecommunications networks increasingly render cyberspace the least restrictive or most efficient medium in which to collect, process and utilize personal information the world has ever known, the fundamental concern about privacy in cyberspace becomes the manner in which the medium, and the technologies driving the medium, permit, enable and enhance the collection, processing, use and storage of vast amounts of in-depth, and potentially sensitive, personal information. One need not think long nor hard regarding the possibilities and implications of new technology to develop Orwellian visions regarding the capacity of the Government and, ever increasingly, the private sector to gather, sort and process massive amounts of information regarding ourselves. Yet, the futility of eliminating all the information or the efficient means of collecting and sifting it, must serve as the impetus for a fuller understanding and potentially more efficient shaping and, perhaps, regulating of the people and technologies collecting the data, employing the information, and shaping, building and dreaming about the next technology with which to do so. As always, the potential is simultaneously exhilarating and terrifying.
    
    

    III. The Reagan Revolution

11. As the digital revolution rendered life more efficient, and traditionally private domains less and less existent, a parallel ideological revolution was occurring in the minds of the American polity and halls of government. Arguably, since independence the American political and social milieu has been ideologically characterized by forceful arguments for decentralization of government power. Whether the arguments took the Federalist[22] or laissez faire form, historically Americans have been ill at ease with centralized authority. In practice and rhetoric, market and individual freedom have been inextricably linked.
    
    
12. However, because of the severity and length of the Great Depression in the 1930s, government welfare programs and government intervention in the market both increased significantly. The suffering experienced in the Great Depression further reinforced popular support for social welfare programs. For many, the recovery attributable to Franklin D. Roosevelt’s New Deal initiatives established a new found faith in government regulation of market mechanisms and political support for the establishment of a mixed economy and the institutionalization of government programs guaranteeing social insurance and concomitant redistributive or transfer payments to support those programs.[23]
    
    
13. Where the Social Justice movement and the Progressive Era of the early twentieth-century began to set the tone for liberalism,[24] the strong presidencies of Theodore Roosevelt and Woodrow Wilson gave way to a burst of centralizing legislative activity which also marked Franklin D. Roosevelt’s New Deal, Harry Truman’s Fair Deal and John Kennedy’s New Frontier.[25] During the period following World War II, the American political and social order continued to be characterized by a schizophrenia on a number of national issues such as the relationship of government to the economy, the proper size of the welfare state, and the scope of labor power in business.[26] But, with the support of the Truman administration, increasingly labor began to hold sway in the debates surrounding economic regulation such as tax reform, unemployment insurance, minimum wage and the continued existence of the Office of Price Administration.[27]
    
    
14. Where the post-war period was marked by a burgeoning economy,[28] the 60’s were marked by social and political turmoil and activism. During both periods, government agencies were established and reorganized at a brisk pace.[29] Government found itself funding higher education through the GI Bill and health and social welfare through Social Security payments, such as Old Age benefits, Survivors and Disability insurance, Aid to Families with Dependent Children ("AFDC") and school lunch programs. Consumer protection legislation spawned public and private organizations for enforcement. In total, the initiatives, legislation and government spending combined to cement the growth and institutionalization of a massive administrative/regulatory state.[30]
    
    
15. As Frances Fox Piven and Richard A. Cloward have convincingly argued, the political and social turmoil and public aid revolt found its response in Lyndon Johnson’s Great Society program and War on Poverty, arguably the apogee of government intervention.[31] Through a mix of new laws and regulations, Johnson simultaneously gave previously unrecognized groups of citizens new rights and entitlements and expanded the federal government’s role in protecting and administering those rights and entitlements. Johnson launched a war on poverty that writer Nicholas Von Hoffman has referred to as the nation’s second Civil War and Reconstruction.[32] Johnson secured the passage of the Voting Rights Act, a fair immigration law, legislation strengthening cancer and strike research, installed the Medicaid and Medicare programs and tightened pollution controls.[33] These initiatives built upon, and furthered, the belief that government had a responsibility to protect and play a larger role in the lives of its citizens. Although marginally diluted by President Nixon, this basic liberal bent towards welfare interventionism and market regulation remained extant through the Carter administration.[34]
    
    
16. On January 21, 1981, in his inaugural address, President Ronald Reagan stated, "government is not the solution to our problem."[35] With those words, at a minimum, Reagan set the stage for the predicament we currently find ourselves in with regard to privacy rights in cyberspace. According to Reagan, "outside of its legitimate functions, government does nothing as well or economically as the private sector."[36] Ideologically, Reagan, and the men around him, believed in rugged individualism, survival of the fittest and the primacy of an unfettered and unregulated free market to solve the nation’s ills.[37] Not since the New Deal had a group entered office with such a determination to remake the American political and economic system. Their economic philosophy not only changed the way the economy had been run in the United States since the New Deal, but was arguably the biggest development in American economic philosophy since Keynesianism. Over the next 12 years, Reagan and Bush set about dismantling the web of regulation and bureaucracy spun over the previous six decades.
    
    
17. Throughout the 1980s, Reagan and Bush slashed funding and curbed the regulatory power of many governmental agencies such as the E.P.A., S.E.C., F.C.C. and H.U.D. Reagan and Bush also deregulated and privatized a number of industries including communications, utilities and transportation. Rhetorically, at least, the Reagan/Bush era stood for a time of deregulation and increased distrust of government.[38] More importantly, during the Reagan/Bush era the ideological baseline returned to the laissez faire individualism of the early twentieth century. Again, free markets were trumpeted, a resurgence of Social Darwinism rationalized deregulation and decentralization, and proposing a regulatory solution to negative externalities became tantamount to political suicide.

    IV. Digitarianism

18. At some point in this narrative, the contemporaneous digital and Reagan revolutions became intertwined. For better or worse, the confluence of these revolutions, especially among Netizens and with regard to cyberspace, has been marked by the emergence of a fervently libertarian political and ideological culture that is increasingly rhetorically dominant.[39] John Gilmore’s, "[t]he Net interprets censorship as damage and routes around it," and Stewart Brand’s "[i]nformation wants to be free," statements became mantras for the space. Several quotes from the January 1998 issue of Wired magazine, The State of the Planet 1998, further illustrate the continuing trend and ideological understanding: "Networks are inherently decentralizing and anti-hierarchical . . . . Networks tend to leach power out of traditional institutions, including electoral politics and the state."[40] According to the digitarians, technology has evolved to the point where government regulation is superfluous.[41] Moreover, in the eyes of both the cyber-intelligentsia and the average citizen, Big Brother is not to be trusted, especially, with personal information. At a minimum, it is apparent that government is no longer welcome to protect personal information from private entities through legislative initiatives. On a macro level, the conjunction of the dawning digital revolution, as embodied by cyberspace, and the vestiges of the Reagan revolution, reveals that the debate surrounding this particular issue may be indicative of a larger debate surrounding the future of government regulation in, for want of a better term, the post-technopolitical age.[42]
    
    
19. As cyberspace presents so many new legal issues and problems, it has quickly surfaced as the place where the regulatory debate is most heated. Yet the traditional regulatory debate has become so recast that it appears increasingly schizophrenic. For example, when the Clinton administration attempted to extend government protection to intellectual property rights on-line, sharp criticism rapidly descended from the both sides of the political spectrum. Immediately, Wired folk, such as Stewart Brand and John Perry Barlow, a former lyricist for the Grateful Dead, and right wing intellectuals like George Gilder of the Manhattan Institute, and Newt Gingrich adviser, found themselves in the oddest of alliances.[43] Even President Clinton, who three years earlier brazenly called on Congress to pass legislation to establish the information superhighway and wire every classroom, moderated his interventionist position and announced a "hands off" policy for cyberspace.[44] Governments, according to Clinton's new understanding, should not "stand in the way" of the Internet, but instead they should simply enforce "a predictable, minimalist, consistent and simple legal environment for commerce."[45]
    
    
20. Until this point in the United States, the libertarian argument, embodied by the industry and digitarian understanding, has successfully resisted the application of government regulation aimed at enhancing informational privacy. There can be little doubt that relative to the informational privacy rights of consumers, our legislators have assigned greater value to the laissez faire principle and ideology. The comments of Robert Potsch Jr., a Vice-President and Marketing Law specialist at Doubleday, illustrate the common foundation of the industry’s and legislators’ baseline positions on the existence of privacy rights in personal information. Posch vehemently argues that protecting consumer privacy is antithetical to the comprehensive development of cyberspace and the success of the information intensive industries that support it. He states that "[t]hose advocating the restriction of aggregate data to satisfy an imagined problem could take us out of the leadership of the 21st century economy [because] reducing privacy burdens on the free flow of information is the surest way to stimulate the information economy."[46] Indeed Posch mockingly says "[privacy is] the ultimate subjective, touchy-feely issue, . . . just some notion of the right to be left alone. Spare me."[47]
    
    
21. While the rhetoric and practice of "self regulation" has carried the debate, it comes at a price to informational privacy. The result, at least for now, is that we find ourselves caught in a straightjacket: on balance, we no longer trust government regulation to enhance much of anything,[48] let alone privacy. And, increasingly, we are rapidly discovering that private industry, and its bottom line, is not much better. A study released in March 1997, by the Boston Consulting Group, revealed that 41 percent of Internet users avoided sites that requested personal information, out of a concern for how the data might be used.[49] According to the 6th annual World Wide Web survey run by the Graphics, Visualization and Usability Center of the Georgia Institute of Technology (commonly called the Annual GVU Survey), 70% of consumers surveyed cited privacy concerns as their primary reason for not registering demographic information with Websites on the Internet, and 86% of consumers surveyed expressed a desire to control the use of their demographic information.[50] Another study commissioned by TRUSTe confirmed these findings. In its study, TRUSTe learned that 78% of individuals surveyed would feel more comfortable in providing information over the Internet when visiting sites that provide privacy assurance.[51]
    
    
22. Thus, as individuals become more opaque in cyberspace and companies, employers and governments become more invisible and anonymous, we begin to perceive and understand the effects of a demise of trust: gone are the previous generations that grew to trust government and, increasingly, gone are the consumers and employees that grew to trust corporations, employers and the invisible hand of the market. As cyberspace is an inherently social construct,[52] the most frightening aspect of the debate may well be that from our position on the cusp of the information age, and at the end of the Reagan Revolution, where and how we find balance on these continuums and issues, however, delicate they may be, descends to the level of debating, defining and assigning value to personal privacy, technological advancement, economic efficiency and profiteering. The decisions are ours alone to make; the problems ours to solve.
    
    
23. In a sense, the entire cyber debate might be recast into a wider debate on post-technological politics. In that regard, any workable solution to the problem of privacy in cyberspace must be free from the rhetoric, fears and perceived realities of Big Brother and the bottom line. In the following, I will argue that while the information we seek to protect may be binary, the options for doing so are not. In particular, potential solutions lie beyond the artificially limiting dichotomy that pits governmental regulatory intervention against laissez faire market solutions. Until we shift the contemporary debate away from that dichotomy, informational privacy will erode at the pace of technological development.
    
    
24. To facilitate this arguably more fruitful discussion, I will begin with an in-depth analysis of the emerging technological methods for collecting, storing and processing, and using personal information.[53] I then argue that the current regulatory debate and attempts at enhancing informational privacy incorrectly focus on regulating the use of information. I will use several statutory and common law proposals and examples to illustrate the deficiencies of focusing on data use. Thereafter, I will present a proposal for refocusing the regulatory debate on the collection stage of personal information. By combining the positive characteristics of market based and regulatory approaches, the interaction between consumers and the personal information industry will ideally lead to the realization of the commercial potential of cyberspace while still maximizing informational privacy. Finally, I will suggest that the privacy debate in cyberspace is a model for a wider reformulation of the blurring polarities of governance.

    V. A Digital Taxonomy

25. The collection and use of personal information is not a modern phenomenon. Historians document that as far back as the eleventh century, monarchs collected information on their subjects for the purposes of planning taxation and other state affairs.[54] William the Conqueror, for example, collected information on his subjects in the Domesday Book.[55] First, William’s assistants collected information about the subjects via interviews and observation, and stored this information in the Domesday Book using pen, ink and vellum. His aides used a ledger system to organize the data. Because they had organized the raw data, William’s servants were able to levy taxes using the information in the Domesday book.[56]
    
    
26. Up until roughly twenty years ago, the collection, processing, storage and use of personal information was similar to the method used to compile the Domesday Book. It was time consuming, subject to broad error and relatively expensive. In fact, other than the means of collection and modes of processing, little has changed in the method of collecting and utilizing personal information.
    
    
27. Although modern processes remain similar, contemporary technological advancements have resulted in greatly enhanced storage capacity, retrieval speed, processing and utilization of personal information. In fact, the whole process has become so efficient and integrated that it is often impossible to separate it into its component parts. For example, online technologies like Double Click network are capable of rapidly collecting information (reading a Web site visitor’s consumer information and preferences), processing it (statistically correlating it with existing information), storing it in databases and using it (supplying the Web site with advertising tailor fitted to each user’s personal profile).[57] Like the machine and programs at the heart of data collection, filtration, storage and utilization, the process is contingent and iterative, characteristically defying simplistic categorization. However, analysis of each of the component parts of the personal information system is still the best way to understand the entire process of information collection and use.

    A. Collection

28. While the methods of collecting personal information, or data, are complex and varied, there are essentially two modes by which information or data is gathered.

    1. Traditional Collection

29. For lack of a better term, I call the first, and foundational, method, traditional or "ask and answer" collection. Traditional collection requires an affirmative step on the individual’s behalf, which usually insures that the individual is at least aware that information collection is occurring. A consumer, employee or citizen, either voluntarily or necessarily, provides personal information when she registers, applies, enrolls or requests information, products, services or jobs.[58] Information is transferred via a number of media and usually flows from the consumer, citizen or employee in writing, orally or by depressing computer keys, telephone dialing pads or touch screens, often in response to questions or requests for information. The nature of the information collected and the methods of collection are numerous and familiar and vary with collector and motivation.
    
    
30. Government,[59] for example, gathers a tremendous amount of information through the traditional method. Virtually all American citizens and immigrants apply for a Social Security card, visa or green card. It also assigns other numbers, locators and indicators. Most people over a certain age have a driver’s license, passport or some other form of official identification. Taxpayers fill out tax forms such as the 1040EZ and W4. Americans apply for tax extensions, food stamps, Social Security or disability benefits, financial aid, GI benefits and disaster relief by filling out forms. They apply to, and enroll in, public elementary schools, state universities and community colleges. They register for the selective service and some register to vote. In 2000, the federal government will conduct a census, which will provide it with volumes of demographic information regarding the religion, race, age, number of children, socio-economic status and geographic location of the population.
    
    
31. The government gathers information primarily for the purpose of administering bureaucratic functions such as Social Security, taxation, Medicaid, Medicare, transportation, commerce, national security, education and welfare. A 1986 study by the U.S. Office of Technology Assessment (USOTA) revealed that 12 government agencies maintained 539 records systems classified under the Privacy Act,[60] which contained more than 3.5 billion records, 60 percent of which were computerized.[61]
    
    
32. Private industry, usually corporate entities, also uses traditional methods of collection. Consumers apply for credit cards, membership in promotional programs and frequent buyer programs, subscribe to magazines, register for access to websites and enter contests. Doing so inevitably requires certain information such as name, address, Social Security number, place of employment and/or a reference. Consumer surveys and warranty cards request information about consumer preferences. Magazine subscriptions require name, address and often age. Registering a new Web browser requires a name or alias, e-mail address, age or date of birth and a password. Occasionally, consumers answer long consumer surveys or participate in polls. Sometimes they are paid for this information with coupons, free tee-shirts, prizes or money back refunds. Usually, however, if consumers do not provide the information, they will not be granted privileged use of the service or product.
    
    
33. Moreover, products and services are increasingly becoming contingent. Certain products and/or services are prerequisites for others, making the cost of exit or foregoing the product or service higher.[62] For example, video rental stores often require prospective members to provide a credit card number before they will issue them membership cards. As a result, choosing not to provide information to credit card issuers could mean that an individual not only does not have access to a credit card, but also cannot rent movies. Video rentals are but one example of a contingent service. Others can affect an individual’s career or health insurance.
    
    
34. Until recently, perhaps, the greatest source of personal information available to corporations and the government was the information available to them as employers. Employers require employees to fill out applications, reports, timesheets and surveys for health care, employment, payroll purposes and employee performance and satisfaction.[63] Now, however, the greatest sources of information are information clearinghouses, list brokers and the like. This might indicate that buying and selling personal information has proven more valuable than knowing your employees.
    
    
35. Generally, traditional methods are slow and inefficient. Filling out a card or bubble sheet and mailing it to an address to be processed takes time and considerable expense. In addition, the information, or data, is still raw, and for the most part worthless. After it has been processed, digitized, or, that is, after it enters cyberspace, the information becomes more valuable because it is "understood" and inexpensively and efficiently transferable. Currently, information collected, even via the traditional method, is rarely collected in raw form. Rather, the information goes from the consumer’s, employee’s or citizen’s possession directly to cyberspace via some networked gateway technology such as a computer terminal, telephone or other numeric keypad. More importantly, once it is digitized, information derived from small or specialized applications, surveys or registration forms is combined with more in-depth information previously collected, such as census information or lengthy consumer surveys.

    2. Transaction Generated Information

36. The second, more efficient method piggybacks on traditional collection methods. In this process, called transaction generated information (TGI), the individual interfaces directly with cyberspace through one of a variety of networked technologies. A person may establish a modem link via a desktop computer, dial a telephone number, slide a bank card into an ATM, purchase something such as gas or food with a credit, frequent shopper or debit card, clock in at work, enter a library with a student identification or even vote. In the vast majority of these situations, the user, consumer, employee or citizen has already been through some strain of traditional information collection. The person might have filled out an application to open a bank account and received an ATM card, registered at a particular Web site and received a cookie.txt file or filled out the preference information on their Web browser, signed up for a frequent shopper, library or Diner’s club card, filed their W2 or Social Security application form, or agreed to have a Nielsen rating box in their home. Just as each traditional method requires different information, each transaction varies as to what information is collected, how it is collected, and to whom or what the information is connected. While nuanced, TGI is built on the concept of universal identification.[64]
    
    
37. Just as consumers identify themselves through, or in contrast to, certain causes, religions or ideologies, they are identified by much of what they carry in their wallets, store in their computers and, eventually, by their fingerprints. Ultimately, the "ask and answer" method of data collection produces identifiers. Each new sign up, application or registration creates new identification numbers or symbols like credit card numbers, Social Security numbers or aliases and passwords. The human corpus does not currently digitize well, but people are linked to identifiers that do. In sufficiently complex networks, identifiers link individual transactions to a stored body of previous transactions and information. Increasingly, one identifier links to previous identifiers and the body of information grows with each successive transaction. For example, imagine that Bob purchases a new maroon blazer from the Gap with his recently acquired Gap charge card. Perhaps, Bob's first identifier (the Gap identifier or charge account number) links to his bank account number, which then links to his credit card number, and all the corresponding information. The credit card identifier might, in turn, be linked to a Social Security number, and, thereby, Bob's census, IRS, health, insurance, spring break arrest and employer information. Although this information may be linked using a single identifier or series of connected identifiers, individual information providers, like the Gap, might not have access to all the information contained in other information providers’ database. However, the more seamless the network is the more seamless the ascertainable informational profile of Bob will be. From income to religion, as long as the marginal utility of the information is more than the cost of ascertaining it, the information can and will be collected and employed.
    
    
38. Another example of TGI is known as telephone transaction-generated information (TTGI), TTGI is information generated by telephone usage and transactions related to telephone services.[65] In addition to information about telephone subscribers generated by the application forms and billing information, call-detail records provide comprehensive and potentially useful information about individuals. Information generated by "exchange and interexchange phone calls [includes] the date and the time of the call, the number called, the calling number, the geographic location or address of caller and call recipient, the duration of the call and the charge."[66] Consumers and businesses most commonly make use of this information through caller-id.
    
    
39. A routine cyberspace example of TGI helps to complete the collection picture. The last time I visited the Center for Democracy and Technology’s Website at http://www.13x.com/cgi-bin/cdt/snoop.pl from a law library computer, the exchange proceeded as follows:
    
    
40. Hi! This is what we know about you:
    
    
41. You are affiliated with Harvard University
    
    
42. You are located around Cambridge, MA
    
    
43. Your Internet browser is Mozilla/4.02[en]
    
    
44. You are coming from langopen2-13973.law.harvard.edu
    
    
45. I see you’ve recently been visiting this page at www.cdt.org
    
    
46. Someone in the computer center input this information into the Netscape browser on the library’s computer network. When I visit the same site from my laptop computer, the information known and, theoretically, collected refers directly to my home address, personal e-mail, and other personal data. Each time I enter and exit the site, the information bank grows in direct relation with the sites previously visited.
    
    
47. Of course, if you know that the information is being collected, or generated by your transaction, you can thwart information collection by visiting an anonymizing site[67] when you first login, by not filling out, or filling out with false information, your browser preferences,[68] or by abstaining from the transaction. Here the fundamental difference between TGI and the traditional method becomes apparent in that the TGI is collected silently. Given the recent flood of press attention devoted to this phenomenon, more and more people are aware of the collection of TGI. Unfortunately, as users gain awareness and engage in blocking or other techniques to avoid collection, the collection technologies gain the equal and opposite sophistication. What results is a tug of war, a technological arms race wherein capital remains elementary.
    
    
48. Since the portals to cyberspace are currently varied, identifiers are similarly varied. Eventually, all identifiers, and identification technologies, might collapse into one. Perhaps it will be a digital fingerprint or handshake. Placing your thumbprint to a screen might allow you to pass your resume to a potential employer, purchase a smoothie with funds automatically deducted from your checking account or make reservations at your favorite trattoria. Until that time, we will continue to have many identifiers, and a variety of technologies will be required to read and digitize the information. Frequent shopping cards may continue to depend on bar coding and UPCs, while credit cards continue to employ magnetized strips. Certain supermarkets may also continue to be unlinked to popular (ATM) networks such as Plus, Cirrus or Most. A greater number of dead-ends on the network may mean greater information privacy for consumers since businesses will be unable to link information that they have gathered with other information. Unfortunately, dead-ends, or disconnects, also force consumers to carry many cards in their wallets and PINs in their heads.
    
    
49. Before moving on to processing, storage and use, it is important to briefly elaborate on the other side of the collection coin--the benefits to consumers of collection through identification. Primarily, identification mechanisms enhance efficiency by saving consumers time in situations which require screening and authentication. Instead of having to produce your driver’s license and a major credit card every time you go shopping with a personal check or facing a teller every time you want cash, you simply scan your shopper’s card or insert your ATM card. Every time you revisit www.thenewrepublic.com, you do not have to reenter your address, name, password and age. Rather, the New Republic’s server recognizes your cookie.txt file and welcomes you back. With time, these technologies will only get better. One really smart card might someday contain all the essentials, including passport, credit cards, bank cards, frequent shopper’s cards, driver’s license, digital cash, Social Security number, automatic tax deductions and exemptions, bookkeeping functions and even pictures of the kids. Perhaps, more importantly, the card may enjoy military strength encryption and a digital fingerprint, rendering it useless to anyone other than its owner. Back in real space, however, the principal dividends from direct marketing and advertising, such as coupons and other incentives, are currently available to consumers only after the information has been processed.

    B. Storage and Processing

50. As explained above, William the Conqueror understood that the data he collected was essentially worthless until it was organized, processed, sorted or understood. Organization adds value to raw data. A tidy, alphabetized file cabinet is infinitely more valuable than messy, coffee stained stacks of the same documents. Depending on use, the same principles apply to information that is sorted according to age, name, zip code, religion and race. Data correlated by the same factors would, in theory, be more valuable still.
    
    
51. Typically personal information is processed and stored in databases simultaneously. Personal information, or data, can be stored in any number of forms and repositories. File cabinets, punch cards and ledgers were rudimentary storage vessels. For the most part, they were relatively labor intensive, slow and spatially inefficient. The data sector subsequently embraced vast storage capacity and instantaneous retrieval. Magnetic tapes and mainframes gradually replaced file cabinets and ledgers. Currently, the bulk of information worldwide is stored in computerized database systems. A database is nothing more than a horizontally structured and vertically integrated collection of information.[69] Database management programs or systems (DBMS) became readily available to large businesses in the late 1970’s. By the early 1980’s, many of the programs were inexpensively available for microcomputing systems. DBMS computer programs automated filing in virtual cabinets inside computers with what seemed like endless capacity. Storage and retrieval of data similarly became amazingly efficient. When a user retrieved information, the computer provided her with a copy of it and the original data remained safely in the database. Data and records could be used in several locations simultaneously and, depending on the network, utilized worldwide. Again, DBMS’s were more than just storage units, because the programs could collect information as well as process it.
    
    
52. Increasingly, databases are networked. For example, the U.S. Government has networked the databases of the Customs Service, the Drug Enforcement Agency (D.E.A.), the I.R.S., the Federal Reserve and the State Department.[70] Additionally, the Counter Narcotics Center combines the database power of the F.B.I., C.I.A., D.E.A., National Security Agency, the Department of Defense, State Department and Coast Guard.[71] The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has compiled a large and sweeping database to combat money-laundering activities.[72] To some extent, market forces delimit the networking of databases in the private sector. However, a great deal of centralization has effectively taken place because of the tendency of the industry to move toward oligopoly[73] and because almost all private actors buy and sell information lists, archives and datasets with increasing frequency. This creates, to the extent that public and private databases are networked, the gradual ascendancy of one central database. This trend, in turn, enhances the ability to assemble broad-based information selectively or to correlate existing information. One author’s description of this as "functionally the equivalent to the ability to create new information," illustrates the blurring of the lines between the storage, collection and processing of personal information.[74]
    
    
53. For data to be processed and stored electronically, it must be readable. Thus, data that is collected in non-digital form must first be digitized or turned into binary code--computer-readable bits of information. Depending on end-use, digitizing proceeds upon a predetermined model or program (DBMS). Utilizing any number of rubrics, technologies, processes, software programs or hardware systems, raw information/data is assessed, labeled, classified, categorized, zoned, sorted, matched, clustered, segmented or filtered. In the simplification process, the collected information is assigned a numeric value and sorted accordingly. For example, a survey might ask consumers to respond to three questions: (1) age, (2) income and (3) toothpaste preference. Given five age ranges, six income brackets and four brands of toothpaste, the information in age might be assigned a signifier of 1-1 through 1-5, income 2-1 though 2-6, and toothpaste 3-1 through 3-4. After assigning numbers to all the possible answers, the program might then sort all the responses into categories. Depending on the results sought by the commissioner of the survey, the program would then compare, correlate or regress the categories. Eventually, the results will be analyzed, either by the computer or, in this case, a marketer. The results might indicate that individuals in categories 1-3 and 2-4 buy almost no 3-3. While this may be enough for some enterprises, the sorting, however, does not necessarily stop there. Rather, the results and possibilities increase in complexity and value in direct relation to enhanced processing procedures.
    
    
54. A fuller understanding of the storage and processing of information requires a rudimentary comprehension of computer software and hardware. Computers essentially process information in the form of two electrical impulses, on and off. Each electronic impulse is read as a number, 1 (for "on") and 0 (for "off"). By translating the electronic impulses, or information, into a series of 1s and 0s, computers are capable of performing mathematical operations.[75] Early computers contained circuitry designed, or were "hardwired," to perform specific tasks. For example, in 1946, one of the very first computers, the Electronic Numerical Integrator and Calculator ("ENIAC") consisted of 18,000 vacuum tubes, 6,000 switches, 10,000 capacitors, 70,000 resistors, and 1,500 relays. The computer took up 1,800 square feet space.[76] The ENIAC was basically a supercharged calculator, performing 5,000 calculations per second, a thousand times faster than any previous calculator.[77]
    
    
55. Modern computers, especially personal computers, are required to perform a number of tasks that require a high degree of flexibility. As hardwiring limits flexibility, most computers are hardwired to perform more general functions and depend on software programs for more specific, detailed instructions that direct a computer’s hardware (central processing unit (CPU) and memory) to produce certain results or perform specific functions such as data processing and storage.
    
    
56. The two most important components of databases and database technology are storage and processing/utilization. Databases as storage units hold data on entities and transactions of different typology and allow the retrieval of mass quantities of information. Relational databases, such as Oracle’s main product, hold data in simple structures called, variously, "records" or "rows," each of which contains a subset of "fields." A database of people, for example, might contain a number of records or rows, each of which would also contain a number of fields for name, birth date, address, sex, telephone number, etc. Some database fields are "references" to entire records in the same or alternate databases. In this manner, for instance, the employer field in a person record might reference a large record in a company database. More cutting edge "object" databases hold data in less rigid structures, allowing for easier modeling of complex data relations, sometimes at the expense of data retrieval efficiency.
    
    
57. The utilization of data stored in databases is more complex, though storage is ultimately designed with an eye toward process and function. In general, there are two types of data utilization techniques: store and query. Storing data occurs either upon the creation of a record or in the modification of one or more of a record’s fields. This is relatively simple, though many database products offer tools for designating how users enter the data to be stored. Data queries might take milliseconds or months to complete. A typical query might ask, "Give me a list of all persons who work for a company headquartered in Canada, and give me an average of their salaries by industry. Sort the persons alphabetically by industry, then by company, with the industry sorted by gross sales highest to lowest, then alphabetically by last name." Implementing this query might require accessing a number of different databases and a great deal of sorting and applying selection conditions. All database products come with means to enter such queries (relational databases conform to a particular query language called SQL) and return results. The means of presenting these results in terms of reports, charts, graphs, etc. is another aspect of data utilization. A result of a query might also be used to drive programs to take one fork rather than another. And, of course, it is important to optimize the query processing, as users desire efficiency in response time and storage.
    
    
58. Thus, a database system is a combination of hardware, software and a compilation of coded data known as the database.[78] Hardware is required to store the database and to process or manipulate the data according to the dictates of the software. Hardware runs the gamut from powerful mainframe computer systems to networked desktop models. The database itself is made up of previously processed files that contain related records. Each data record is further divided into subfields, by DBMS generally according to mathematical formulae or algorithms. The file organization and storage capacity are inextricably linked in terms of capacity and speed of recovery. Databases are designed to minimize the time required to access, retrieve or update the records and to minimize the database’s storage space. A database system provides efficient access to large amounts of information and allows users to manufacture new arrangements, configurations or sorts based on evolving software inputs.[79] Although discussed more in-depth below, the newest, cutting edge database processing programs in cyberspace are called intelligent agents or bots. Many agents depend on a patented algorithm called automated collaborative filtering (ACF).[80] After a user completes the threshold ask and answer form, the user interfaces with an "agent." Utilizing the baseline information and the TGI, the collaborative filtering sorts data in much the same way that William’s civil servants did--assigning, averaging, correlating and memorizing numbers, symbols and/or values. However, ACF is different from traditional techniques because, it correlates the data by juxtaposing incoming information, such as opinions, tastes and preferences gathered by the intelligent agent, with previously filtered information (first from this particular user and then from all other users) stored in company databases. The "strongest," or highest significant positive, correlations are returned to the user, with the significant correlations, in one instance, translated into recommendations or "intelligent information." This loop back feature opens a line of communication between the user and storage unit mediated by the (pre-programmed) filter or sort. The more data it receives, the smarter it gets. The more an individual clicks, the more complete the filtration becomes. In theory, every option selected by the user is another step towards the essential categorization and storage of the user's self. Again, because agents are networked devices, the access, collection and utilization of "intelligent" personal information increasingly becomes unlimited.
    
    

    C. Use

59. Once the raw data has been processed and stored, it is ready for use. Just as William used the information to increase his revenue from taxation, the manufacturer of toothpaste 3-3 (the commissioner of the survey in the example above) will logically change marketing strategy according to the results of the survey. Perhaps, it might start targeting the 1-2 and 2-4 niche, get a new advertising agency or write the group off altogether. After it has been processed and stored, the information becomes more valuable in terms of what it illustrates and predicts. Currently, the most widespread use of collected and processed information is direct marketing done with products from list vendors.
    
    

    1. List Vending and Direct Marketing

60. David Shenk traces the ascendancy of list vending, and niche marketing, back to Claritas, the market research company founded by Jonathan Robbin.[81] In the 1970s, Claritas invented direct marketing. In direct marketing (also known as niche-marketing, one-to-one marketing, relationship marketing, loyal marketing and dialogue marketing) goods, services, ideologies or opinions are positioned to appeal to small, defined groups, previously identified by demographics. Marketing and advertising are tailored to these audiences and placed in media outlets that, based on previous data analysis, each particular audience is known to frequent.[82] It seems foreign to the modern observer, but in the recent past, Ivory soap, Fruit Loops and STP were targeted only at the general audience listening or watching a particular program. Niche marketing was not yet widely used. Technological innovations led to the development and management of electronic databases on consumer behavior that perform statistical analysis of that data and determine the precise geographic location of consumers. In 1976, Robbin introduced the PRIZM database, a comprehensive geo-demographic analysis tool of amazing complexity and ability. The database was organized on a set of refined algorithms designed to extract the statistically relevant similarities between demographic information and geographic location nationwide, enabling the organization, and segmentation, of a nation into the sum of its ideological beliefs and consumer habits.[83]
    
    
61. Currently, list vendors compile information by buying, selling and trading lists from a variety of public and private sources. Given the raw data, they simply process or reprocess (using a variety of "enhancement" techniques) the information to produce "new" lists tailored to specified interests. Lists can be obtained for virtually any category of consumer or belief. Conceivably, there are lists of expectant mothers and their due dates and lists of middle class (above $75,000 in annual salary) Latino men under 6 feet who voted Republican in 1988 and drive European sports cars originally purchased for over $50,000. You name it, they list it.[84] And, if they do not, they’ll figure out a statistically persuasive argument for why another list is predictive or indicative of what a list buyer is searching for.
    
    
62. As described above, both list vending and direct marketing are big businesses. There are a number of firms that specialize in selling lists of tailored information that can be used by businesses in conjunction with existing internally gathered information. Donnelly Marketing Information Services, a division of InfoUSA, sells access to a database covering 200 million U.S. households.[85] Subscribers to the information can generate profiles of consumers according to demographics, life-styles, and retail expenditures, such as mail responsiveness, credit worthiness, vehicle information, financial investments, hobbies, occupations and census demographics. The other major players in this domain are the credit reporting agencies, Equifax, TRW and TransUnion, which maintain files on more than 90% adult Americans.[86] Numerous other agencies offer similar information products.
    
    
63. According to the Direct Marketing Association (DMA), the largest trade association for businesses engaged in database marketing, manufacture and collection, with more than 3600 member companies from the United States and 47 nations worldwide,[87] over 50 percent of direct marketers use the Internet and Web for advertising and 48 percent actively mine the membership rosters of major computer online services for e-mail addresses and other information.
    
    
64. Lists, polls, surveys and data enhancement services drive virtually all advertising and marketing nationwide. Personal information is at the backbone of everything from telemarketing to the President’s radio addresses. At a point, the information becomes self-reinforcing, an autonomous referent.

    2. Intelligent Agents and Push Technology: Cyberapplications

65. Intelligent agents, push technologies and other cutting edge cyberspace technologies have been referred to as "direct marketing on steroids."[88] While the paradigm is analogous to direct marketing, push and agent technologies are more efficient and have a greater potential to reach consumers. These technologies, in a certain sense, have aptitude, an ability to learn as they iterate.[89] They keep the data channels open and information constantly flowing in both directions. The more you use your agent, the smarter it gets. The smarter a consumer’s agent gets, or the more she receives pushed content, the better it will serve her and the more she will use it, until eventually, according to Kai G. Wussow, a director of Eutelis Consult, a German consulting firm, "[the marketers, advertisers, list vendors, etc.] know what [she] like[s] to have better than [she] do[es] [her]self."[90] However, current e-commerce companies have been criticized for not utilizing the power of agents and the most interesting work on agents is still being done in labs.[91]
    
    
66. In strong form, agents will memorize, and process, every mouseclick and purchase, and the amount of money and time a consumer spent doing so. Agents take note of a consumer’s reading material and her correspondence, including the most frequent e-mail addresses, coming and going. They memorize each piece of information and tirelessly compare and contrast the next.
    
    
67. Agents come in all shapes and sizes. Some are programmed to act like humans. Behind the facade, agents are sophisticated programs interfaced with powerful computers and databases. Some agents are sedentary, in that they remain on a particular server and scan the desktop for aberrations such as viruses or notify the user of abnormalities like unsaved revisions. Other agents roam cyberspace searching for information that their users have requested or that the agent deems the user might want.[92]
    
    
68. Analogous to the DBMS’s, agents filter information. The difference being, agents are personalized, they work closely with their subject. For example, a consumer could conceivably program her agent to find and purchase seats to an upcoming opera. The agent, having access to her personal digital assistant ("PDA"), would check her calendar, find the cheapest available seats, purchase the tickets and e-mail her.
    
    
69. Push technologies are based on similar technological innovations. In 1997, Wired Magazine broadly predicted that the Web browser would soon be replaced by push technologies.[93] While thus far push technology has not fulfilled analysts’ initial high expectations,[94] some commentators have recently declared that push technology is staging a comeback, because of the emergence of new more viable business models.[95] Furthermore, personalized services from web portals, like Yahoo!’s My Yahoo! service (http://my.yahoo.com) and Netscape’s My Netscape (http://my.netscape.com), also allow individuals to make selections about what push content they would like to receive. Wired initially argued that the noise and congestion on the Internet that diminished its utility could be avoided via push technologies such as PointCast.[96] Push technology, like intelligent agents, revolves around customer profiles. The user sets a profile of what interests her and the push programs do the rest. Each time the user logs on, an identifier trips a certain profile and the program starts grabbing content and advertising, targeted, or filtered, according to the user’s profile. The push programs will monitor pull and push practices, gaining intelligence while manufacturing data commensurate with use. Filtering processes, again, are fundamental to the technology. They use the same model as the direct marketers, yet the channel and connection are always open and literally one to one.
    
    
70. The marriage of agents and push will offer companies the ability to inexpensively gather data far more detailed than the standard Madison Avenue demographic fare of consumer ZAGs (zip code, age and gender). As John Sviokla, a marketing professor at Harvard Business School, proclaims, "[i]t’s a fundamentally cheaper way to identify customers, sort them, and sell to them."[97] However, agents and push do much more than Sviokla suggests. They create a fundamentally different paradigm in marketing. Push and agent software no longer offer products to people, but rather people to products--a potentially more efficient manner of consumption.
    
    
71. A glance back reveals how far we have traveled. Traditionally, data collection and employment was product oriented (PO). Essentially, marketers reverse-engineered information regarding customer choice to infer why customers’ decisions were made. Advertisers then used available demographics to further understand whether a particular class of consumers might prefer one product over another.[98] This is rapidly changing.
    
    
72. Today agents and push technologies are still PO. However, their "P" stands for people not product. Eventually list vendors will sell people. No longer, will it be sufficient for marketing data to reveal aggregate ZAGs on who buys what and how much. Rather, agents and push will offer individual preferences and desires. People, through their intelligent agent or push preferences, will map their next purchase, the brand and how much they can afford. The only marketing that retailers will have to do will be buying consumer preferences, locating the person and selling to them at a price they can afford. In the future, people may not need to self-consciously create their own images. Instead, direct marketers will be able to appeal to their true personaes and unconscious desires through computer programs that analyze their credit card purchases, television viewing, movie selection and their taste in partners.
    
    
73. If this sounds impressive, we must also bear in mind that the real masters of the agents and the peddlers of push are the companies that wrote and patented the code or bought the company that did. More fundamentally, all the potentially sensitive information rendering agents intelligent and powering the push is secured in the purveyor’s databases. They own it.
    
    
74. Inevitably, popular articles discussing these new technologies and their potential either paint a rosy picture of a future so bright or a horror story of just how little personal privacy is extant.[99] The stories are commonplace: what happens when an employer, or, god forbid, your health insurer, finds out that an employee is interested in medicinal marijuana. While technological innovations have always spawned a mixture of fear and speculation, these technologies are not going to disappear. When they transcend the Web and find their way to the cyberspace inhabited by the rank and file--the ATMs, grocery stores, telephone, etc.--the real fun and problems will begin. The issue will then become finding a comfortable middle ground, a domain where the future is bright, but where some sort of protection salvages the requisite amount of shade for those who value informational privacy.[100]
    
    

    VI. Existing Legal Protection

75. The United States lacks a comprehensive or omnibus law to protect personal informational privacy. Rather, personal privacy rights in the U.S. are protected through a loose, and often ineffective, patchwork of Constitutional, statutory, common law and private sector guidelines, which at best provide piecemeal protection.[101] As will be discussed below, regulatory efforts have targeted the use or employment, as opposed to the collection, storage or processing, of personal information. The contemporary regulatory debate regarding methods for enhancing informational privacy also focuses on the identification and regulation of categories of malignant uses of personal information.
    
    

    A. Federal Statutory Protection

76. Absent omnibus protection of informational privacy, Congress has reactively passed piecemeal, industry-specific statutes and regulations to control the use of information according to the specialized intricacies and interests of particular industries and consumer groups. Because of the ascendancy of technology and the greatly enhanced capacities for storage, collection and use of personal information, this piecemeal and reactive approach is increasingly less and less effective in protecting consumers.

    1. Fair Credit Reporting Act

77. In 1970, Congress passed the Fair Credit Reporting Act ("FCRA").[102] The FCRA, perhaps the most comprehensive protection of consumer privacy rights, provides a list of permissible purposes for which personal information about a consumer may be released without the consumer’s consent.[103] For example, under the FCRA, credit agencies may furnish credit reports without the consumer’s consent under a number of circumstances (i.e, for the purpose of establishing an individual’s credit worthiness, employability or "other legitimate business need"). When credit is denied to an individual, the FCRA mandates that the user of the credit report supply the name and address of the credit-reporting agency and follow reasonable procedures to insure the accuracy of the credit information. Credit agencies must also have established administrative procedures for investigating disputes and alleged inequities. Certain "obsolete" information may not be disclosed, although the obsolescence threshold has been set exceedingly low.[104] It should also be noted that the FCRA only purports to regulate credit-reporting companies. Other than the laughable "obsolete" standard, the FRCA is silent on information regarding consumer preferences and purchases collected by or from credit agencies or card companies.
    
    

    2. Privacy Act

78. The primary instrument for regulating the information practices of the federal government, the Privacy Act of 1974 ("PA"),[105] is thought to have been passed in response to the excesses and abuses of Watergate.[106] Pursuant to the PA, federal agencies are permitted to collect and maintain records containing personal information to the extent that the information is "relevant to accomplishing" the agency’s purpose.[107] Information that is collected, however, must be maintained accurately and completely, and, where practicable, gathered from first parties.[108] Excluding seven classifications of records, primarily related to law enforcement and defense,[109] the PA specifically requires that every federal agency maintain a system to: 1) permit the individual to control disclosure of the information in the record;[110] 2) retain records of information that has been disclosed;[111] 3) permit the individual to review and maintain a copy of the information in the agency’s records;[112] and 4) allow the individual to request an amendment of information contained in an agency’s records.[113] These requirements, however, are diluted by the empowerment of agency heads to promulgate rules exempting any system of records within the agency from the reach of the PA.[114] Finally, because it applies only to governmental actors, the PA does nothing to restrain marauding private entities.
    
    

    3. Cable Communications Policy Act

79. In 1984, Congress enacted the Cable Communications Policy Act ("CCPA").[115] The CCPA requires cable television companies to provide annual notification to subscribers regarding the use and disclosure of their personal information.[116] Furthermore, the CCPA prevents cable companies from utilizing the cable system to collect or disclose personal information about subscribers without their consent except as required to render cable services or detect unauthorized cable reception, or pursuant to a court order.[117] Thus, a cable operator must destroy any information "unnecessary" for the purposes for which it was collected. Nonetheless, a cable company can distribute a mailing list of subscribers provided it allows each subscriber an opportunity to remove her name from the list.[118] While the remedies available to subscribers for violation of the CCPA include actual and punitive damages and reasonable attorney’s fees, these regulations may be easily circumvented since they apply only to cable companies. Thus, once a particular list has left the hands of a cable company these restrictions do not apply.
    
    

    4. Electronic Communications Privacy Act

80. The Electronic Communications Privacy Act of 1986 ("ECPA"), like the Communications Act of 1934, prohibits the unauthorized collection and recording of the contents of telephone conversations or data transmissions, including the contents of e-mail messages.[119] This statute provides only limited protection of personal privacy from the state, since it allows the government to seek a court order for a specified law enforcement purpose. The only bite in the statute comes from a provision prohibiting a public telecommunications service from disclosing the contents of communications or an electronic message without either the consent of one of the parties or an authorized law enforcement action.[120] While this prohibition has yet to be tested, a suit by a decorated Naval Officer, may shed some light on the statute and issues discussed herein.[121] The Naval Officer, Timothy McVeigh (no relation), was threatened with discharge from the Navy after a Naval legal officer acquired information from McVeigh's personal profile from America Online. In his personal profile, McVeigh listed his hobbies as "driving, boy watching, collecting pictures of other young studs," and his martial status as "gay."[122] McVeigh filed suit in Federal District Court in Washington against the United States Navy and America Online alleging, inter alia, a violation of the ECPA.[123]
    
    

    5. Video Privacy Protection Act

81. The media’s access to the list of videos rented by Supreme Court nominee Judge Robert Bork worried many members of Congress. Congress reacted by quickly passing the Video Privacy Protection Act of 1988 ("VPPA").[124] The VPPA is a criminal statute regulating the disclosure of information about videotape rentals. Specifically, the VPPA prohibits the disclosure of the title, description or subject matter of a film rented by a particular customer without written consent.[125] Names and addresses, however, are excluded.[126] Like other federal privacy statutes that regulate private businesses, the law only applies to a narrow category of information and a specific industry.
    
    

    6. Telephone Consumer Protection Act

82. The Telephone Consumer Protection Act of 1991 ("TCPA") [127] was aimed at the companies responsible for millions of dinnertime interruptions--direct telephone marketers. Under the TCPA, telemarketers cannot use automatic telephone dialing systems or pre-recorded voice messages to call patient rooms in health care facilities, emergency lines or any telecommunication receiver where the called party must pay for the call.[128] More substantially, the TCPA prohibits, with certain exceptions, pre-recorded calls to residential lines without the prior consent of the recipient.[129] The TCPA also empowers the Federal Communications Commission ("FCC") to further regulate calls to businesses and to exempt from liability certain non-commercial calls which would not "adversely affect" privacy rights.[130] Pursuant to the TCPA, the FCC is permitted to amass a database of telephone numbers of residential subscribers who object to receiving telephone solicitations, and prohibit unsolicited calls to persons listed in that database.[131] An interesting question remains: what statute would stop the FCC from selling a list of those names?[132]
    
    

    7. Proposed Legislation

83. In recent years there have been numerous legislative initiatives drafted to address the numerous shortcomings of existing informational privacy protection. Representatives have proposed bills expanding online privacy as well as bills protecting financial and health care related personal information. However, with, the exception of the Children’s Online Privacy Protection Act ("COPPA"),[133] none of the proposed bills have been enacted.[134]
    
    
84. One of the failed bills, H.R 3508, the Children’s Privacy Bill, was introduced by Bob Franks (R-NJ) in late 1996.[135] The bill would have made it a crime, punishable by up to one year imprisonment and subject to civil action, for a list broker to engage in any of the following acts: 1) to buy or sell personal information about a child without parental consent;[136] 2) to knowingly fail to comply with the request of a parent to disclose the source of information about the child; 3) to knowingly fail to disclose all information that the broker has sold regarding the child or to disclose all people who have received information about that child;[137] 4) to contact the child or parents for commercial purposes; 5) to fail to comply with the request of a parent to disclose the source of the information; 6) to knowingly use prison labor to process information about children;[138] or 7) to knowingly distribute or receive any information about children.[139]
    
    
85. Edward Markey (D-MA) authored another failed bill, entitled the Communications Privacy and Consumer Empowerment Act.[140] Markey’s bill would have required the FCC to study the impact of new technology on privacy rights and, if necessary, to take protective action. The legislation became part of the larger debate surrounding government regulation of the Internet, and thereby never emerged from committee.
    
    
86. On January 7, 1997, Representative Bruce Vento (D-MN) introduced the Consumer Internet Privacy Protection Act of 1997.[141] The bill endeavored to prohibit the disclosure of personally identifiable information without the consent of the individual. In general, the bill stated that an interactive computer service[142] shall not disclose to a third party any personally identifiable information[143] provided by a subscriber to such service without the subscriber's prior informed written consent.[144] Furthermore, "such service shall permit a subscriber to revoke the consent granted under paragraph (1) at any time, and upon such revocation, such service shall cease disclosing information to a third party."[145] Knowing disclosure of falsified personally identifiable information to a third party was also prohibited.[146] Under the proposed bill, subscribers were explicitly granted access to personally identifiable information and to the identity of third party recipients. Upon receiving access to such information, subscribers could verify or correct such information without sustaining any fees or charges. The bill would have granted The Federal Trade Commission ("FTC") the authority to examine and investigate an interactive computer service to determine whether it had violated the Act. Under the bill, if the FTC determined that an interactive computer service had engaged in any act or practice prohibited by the bill, the FTC could issue a cease and desist order. Finally, a subscriber aggrieved by a violation of Section 2 (of the Act) could, in a civil action, obtain appropriate relief. For better or worse, this bill did not pass the House.
    
    

    8. Federal Trade Commission Initiatives

87. In response to the public’s outcry surrounding the Lexis-Nexis P-Trak database,[147] on October 8, 1996, Senators Bryan, Pressler and Hollings sent a letter to the Chairman of the FTC requesting a study of possible violations of consumer privacy rights by companies that operate computer databases. The FTC released a December 1996 Staff Report on "Enhancing Consumer Privacy Online."[148] Basically, the report outlined the problems pertaining to online consumer privacy and provided some statistics on consumers’ attitudes about privacy and interactive media. The report took the position that consumers must receive notice of information practices and maintain choice with respect to whether and how their information is used. Further, the report underlined a concern with sensitive data, such as medical and financial information online, analyzed three possible technological solutions (I/CODE, cookies, and PICS), mentioned self-regulation and the possibility of government regulation, and but came to no firm conclusions as to the best way to proceed.
    
    
88. In summary, current, and proposed, federal statutory and regulatory protections of informational privacy are unsatisfactory in two respects: their failure to comprehensively target private industry, and their dependence on a piecemeal (use based) approach. By not targeting private industry, the largest collectors and users of personal information remain essentially unregulated in their collection and use of potentially sensitive personal information. More importantly, by focusing regulatory attention reactively on ephemeral and inchoate uses of personal information, federal regulation remains fundamentally incapable of keeping pace with technological advances in the art of collection and use of personal information.

    B. State Statutory Protection

89. In June 1995, the National Association of Attorneys General ("NAAG") Internet Working group was established. In November, members of the group gathered for a speech by, Minnesota Attorney General, Hubert H. Humphrey III. Humphrey was pleased to report that "the states, [were working], under a resolution of the NAAG, to pool resources and meet the [Internet] challenges of the future."[149] To their credit some state Attorneys General have promulgated regulations to enhance consumer, employee and citizen privacy in personal information, but most states are waiting for the FTC to take the lead.[150]
    
    
90. Some states have opted to directly enact laws concerning the manner in which personal information is collected and disseminated. Not surprisingly, California and New York are leading the charge.[151] In California, for example, Article I of the state constitution expressly states that the right to privacy is an inalienable right of all people.[152] Unlike the penumbra of the U.S. Constitution[153] the California Constitution has been interpreted to protect against government snooping,[154] the overbroad collection and retention of unnecessary personal information properly obtained,[155] and the improper use of any information obtained for a specific purpose other than business or government.[156] Furthermore, the California Constitution has been interpreted to provide a reasonable check on the accuracy of information already collected[157] and to require a "compelling interest" for the intrusion into individual privacy.[158]
    
    
91. To a lesser extent, New York Civil Rights Law establishes similar privacy rights and protections.[159] For example, New York codified the common law doctrine of misappropriation of name or likeness of an individual for commercial purposes.[160] Furthermore, New York law limits public access to various personal records such as personnel records and the identities of certain categories of crime victims.[161]
    
    
92. While some states have enacted laws protecting informational privacy, these states are currently the exception. Analogous to federal and common law, privacy protection under state law remains piecemeal and inadequate in the face of the challenges presented by the technological explosion. This is especially true when one considers the difficult jurisdictional issues associated with cyberspace.

    C. The European Model

93. The European privacy model solves many of the inadequacies of the contemporary American regime. Previously, piecemeal data protection laws existed in some European countries.[162] In an effort to synchronize existing laws, on July 24, 1995, the Council of European Union adopted an omnibus Council Directive aimed at the "Protection of Individuals with Regard to the processing of Personal Data and on the Free Movement of Such Data" ("European Data Directive," "Directive" or "EDD").[163]
    
    
94. The EDD protects individual informational privacy and prevents obstacles, previously unavoidable under the cacophony of regulation, to the free flow of information within the EU. For the purposes of this article, the most important aspect of the Directive is the affirmative obligation it imposes on EU governments[164] and private industries to collect and process data only for specified and legitimate purposes.[165] "Processing" should be interpreted broadly, and thereby encompasses collecting, recording, altering, and making data available in any form.[166] Because the EDD is modeled on the property regime paradigm, either the person concerned must contractually consent to the processing or collection of their personal information, or the processing must be necessary to carry out pre-contractual measures undertaken at the request of the person or contract to which the person involved is a party.[167] Processing may also occur where it is necessary for compliance with legal obligations[168] or where the activity involved is an assignment of public interest, not involving an infringement of fundamental rights and freedoms.[169]
    
    
95. The EDD grants the subjects of information collection the privilege of requesting that erroneous data be corrected. In certain instances, collectees may also oppose the prospective use of the information.[170] Furthermore, collectees must be given notice of informational processing and collection and the intended uses of collected data. While not wholly specified in the actual Directive, the EDD does threaten meaningful liability and sanction for transgressors. Also, the E.U. has established governmental agencies to oversee the development and implementation of the Directive and assure the protection of subjects’ rights. The agencies will require public registration, reporting, and justification of the methodologies, categories and employment of personal data actively being collected on employees and customers.[171]
    
    
96. Understandably, American companies, especially those active in European markets, and digitarians are having nightmares about the EDD and the possibility that similar regulation will be implemented in the United States. Because of its focus on collection and its acceptance of an individual property right in personal information, the EDD is unquestionably a step towards more vigorous protection of personal information and is potentially many times more effective than the existing American system. However, the EDD fails to mitigate many of the deficiencies of the property regime discussed below. More importantly, the EDD is a prime example of the danger of grafting antiquated regulatory thinking (and with it an arbitrarily imposed privacy baseline) onto a fundamentally different environment. Although it does enhance consumer information privacy, the EDD does not spawn discussion or provide a fluid model capable of changing as cyberspace matures. Instead, the Directive threatens to stifle the potential of cyberspace by capriciously defining[172] and limiting the manner in which information collection, processing and use can occur.
    
    

    D. Constitutional Protection

97. While the United States Constitution makes no explicit mention of privacy, under the "penumbra theory," inferred from the Bill of Rights, the Supreme Court has referred to, and protected, certain fundamental or substantive due process rights.[173] Privacy protection under the penumbra of substantive due process is limited to the protection of individuals from governmental or public intrusion under a rational basis due process balancing test.
    
    
98. Whalen v. Roe, 429 U.S. 479 (1965), is the Supreme Court’s most in-depth, modern discussion of informational privacy in a "government context."[174] At issue in Whalen was whether it was constitutionally permissible for the state of New York to keep a computerized list of prescription records for "dangerous drugs" and require physicians to disclose the names of patients to whom they prescribed those drugs.[175] The Court found that the right to privacy generally includes the "right to be left alone," which encompasses "the individual interest in avoiding disclosure of personal matters."[176] Balancing the competing interests, however, the Supreme Court upheld New York’s program as constitutional in that it was sufficiently narrowly tailored with adequate security provisions to reduce the danger of unauthorized disclosure. Nonetheless, the Court left the door open to future restrictions in light of technological change,[177] noting that it was "not unaware of the threat to privacy implicit in the accumulation of vast amounts of personal information in computerized data banks or other massive government files."[178]
    
    
99. In Tureen v. Equifax, 571 F.2d 411 (8th Cir. 1978), the Eight Circuit briefly flirted with the idea of extending the penumbra to private encroachment. The Court stated, "in order to make informed judgments in these matters, it may be necessary for the decision maker to have information which normally would be considered private, provided the information is legitimately related to a legitimate purpose of the decision maker. In such a case, the public interest provides the defendant a shield which is similar in principle to qualified privilege in libel."[179]
    
    
100. Successive interpretations of the Whalen and Tureen decisions have opted for narrow readings of the holdings. Effectively, the privacy penumbra stops at government action, rendering constitutional protection impotent in the face of the erosion of informational privacy rights by corporations.
     
     

     E. Common Law Protection

     1. Tort

101. In a landmark law review article, Samuel D. Warren and Louis Brandeis persuasively argued for the extension of common law protection of personal privacy to non-governmental or private party intrusion.[180] Warren and Brandeis defined this zone of privacy, as "the right to be left alone."[181] Today, consumers and employees receive a modicum of protection from private parties under the common law tort doctrine of invasion of privacy. Professor William Prosser divides the invasion of privacy into four doctrinal categories:[182] 1) intrusion upon one’s seclusion;[183] 2) the public disclosure of private facts;[184] 3) false light privacy;[185] and 4) the misappropriation of one’s name and likeness for commercial purposes.[186]^, Although an exhaustive survey of the doctrine in these four categories is outside the scope of this discussion, several notable cases illuminate the doctrine’s structure and deficiencies.
     
     
102. After subscribing to a weekly periodical under a misspelled name (Avrahani) and receiving junk mail at his home addressed to the same, Ram Avrahami, a Wharton graduate, filed suit in state court against U.S. News & World Report, arguing that the magazine tortiously sold his name and address to a third party without prior consent. On February 7, 1996, General District Judge Karen A. Hennenberg dismissed the suit for lack of jurisdiction to hear equity issues. On June 12, 1996, Circuit Judge William T. Newman Jr. held that Avrahami had no property rights to a "fake name."[187] Avrahami appealed the Circuit Court’s decision to the Virginia Supreme Court and posted a copy of the petition for appeal on-line.[188] However, in December of 1996, the Virginia Supreme Court declined to hear the appeal without comment.[189]
     
     
103. Other courts have held that the sale of information to direct mail advertisers without the consent of subscribers does not constitute an invasion of subscribers’ privacy, even if it amounts to a sale of personal profiles, inasmuch as the profiles are only used to determine what kind of advertisement is to be sent.[190] One such court found that the "appropriation of one’s personality," required to illustrate tortious conduct, refers only to those situations "where the plaintiff’s name or likeness is displayed to the public to indicate that the plaintiff endorses the defendant’s product of business."[191]
     
     
104. In June of 1997, the New York Times ran a front page story detailing the plight of Beverly Dennis. According to the article, Beverly Dennis, an Ohio factory worker, filled out a product preference survey in 1994. In the summer of 1996, Dennis received a 12-page letter mentioning her birthday, marital status and product preferences. The letter also contained sexual suggestions and proposed a visit to Dennis' home. The writer was a convicted rapist serving a six and a half year sentence in a Texas prison that had contracted with Metromail Corp. under a prison work release program. In the spring of 1996, Dennis filed suit in Travis County, Texas District Court, seeking to represent all U.S. citizens against R.R. Donnelley and its subsidiary Metromail Corp. Dennis alleged that the defendants committed the tort of intentional and/or reckless disregard for safety when Metromail disclosed plaintiffs' personal information to third parties.[192] Under the settlement terms, Metromail has proposed to never use prison labor again, disclose in clear language how it will use personal information and adopt new confidentiality practices. Finally, Metromail will establish a fund to compensate claimants who were or are injured by prior privacy breaches.
     
     
105. In January 2000, a consumer filed a class action suit against Amazon and its Alexa Internet subsidiary. Newby v. Alexa Internet and Amazon.com, C 00 0054, U.S. District Court, Northern District of California (filed Jan. 6, 2000). The consumer, Joel Newby, alleges that Alexa Internet, a Bay Area company that offers client side server technology to work with users' browsers to provide "useful information about the sites you are viewing and suggesting related sites," secretly intercepted and sent confidential information to Amazon.com, without his consent. Newby's suit seeks class certification, damages, attorney's fees and restitution of profits made by both companies as a result of legal violations.[193] While the facts are interesting, it is doubtful whether the Amazon case will generate any novel legal findings.
     
     
106. DoubleClick has also been hit by a similar suit accusing the company of gathering personal information from Internet users--such as names, addresses, and patterns of online browsing and buying--without their knowledge or consent and in violation of their privacy policy. The suit also alleges that DoubleClick is cross-referencing general data collected from users with identifying information accessed through Abacus Direct Corp., a direct marketing firm the company acquired in 1999.[194]
     
     
107. The DoubleClick lawsuit was filed in California Superior Court in Marin County. Judnick v. DoubleClick, Inc., CV 000421, Superior Court, Marin County, California (filed Jan. 27, 2000). Interestingly, the complaint is seemingly premised on an unfair business and trade practices cause of action brought under California Civil Code § 17200. Thereunder, the attorney seeks to represent the state's general public. In California, these suits are often viewed as a plea for a quick settlement. Again, it is unlikely that the DoubleClick case will amount to much other than a tidy sum in legal fees. However, because of the impact of other private lawsuits coupled with public scrutiny from the FTC and state attorneys general, Doubleclick has recently decided not to merge its anonymous web-browsing data with Abacus’ personally identifying information. It is also offering consumers the ability to block its cookies.[195]
     
     
108. In theory, protection of informational privacy via a liability regime would function ex post through rules deterring violations of privacy interests by requiring transgressors to pay victims for the harm suffered. Courts, by and large, employ a negligence standard regarding what the party may and may not do with the information. As alluded to earlier, courts generally maintain a fairly deferential negligence standard and require significant personal injury before requiring transgressors to pay victims for harm suffered.[196] There are a number of other glaring deficiencies inherent in the existing liability regime that serve to undermine privacy interests. Liability rules create obstacles for individuals to solve collective problems. If many people are minimally injured by the disclosure of personal information, the judgment value of their individual cases invariably prevents adjudication and often settlement. While this might argue for a class action, judges often refuse to certify classes on these matters due to the individual nature of the harm and damages.[197] More significantly, litigation on the disclosure of personal information may only perversely exacerbate the injury by focusing attention on information that litigants wanted to keep private.
     
     

     2. Contract/Property

109. In the 1970s, privacy protection for personal information was considered to exist in the nature of a contract between the individual and information collector.[198] Accordingly, the individual divulged personal information to a second party, who then conferred some benefit on the individual in return. The assumption was that a good faith contract existed between the two parties and that the record keeper was bound not to "misuse the information," in derogation of the contract.[199] However, the information holder's post-use obligations were rarely formalized, and there was no monitoring of the bargain, due, in part, to the high transaction costs involved therein. By divesting the individual of any power to prevent or limit disclosure of their personal information, the common law and statutory default position over the subsequent twenty years has largely moved away from a property theory.[200] This trend seems to be reversing.
     
     
110. A recent example of the employment of a property regime is evident in a California Supreme Court decision concerning the right to control and benefit from the exploitation of individual genetic information. In Moore v. Regents of the University of California, 793 P.2d 479 (Cal. 1990), the lower court’s decision granting the plaintiff property rights in his genetic code was overturned by the California Supreme Court. The California Supreme Court focused on the chilling impact propertization of genetic code, or personal information, would have had on medical research. While the Court opted to delay this delicate balancing and leave open the question of propertization of less "socially precious" personal information, it did offer Moore a remedy upholding the claim that university researchers breached a contractual, or fiduciary duty, by failing to obtain his informed consent before doing research on his DNA for potentially commercial purposes. The court also maintained that if public support existed for a right to compensation under these circumstances, the legislature could and should provide it. By saying that the legislature could act, the court merely highlighted the existing deficiencies and limitations of common law and statutory protections that stem from the legislature’s inaction
     .
111. In the well-developed debate on the efficiencies and inefficiencies of liability versus property regimes, a number of theorists have argued that a doctrinal shift from a liability to property regime, in common law decision-making, will further enhance informational privacy.[201] According to Professor Coase's theorem, given zero transaction costs and assuming parties intend to contract, it would be irrelevant which legal regime was adopted, as the most efficient outcome would obtain regardless.[202] As the collection, storage and processing and use of personal information increasingly occurs in cyberspace, if cyberspace were devoid of transaction costs (for example, in contracting or consummating mutually beneficial bargains) common law rulings and regimes would be irrelevant to the domain.
     
     
112. While the debate regarding transaction costs in cyberspace is relatively open, unquestionably, relative to traditional real space collection, storage, processing and use of personal information, transaction costs are quite low, although not zero. Here Guido Calabresi and Douglas Melamed added to Coase's theorem by convincingly arguing that high transaction costs (due to information asymmetries or the impracticality of bargaining) will render liability rules, in the form of damage awards, more efficient in protecting entitlements.[203] Conversely, when transaction costs were low, Calabresi and Melamed predicted that property rules would be a more efficient manner of protecting legal entitlements.[204]
     
     
113. There is a cognizable trend, in theory and practice, of replacing the liability regime currently in place with a property or contractual understanding of protecting legal entitlements. Thus, in a "primary information market,"[205] the individual voluntarily discloses personal information in exchange for some benefit, thereby forming a contract. In cyberspace negotiating these exchanges is quick, easy and, largely cost free. When people encounter an information collecting technology, in theory, it should clearly state the information required and how it will be used. Again, in theory, people will either accept this option, or refuse it and look elsewhere because, at least currently, the cost of exit is minimal.[206]
     
     
114. Given the existing legal geography and activity online, without opting into a higher property standard, many companies are relatively impervious to consumer suits for tortious disclosure of personal information.[207] Consumers seemingly have intuited the governing legal regime and for the most part understand that they are relatively unprotected under a liability regime. Thus, for many cyber-companies attempting to use personal information in the next generation of cyber-technologies, the nature of the business and the existence of palpable consumer distrust has required companies to voluntarily grant consumers greater assurances for access to their personal information.
     
     
115. Although substantively distinguishable, the underlying issue involved in Stratton Oakmont, Inc. v. Prodigy Servs. Co, 1995 WL 323710 (NY Sup. Ct. 1995), motion for renewal of argument denied, 1995 WL 805178 (N.Y.Sup.) illustrates market forces pushing cyberspace business entities toward guaranteeing their customers greater legal protection.[208] Prodigy’s policy of moderating statements made in its discussion forums is analogous to the voluntary expansion of privacy rights by other Internet companies. In Stratton, the court held that Prodigy, an Internet Service Provider ("ISP"), constituted a "publisher" with respect to statements made on an online bulletin board that stated inter alia that Stratton Oakmont, a broker, had committed criminal violations of the securities laws. The court found that Prodigy held itself out as an online service that exercised editorial control over the content of messages posted on its computer bulletin boards.[209] By expressly differentiating itself from its competition and explicitly likening itself to a newspaper, the court found Prodigy liable under a publisher standard, a higher standard than the default distributor standard previously applied to ISPs.[210]
     
     
116. Akin to the Prodigy model, a number of companies involved in the collection, storage, processing and use of personal information (on the Internet/Web) have voluntarily held themselves to a stricter legal standard with regard to informational privacy.[211] These companies are moving towards an understanding of a person's information as her property. Many on-line companies offer their users a quasi-contract that implicitly exchanges the use of a product or a service for personal information.[212] Companies also make promises defining exactly how they will use this information.[213]
     
     
117. Beyond consumer distrust of cyberspace and new technology, the usual problems surrounding imperfect information--lack of consumer education, unequal bargaining power and the inability to individually tailor agreements (though this might easily be taken care of technologically)--combine to further dilute the privacy enhancing value of the property regime. In light of these problems, Professor A. Michael Froomkin has convincingly argued that a property rights approach to privacy enhancement is unlikely to have much real influence so long as "courts refuse to rewrite or ignore contracts of adhesion, and as long as in each individual transaction the cost of not providing the information is disproportionate to the loss (which is a function of the accumulation of transactions, not any single transaction) . . ."[214] Eventually, this may pose a problem because the cost of exit may skyrocket like the costs of not having a credit card. In lieu of a property regime, Froomkin believes that the realities of modern transactional life, like the inflation of exit costs,[215] will eventually defeat a property regime.[216] This is currently not an issue with regard to on-line companies and many market niches in cyberspace. However, in time it may become fundamental. Instead, Froomkin and others propose using technological or market based solutions, such as anonymous communication (including sensitive consumer transactions with anonymous digital cash), to do a much better job of protecting privacy rights and privacy enhancement in cyberspace.
     
     

     VII. Self-Regulation and Market Based Solutions

118. In June of 1997, the FTC sponsored a four-day discussion between government officials, consumer privacy advocates and, for the most part, representatives and executives from interested corporations, including such heavyweights as Microsoft, Lexis-Nexis, IBM, AOL, Visa, Mastercard and American Express. Predictability, both industry and consumer groups put significant pressure on regulators.
     
     
119. While the FTC has conducted numerous inquiries and investigations into online data privacy, outside the context of children’s privacy, it supports a policy of industry self-regulation.[217] In short, the FTC has honored the wishes of the regulated, and officially opted for a policy of self-regulation intended to protect and enhance informational privacy. Accordingly, Netscape spokesman Sean Gaddis points out the major industry concern. Gaddis states that the information dependent industries must "do everything possible to self-regulate. [Because] if it becomes a mess, then the FTC will step in."[218] Thus, companies that manufacture, use, sell and depend on personal information have offered many arguments and proposals for how personal privacy rights can be protected and enhanced through self-regulation. Outlined and discussed below are several proposals and options offered by the FTC and industry as potential market solutions to the problem of informational privacy.
     
     

     A. Opt In/Opt Out

120. The first, and most elementary, proposal is often referred to as opt in/opt out. The DMA is among the most outspoken proponents of this proposal. In its most consumer friendly form, the opt in/opt out proposal allows consumers to designate whether they want their information collected by responding to yes/no questions asked by a computer. For example, if a consumer entered a particular Website or carried out a grocery transaction, the clerk or the internet browser would ask the consumer whether or not the company could collect and disseminate information from the transaction. Essentially, this amounts to a quick contract of adhesion, as discussed above in relation to the property regime. At worst, the proposal is opt out. Under this method, the default standard permits the company to collect and use the information unless the customer indicates otherwise. Often it is time consuming or difficult for consumers to locate the opt out, thus reducing the likelihood of consumers opting out. This proposal, where the burden of justification falls on individuals seeking protection in a perplexing new market, is the dominant form of information collection today. While some businesses allow a user or consumer to opt out of information collection, currently most businesses collecting and selling personal information will not grant a user or consumer access to their site or products without the deposit of at least some personal information.[219]
     
     
121. The deficiencies with this system are readily apparent. First, levels of consumer education and understanding of technological advances in informational collection vary widely. Many consumers have no idea that their information is being stored, collected and used. While this may argue for greater education, many companies will undoubtedly stay one step ahead of the education, introducing generations of progressively more stealthy collection and employment technologies. Furthermore, as the cost of exit grows, consumers will find it increasingly difficult to eschew the use of many cyber goods and services.
     
     
122. Industry pundits respond that when consumers place a high enough marginal value in informational privacy, like organic vegetables, the market will provide purveyors of goods and services that abstain from collecting or using personal information. However, as personal information is valuable, these purveyors, to survive, would necessarily have to pass along some of their lost revenues to consumers in the form of higher prices. At that point, in theory, some consumers will be priced out of the market. In no uncertain terms, the result will be a market system of informational privacy, further reducing privacy "from an assumed right to the unceremonious status of a commodity."[220] This is ultimately the same situation of the status quo, which very few people consciously support.
     
     
123. The opt in/out system is not wholly differentiable from the property regime discussed above. By opting in or out, consumers essentially enter into a contract of adhesion. Given existing technologies, opting in or out is time consuming and thereby expensive and inefficient. Above and beyond efficiency concerns, the fundamental question remains: what if a company disregarded its contractual obligation? In the current legal climate, the injured consumer would have little recourse given the disparities between consumers and institutions.

     B. Anonymity/Encryption

124. Another market-based solution is based on the idea that encryption technology and anonymity can enhance privacy just as other technological advancements have eroded it. Under this argument, if people are really interested in informational privacy, companies will develop software that provides a means of blocking the initial collection of information. For example, Community ConneXion created a website called the Anonymizer for people who wanted to browse the Web anonymously.[221] The Anonymizer shields a consumer’s personal information from the other Web sites that she visits. By visiting the Anonymizer site prior to visiting other sites, a consumer is assigned an anonymous identity, which is revealed (instead of her real identity) as she surfs the Web. This permits a consumer to surf freely, even if she follows a hypertext link to another site, without having to worry about whether the site is keeping track of her comings and goings and personal preferences regardless of the site’s stated policies. Of course, the consumer still views any advertisements on the site. Furthermore, since Community ConneXion knows the true identity of the anonymous surfer, in theory, it could compile a profile based on the anonymous surfer’s habits. Again, the anonymous surfer must trust Community ConneXion not to collect or disclose her personal information, since any legal remedy available to the consumer is tenuous or non-existent.
     
     
125. Froomkin, a major proponent of online anonymity, advocates privacy enhancement through anonymous communication and untraceable digital money. To Froomkin, anonymous communication is a form of speech that deserves constitutional protection. His theory would easily lead to increased privacy--if computers can only collect, filter and use information without an identifier, they cannot gain individual information about the searcher, purchaser or interested party.
     
     
126. An Economist cartoon sheds light on several of the problems with anonymity. The cartoon depicts two dogs sitting in front of a computer. "On the Internet," ran the caption, "nobody knows you are a dog."[222] Perhaps not. But increasingly, the real question has, in effect, become: if someone knows that you purchase Purina instead of Alpo eight times out of ten and on the other two occasions you had a 50 cent coupon found in Parade magazine; you subscribe to Poodle Monthly; your Internet address is fido19@obedienceinaminute.edu; your home address is Doghouse, 12 Elm Street; your Web browser is set to filter out any and all content mentioning or depicting cats; and the last four Websites you visited were www.dogtalk.com, www.leashlaws.gov, www.fleasbegone.net and www.milkbones.com, does it really matter whether they "know you are a dog?"
     
     
127. In the not so distant future, there is little doubt that Froomkin’s model will be vindicated and anonymity and encryption will play an important role in getting there. However, in the short term, anonymity has a number of flaws that render it inoperable for many businesses and consumers. First, transactions that take place in cyberspace must eventually connect back to the real world. For example, the goods a consumer purchases on the Web or on the phone must be shipped to an address, which is inextricably linked to that person. Most people still prefer credit cards and still shop in person. Second, absolute anonymity, the inability to retrace an interest or a transaction to a personal identifier, would reduce the newly expanded capacity for gathering, processing and using personal information to the level of 1950’s pollsters.[223] Thus, many technologies, such as agents and smartcards, in theory, would only be useful to the extent consumers were willing to pay to be deluged with intelligent information.
     
     
128. Perhaps Froomkin’s major fault is that he is seemingly five dimensions ahead of the rest of us. Unfortunately, to get to the fifth dimension, there are four others along the way. While we are not yet at this point technologically, getting there will either require a great deal of education or a marked increase in consumer trust of security and encryption systems. This, I maintain, will not happen without at least a shadow of regulatory protection. Finally, new companies currently working on advanced means of data collection, processing and use will need to develop marketable produc