I went to the FTC’s second privacy workshop yesterday in Berkeley, and found it a generally interesting and worthwhile event, although it did exhibit some of the familiar patterns. Privacy, like net neutrality, isn’t as much a coherent issue as a grab-bag of grievances about a number of loosely connected concerns. Privacy is even more diverse and more incoherent than NN, which is after all driven by the desire to preserve traditional features of the Internet. Privacy seeks to change Internet tradition, which has never had any meaningful privacy but has simply created a sufficiently strong illusion of anonymity to make some people think there’s privacy on the net.
So what you have in privacy is two major issues of totally different character: (1) the capture of fleeting personal information by various services; and (2) the building of databases of personal activity and the subsequent analysis, use, and sale of the information they contain. These issues have to be resolved against the background of the Internet’s defective security architecture and tradition of people using handles instead of real names. When people feel anonymous, they misbehave, which is why there’s no much theft and generally churlish behavior on the net.
Congress is looking into these issues as well, and toward that end has held several hearings. I’m attaching testimony I delivered at one of these last Spring for your enjoyment. It holds up pretty well.