Whose job is it to protect our privacy?

August 8, 2010 

Facebook has surpassed 500 million subscribers. An account of its origins will open in theaters in October. Data from the profiles of more than 100 million Facebook users appeared on another Web site and could be downloaded. The company faces criticism over loose privacy protocols.

Once again, Congress is talking about Internet privacy. Rep. Henry Waxman, D-Los Angeles, held hearings recently, while Facebook representatives warned against stifling innovation, and founder Mark Zuckerberg met privately with politicians on Capitol Hill.

Tech companies, Facebook among them, employ 1,350 lobbyists and spent $120 million on lobbying in Washington last year, twice what they did at the start of the decade, according to the nonpartisan Center for Responsive Politics.

Privacy is a ripe issue in California, too. But here the level of the state's interest could depend on who wins office in November.

In this year of the Silicon Valley candidate, privacy is so yesterday.

Forget about getting off the grid. It's impossible to lie low, with global positioning satellites, radio frequency identification, video cameras and the rest. Whether we want to or not, we've checked the opt-in boxes and accepted the terms of use. People friend us, whether we know them or not.

Candidates at the top of the Republican ticket have a history on the topic of Internet and privacy. Meg Whitman is the former head of eBay. Carly Fiorina formerly headed Hewlett-Packard.

With Fiorina and Whitman in charge, both companies opposed state efforts to regulate Internet privacy and argued for a national standard. That's the opinion widely held by corporate Silicon Valley, though not by some of the rest of us. Based on the candidates' statements, they wouldn't take a states' rights view if they win Nov. 2.

"Carly believes that the Internet cannot be regulated on a state-by-state basis, as it transcends geographic borders," her spokeswoman said last week in a statement.

When she was eBay's chief, Whitman was part of a tech trade group, Consumer Privacy Legislative Forum, established in 2006 to lobby Congress for "harmonized federal privacy legislation to create a simplified, uniform but flexible legal framework." Its name notwithstanding, the group's goal was to push for a national standard that "would pre-empt state laws." Candidate Whitman holds fast to that view, saying in a statement: "Internet privacy has traditionally been a federal issue."

A governor, however, has an obligation to protect states' rights.

In California, privacy is a fundamental right. This state has a constitutional amendment identifying privacy as inalienable. And, for better or worse, legislators don't see themselves as potted plants. Some care about state law. All that means the next governor will grapple with privacy or the lack of it.

"States often have to lead to get attention at the federal level," said Sen. Joe Simitian, D-Palo Alto, the Legislature's most prolific author of bills that seek to provide at least a thin veil of privacy.

Simitian helped push a first-in-the-nation requirement that companies tell us when a security breach has spewed our personal information into other people's hands. That 2002 law since has been copied by 40 other states.

Because of a 2004 Simitian bill, California requires companies doing business in the state to post privacy policies on their Web sites. If they fail to adhere to those policies, they can be sued.

Lately, Simitian has sought to limit the misuse of radio frequency identification. In 2007, Gov. Schwarzenegger signed a bill banning a practice out of some science fiction flick -- the use of subcutaneous radio frequency emitters that could allow people to be tracked.

Now Simitian is carrying legislation to protect people who use FasTrak to pay bridge tolls. A data breach would provide a road map to an individual's travels, whether it is to an anti-war rally, a gun show or a rendezvous on the down-low.

"People care about their privacy but are not mindful how their privacy is being eroded," Simitian said. "There need to be boundaries about what can and can't be done."

California's constitutional right to privacy was established in 1972 by Proposition 11, approved 62.9 percent to 37.1 percent. Its champions included former San Francisco Mayor George Moscone, who was assassinated in 1978.

Years before the creation of Google, Facebook, Apple or Microsoft, Moscone signed a voter handbook statement that was prescient, one that dwelled on the use of newfangled machines, computers.

"Computerization of records makes it possible to create 'cradle-to-grave' profiles on every American," the statement says. "The right of privacy protects our homes, our families, our thoughts, our emotions, our expressions, our personalities, our freedom of communion, and our freedom to associate with the people we choose. It prevents government and business interests from collecting and stockpiling unnecessary information about us and from misusing information gathered for one purpose in order to serve other purposes or to embarrass us."

Louis Brandeis, one of America's greatest legal minds, could not have said it better. Brandeis warned in an 1890 historic Harvard Law Review article that "numerous mechanical devices" threaten to "make good the prediction that 'what is whispered in the closet shall be proclaimed from the house-tops.' " He was fretting about "instantaneous photographs" and "the evil of invasion of privacy by the newspapers."

Unlike newspapers, today's town criers -- Google, Facebook and the rest -- are not responsible for what others post on them for the whole world to see.

That makes the Internet wonderful, and on occasion terrible, as discovered by the parents of the 19-year-old girl decapitated in a horrible car crash in Orange County on Halloween 2006. Gruesome accident scene photos taken by California Highway Patrol officers still bounce around the Internet. Someone e-mailed them to the parents.

Carl Guardino is the longtime leader of the Silicon Valley Leadership Group, which represents the valley's leading tech companies. He's also the victim of an especially nasty trick called e-impersonation. Using his e-mail, someone blasted vicious missives to others under his name.

Guardino shrugged off questions about whether Congress should take control of the issue. He advocates passage of a Simitian bill on the topic: "To me it doesn't matter at what level it is illegal. This is not a hypothetical. It should be illegal at all levels."

Everything is out there, our addresses, e-mail, marital status, phone numbers. We surrender it to business people whenever we sign up for "services." In the process, we become commodities, allowing advertisers to better target their messages.

Most of what they do is benign, maybe useful. It also can be creepy. Facebook asks new subscribers for their dates of birth and knows whether new customers are minors.

This year, state Sen. Ellen Corbett, D-San Leandro, carried legislation that would have directly affected Facebook. Senate Bill 1361 would have barred Internet companies from asking minors for personal details, such as their home addresses.

The Senate approved it by a 25-4 vote in April -- prompting Facebook to retain a Sacramento lobbyist for the first time. It worked. On June 28, the bill stalled in its first Assembly committee.

In a statement, Facebook took the common Silicon Valley view: "National laws, especially those that are harmonized with other nations' laws, are easier for innovative companies like ours to respond to than are local laws."

Of course, there is no federal law specifically barring companies from compiling minors' personal information.

The issue has real-world implications. For 11 years ending in 2007, a company based in West Hollywood published XY Magazine and later a networking site aimed at young gays. Their average age was 18, meaning many of the roughly 100,000 subscribers were juveniles.

The business collected their addresses, photos, bank card information and e-mail addresses. XY had a seemingly ironclad privacy policy: "Our privacy policy is simple: We never share your information with anybody." Not quite.

The company was on the verge of selling the data in a bankruptcy proceeding when the Federal Trade Commission demanded five weeks ago that the sale be put on hold. The matter is pending.

A state law might have offered a layer of protection to the minors. Then again, even if the Legislature had approved a bill, it could not become law without a governor's signature.

THE SACRAMENTO BEE

Modesto Bee is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere in the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

Commenting FAQs | Terms of Service