Leslie Harris - Center for Democracy and Technology : Some Welcome Progress on Privacy

Welcome to Talking Justice Sign in | Join | Help

The Center for Democracy and Technology works to promote democratic values and constitutional liberties in the digital age. With expertise in law, technology, and policy, CDT seeks practical solutions to enhance free expression and privacy in global communications technologies. CDT is dedicated to building consensus among all parties interested in the future of the Internet and other new communications media.

About Leslie Harris

Leslie Harris joined the Center for Democracy and Technology in the fall of 2005 and became Executive Director at the beginning of 2006. Ms. Harris brings over two decades of experience to CDT as a civil liberties lawyer, lobbyist, and public policy strategist Her areas of expertise include free expression, privacy and intellectual property. Ms. Harris is a recognized expert on Internet and technology policy, and she writes and speaks frequently on these subjects. Ms. Harris has served in leadership positions in the American Bar Association, including as the Chairperson of the Section on Individual Rights and Responsibilities. For many years, she served as the Co-Chair of the CDT Public Interest Advisory. She currently serves on the Board of the Health Privacy Project. Ms. Harris received her law degree cum laude from the Georgetown University Law Center and her BA at the University of North Carolina at Chapel Hill, where she graduated Phi Beta Kappa.

Some Welcome Progress on Privacy

There are times when working on privacy issues resembles nothing more than a game of whack-a-mole: no sooner do you respond to one abusive practice or questionable business model than another one comes out of the woodwork. It can get a little bit depressing, which made it particularly gratifying this month to be able to report some modest progress in the ongoing effort to give consumers greater control of their personal information.

Responding to public concern and regulatory pressure in the United States and abroad, the major search companies appear to be starting to seriously compete with one another over how well they protect their customers' privacy. In the past few months, the five largest Internet search providers have announced significant changes to how they handle the stored records of Internet searches, including deleting old user data, stripping the personally identifiable information out of stored search records, and, in one case, giving users the option to have all of their search records deleted.

Last week, we published a report that tracks the recent announcements and compares the revamped privacy practices of the five largest search providers.

By themselves, these changes don't represent a tectonic shift in the online privacy landscape, but we're hoping that they do signal the dawn of a new competitive market in which vigorous privacy protection becomes as much a selling point as high-quality service.

As recently as 2005, search wasn't a primary focus of the larger Internet privacy debate. Although many people were aware that every time they searched for something, they were creating a small record that could potentially be tracked back to them, few understood the extent to which that information could be construed as "personally identifiable." Then in August 2006, AOL released the search terms from more than 600,000 users as part of an academic experiment. Although the users in question were given pseudonyms, some enterprising journalists were able to go through the search terms and trace them back to real people.

Seemingly overnight, people began to realize that extensive records of all our searches could be used to paint surprisingly detailed pictures of our lives, preferences and movements. Privacy advocates, government watchdogs and individual users also started asking companies what they were doing to safeguard that information.

The answer, until very recently, was that most search providers kept that information for as long as they deemed it useful -- which generally meant forever. In the past few months, those practices have improved from a privacy perspective -- a compelling illustration of the benefit that the combination of regulatory engagement, pubic outcry and competitive pressure can yield for consumers.

Again, this is only a small step. The truth is that no amount of industry self-regulation can supplant the need for a comprehensive federal privacy law that establishes baseline standards for how companies must treat our personally identifiable information. Solving our online privacy dilemma will take a combination of aggressive educational efforts, intelligent policymaking and a serious commitment by industry to better protect consumers. As it stands we're still a long way from our goal, but these recent announcements seem to be a mark of real progress and we applaud them.

Published Tuesday, August 14, 2007 9:56 AM by Leslie Harris

Filed under: Internet, Privacy, search

Anonymous comments are disabled. Click "Join" at top-right to add comments.

Closed to Comments

Note: Justice Talking ceased production on June 30 of 2008. The Talking Justice blogs and forums are provided as a read-only resource for historical interest only. Commenting on blog posts has been suspended.

All opinions expressed are those of the author. The Annenberg Public Policy Center makes no claim as the the accuracy of claims or continued availability of any third party web links found on this site.