CAUGHT IN THE WWWEB:  PATTERNS OF CONTROL OVER PERSONAL INFORMATION FLOW IN THE E-COMMERCE ENVIRONMENT

 

 

 

Jenifer Neidhart de Ortiz

Ph.D. Candidate

The American University

neidhart@prodigy.net

 

 

 

 

 

30^th Research Conference on Communication, Information and Internet Policy

Telecommunications Policy Research Council 2002

September 28-30, 2002

As electronic commerce extends into the mainstream of the economic fabric of the United States, the structure of those e-commerce relationships presents greater repercussions for both the electronic and non-electronic realms of social life.  The evolving and complex set of questions emanating from these so-called “cyber” relationships is a topic of increasing scholarship and media attention.  Part of the challenge is that, although some e-commerce issues may be addressed by applying existing laws to the new environment, other issues challenge the boundaries of conventional thinking.  It is at these boundaries of established thinking that a re-evaluation of the balance of rights and responsibilities, between individuals and social institutions such as governmental agencies and corporations, is occurring. 

Privacy in the context of e-commerce is one such issue that is challenging conventional thinking, prompting a social and political dialogue regarding the transposition of existing laws to an e-commerce environment, and the adoption of entirely new conventions to address the many unique circumstances of the online environment.  In the United States, this debate has evolved significantly since the inception of the primary technological platform for e-commerce—the World Wide Web (the Web)—in 1994.  The purpose of this paper is to set forth a framework for understanding the landscape of this struggle for control between competing interests as control over the flow of personal information.  In particular, this analysis emphasizes the rules and resources that such competing interests bring to bear in shaping the flow of personal information, and the actual patterns of personal information flow that emerge through the exercise of that power.  To what extent has the exercise of power by competing interests in the privacy debate supported or degraded individual privacy in the context of e-commerce, from 1994 through 2000?

To present a coherent analytical framework, this paper is divided into three sections.   First, a theoretical framework is set forth to provide a foundation for thinking about privacy in the e-commerce environment.  Building on the idea of privacy as an information flow issue, the paper utilizes Jacque Ellul’s concept of technique and Anthony Giddens’ concept of rules and resources.  Second, the theoretical framework is applied to the case study of U.S-based e-commerce from 1994 through 2000 to create a hypothesis of three emergent “techniques” that are shaping privacy in that context.  Third, the most significant classes of rules and resources shaping these techniques are identified and briefly discussed.  The goal of the paper is to present an overview of this analytical framework in order to facilitate discussion of privacy in a way that captures the relationship between technological and regulatory shifts from 1994 through 2000.

 

THEORETICAL FRAMEWORK

 

This paper employs an eclectic theoretical approach to understand the evolving complexity in the privacy debate through a tightly woven set of conceptual tools.  The central concepts are: privacy as information flow; technique as explained by Jacques Ellul; and, the process of structuration as explained by Anthony Giddens through rules and resources.  Since the privacy debate is complex and multifaceted, a tendency that is magnified in the international arena, this analysis seeks to understand the changing nature of the privacy debate through a specific case study of U.S.-based e-commerce from 1994 through 2000.  These interwoven concepts are thus applied to the particular case of U.S.-based e-commerce to discern the emergence of concrete techniques for control over personal information and the rules and resources that shaped the development of those techniques.  These three hypothesized emergent techniques of controlling personal information flow are:  the decentralized collection of information, centralized organization of information, and the commodification of information.  Together, these techniques outline a pattern of privacy relations within the e-commerce environment.

The first primary concept explored within this study is that of privacy as information flow.  When conceived of as information flow, privacy encapsulates the tension between various legitimate interests in personal information, including business, government, and individuals.  By casting privacy as an information flow issue, privacy captures the relative power that contending parties exercise over the character and patterns of personal information flow.  This approach toward privacy builds on Brandeis and Warren’s articulation of the  “right to be let alone,”[1] and Westin’s formulation of a “mosaic” of privacy as set forth in the seminal work Privacy and Freedom.[2]  The thinking of Brandeis and Warren establishes a certain degree of autonomy of the individual.  However, e-commerce requires an additional component of fluidity to the notion of privacy.  Westin enhances the notion to update it for the context of information and communication technology (ICT).  According to Westin, to say that somebody has personal privacy is to say that the individual has a certain level of control over the flow of his or her personal information.  In this way, the discussion of privacy transcends the problems of subjectivism and relativism that are endemic to privacy issues.  Since the exact constitution of “privacy” is subjective and dependent on each individual’s values, this study addresses the privacy issue as a question of the relative degree of real and potential control by various parties, as that control is structured by the context of rules and resources, including federal policy and ICT.  By approaching privacy as information flow, the debate is also transformed from one of “threats to privacy,” to a more complex debate over competing and legitimate interests in the patterns of personal information flow.  The concept of privacy as information flow thus helps to situate the issue of personal information within a larger set of information flow issues and to bypasses conventional debates over threats to individual privacy.  The question of privacy becomes a tension between competing interests for control over information resources, and a larger question of the configuration of power as it bears on patterns of personal information flow.

Working within this conceptual framework of the privacy issue as one of information flow, the more significant theoretical challenge is to describe the boundaries of control and actual mechanisms of control relating to such personal information flow.  The critical concept utilized to explain the particular patterns of flow of personal information is that of “technique,” as articulated by Jacques Ellul in The Technological Society.[3]  Simply stated, Ellul’s concept of technique is the application of rational methods to create efficiency.  Technique may be applied to various spheres of human activity.  Ellul has been roundly criticized for being determinist in this theory of technique and for his particular conclusions for the technological society.  In contrast to Ellul, however, this study seeks to bracket the useful concept of technique as explanatory of particular processes of information flow, but not necessarily indicative of any pre-determined path of technological development. 

The greater theoretical concern for Ellul was the unintended cultural consequences of technique when it is implemented by institutions, but not constrained by a sufficient measure of decentralized individual control.  Ellul suspected that the abuse of technique would lead to a cultural leveling of society, as these methods are aimed at “rationally arriving at and having absolute efficiency…in every field of human activity”.[4]  Ellul’s concern may be situated within a larger academic discourse that perceives the computerization movement as laying the groundwork for the increasing rationalization of society.  In this dystopia of the gradual and unchecked rationalization, institutional logic will assume a great sphere of influence, inhibiting the spontaneous, reciprocal and intimate relationships built on trust, intimacy, or other “irrational” and irreducible aspects of human life. 

Although Ellul’s concerns are not entirely misplaced, the debate can alternatively be framed as one of confusion between means and ends.  In the scenario that Ellul envisions, the rise of technique naturally and systematically eclipses any democratic functioning by the sheer forth of its telos in a highly pre-determined fashion.  This thesis, however, negates any effect that the larger context in which technology is deployed may have on the development of technique.  In Ellul’s conception, unbounded technique leads to confusion of the means—the technique itself—with the end; technique itself becomes the goal rather than being a way of achieving a higher purpose such as social, economic or political development.

As will be discussed, this study aims to counterbalance Ellul’s arguments for the “inherent” tendencies of technology and the consequences for society, with a more contextual approach that serves to emphasize the useful aspects of Ellul’s theory.  In contrast to Ellul’s moral stand and technological determinism, this study bounds Ellul’s concept of technique with the idea that the flow of personal information and the techniques of controlling that flow of personal information are shaped by their technological and regulatory contexts.  Technology, and ICT specifically, does not follow a predetermined path; ICT is neither inherently liberatory, as some technological determinists may claim, nor is it inherently repressive, as some critical political economists might claim.  Rather, the unique configuration of information flow by specific techniques is influenced by myriad factors, including law, international pressure, the momentum of industry practice, and technology.  Although there is an entire school on the social shaping of technology, this study employs Anthony Giddens’ concept of structuration, as discussed primarily in The Constitution of Society.  Giddens’ concept of structuration is useful in this study because it allows for the evaluation of the process of the shaping of human activity based on relations of power—in particular, on the “rules” and “resources” that are leveraged in the service of various actors’ interests through a process of social negotiation.[5]  While Giddens primarily treats institutional negotiation in his discussion of structuration, this study applies the concept in a slightly different way, focusing on the transposition of power structures and power relations to a new social context—e-commerce.   This approach is appropriate to understand the struggle over control over personal information flow because it allows for the consideration of the legal and regulatory environment that formally shapes such control, but the approach also recognizes that resources, including technology, shape the flow of information.  This theoretical advantage is especially important in the case of e-commerce privacy from 1994 through 2000 because the “rules” of e-commerce were set forth in a type of incomplete legislative and regulatory patchwork, leaving a large opening for the exercise of “resources” to shape information flow.  These resources were exercised by various parties, including individuals and corporations, both of whom utilized innovative technologies for the increased control over personal information flow and the shaping of techniques of control.

This non-deterministic approach also allows for the consideration of a broader range of actors, including e-commerce companies themselves.  Resulting from specific historical developments in the evolution of ICT and of the privacy regulatory regime, e-commerce is increasingly a medium of personal information flow, with e-commerce companies being increasingly strong and effective players.  The latitude of this approach contrasts with liberal theories that present the state as the primary threat to privacy and the primary user and collector of personal information on individuals.  The approach also contrasts with the critical political economy approach that emphasizes the corporate role in the privacy “threat.”  Instead, the analysis that employs the concept of structuration and the negotiation of power structures provides a conceptual lens through which to analyze the systematic organization of personal information by any entity—individual, corporation, or government body—and thereby broadens the explanatory value.

 

THE EMERGENCE OF INFORMATION FLOW TECHNIQUES IN E-COMMERCE

 

Building on this theoretical framework, this paper hypothesizes that there are three techniques emerging within the context of e-commerce defining control over the flow of personal information:  the decentralized collection of information; centralization of information; and, commodification of information.  These three techniques result from the confluence of complex power relations, as exercised through rules and resources.  This section describes each technique in terms of its manifestation in e-commerce, basic operation, and primary characteristics.  Each of these techniques represents a move toward increased automation and overall efficiency of the e-commerce process through the application of their respective methods to that process of control over personal information flow, according to the general principle of technique as discussed by Ellul in The Technological Society.  The concept of technique employed in this article draws on Ellul’s characterization of modern technique as autonomous, sophisticated, detached from tradition, and unpredictable in its consequences.[6]     This section also includes a discussion of the effect of these techniques on individual privacy. Although techniques are not inherently supportive or destructive of privacy, a determination of such a net effect may be assessed according to their level of efficiency, boundaries, locus of control, and transparency, which are categories drawn from the theoretical understanding of technique itself.

 

The Decentralized Collection of Information

 

Decentralized collection of information is a technique by which information is collected from various sources through various methods.  In the context of U.S.-based e-commerce, decentralized collection of information is an emergent technique enabled by a particular regulatory framework and the specific mode of deployment of e-commerce technologies operating within the parameters of that regulatory regime.  The decentralized collection of information can be considered an interfacing technique.  The website is the interface between an e-commerce business and an individual, and data collection maintains the outer boundaries of the flow of personal information.  The collection of personal information in B2C commerce is characterized as “decentralized” because of the networking effects of e-commerce and the deployment of a multi-layered approach toward collection.  It is this high degree of decentralization that differentiates web-based data collection from other personal information interfaces. 

In part, the collection of personal information in e-commerce tends to be decentralized due to certain technological features.  Due to networking capabilities, an e-commerce company may collect information simultaneously from all online customers at any given moment.  This networking capability also enables a more dynamic, interactive form of data collection between each of those individuals and the e-commerce website. In addition to static collection based on voluntary sources, such as user registration, websites collect information on those users’ movements within and between websites, often with a fairly high degree of individual customization.  Therefore, the collection of data occurs on the micro level of the individual, but also on the micro level in terms of each individual’s preferences and web traffic patterns.  In this way, decentralized collection of data with great breadth does not imply a trade-off with the depth of information collected.  In addition to the networking reasons for increased decentralization of information collection, a multi-layered approach toward personal information targets various aspects of a customer’s identity, preference, and the B2C relationship.  The extent to which individuals are actively sharing their data, or even are aware of its collection, varies widely.  This multi-layered approach includes voluntary data, surveillance data, and commodified data.

First, voluntary information is collected through common methods such as website, perhaps in order for a user to obtain access to a site.  Voluntary collection implies an explicit form of consent, through active participation from individual users.  For this reason, websites often incent users to register through the promise of customized or free services.  The strength of voluntary data for an e-commerce company is that, when accurate, it can provide a missing piece of the data profile “puzzle” by connecting a behavioral profile to a specific person, allowing for targeted services and demographic analysis.  The drawback of voluntary data is that its accuracy relies upon the user, who may attempt to deceive the system by providing false information.  For the user, voluntary data is the most explicitly collected data by websites, and therefore offers a degree of control over the flow of personal information.

Surveillance is a second means of collecting personal information.  Surveillance data collection is usually the most surreptitious at the user level; although general disclosure may exist in the form of a privacy notice, the actual collection process—the instances of collection and type of information that is collected— is often not well understood or readily apparent to the typical user.  This is because surveillance often occurs through the use of “cookies”.  Cookies are lines of code that are placed on the hard drive of a user by a website that track the movement of the user through the web page or across web pages.  Cookie technology collects information on viewing patterns, traffic flows through a website, and buying patterns, among other things.   All of this occurs digitally, which means that data is easily recorded and stored.  Although personally identifiable information is not necessarily collected—cookies collect information according to Internet Protocol (IP) addresses, a number associated with a computer as a node on the Internet—surveillance offers a contiguous snapshot of a single individual which can be connected to a physical person through different means.

A third type of data collection is transactional.  In order for a person to purchase goods or services online, he or she must often provide at least billing and shipping information for the consummation of the sales and authentication of the person’s identity.  This is particularly true when credit cards are used to purchase goods or services.  The collection of transactional information requires less of an explicit consent to share information than voluntary data, but rather implied consent through the actual act of purchase and knowledge that information is being collected to consummate that exchange.  Transactional information is a vital key in the collection chain—it allows for the analysis of buying patterns, and the creation of a link between a person and a vast array of personal information extracted through surveillance and cross-referencing other credit purchases.  Although transactional information is not unique to e-commerce, the combination of transactional information with other types of e-commerce data offers an unprecedented potential for customer profiling and customization.

As a fourth means of collecting personal information, e-commerce sites obtain data from external sources through commodification.  In addition to providing “lead generation” lists, such information can be cross-referenced with web-collected information to sketch a more robust and detailed customer portrait.

In summation, the decentralized collection of information in e-commerce stands out as 1) largely automated, in the case of transactional and surveillance information, 2) diverse in methods, 3) customized and individual, 4) focused and targeted, and 5) digital, such that it may be cross-referenced.  Through e-commerce, the process of data collection is highly automated and organized.  Ellul discusses the automation and organization of process in his evaluation of technique, and the decentralized collection of data seems to embody these features. 

 

The Centralization Of Information

           

The technique of centralization of information involves the storage and processing of information in a logically unified manner, and may be considered an organizing technique.  The physical centrality or unification of that control center is not always necessary to achieve logical unification of information.  Historically, centralization of information management has implied some level of physical concentration of information.  The practice of centralization of information by various organizations—including governments, churches, educational institutions, and companies—involved the organization of libraries of information, archives, file rooms, “seats” or headquarters.  This information would be stored together in the same physical location along with the information users, such as analysts, policy-makers or corporate decision-makers.

However, with advances in ICT, this physical centralization is not required, or necessarily desirable.  Rather than implying physical concentration, the centralization of information in the e-commerce environment suggests centralized control of information—either physical concentration or centralized control of information flows through software over a network.  In some cases, the physical concentration of information resources may actually increase the vulnerability of, or decrease the efficiency of, information systems.  For this reason, it may be more secure or efficient to store information in a physically dispersed but logically unified way, taking advantage of networking and software advances. 

Although it is possible for multiple persons in multiple locations to access information simultaneously, there are still limitations on the efficiency and speed of accessing that information.  To some degree, physical centralization remains and users closer to services may be able to retrieve information more readily than those who are farther away, depending on their accessible bandwidth.  However, these problems are being addressed by new technologies, such as efficient web-interfaces for databases that require less bandwidth between server and client, caching technologies, and faster local access lines.

Specifically in the case of the centralization of personal information, the development of a unified system of information allows for information to be stored, cross-referenced, and analyzed in terms of aggregate patterns.  One class of software that achieves this unification is customer relationship management (CRM) software.  The main concept of CRM software, of which there are numerous proprietary brands, is that all customer information is collected in a linked database, creating a “customer profile.”  While in the past business units may have maintained their own records system, CRM software compiles all of the customer relationship information, including information from various units such as sales, marketing, billing, customer service, and operations. 

This process of aligning all user information into one profile is simplified by the technique of decentralized collection.  For example, it is easy to “match” an existing customer profile incorporating purchase history with new shopping and purchase patterns through the use of cookies, which support customized interfaces of websites such as Amazon.com.  Surveillance through cookies enables the centralization of information by maintaining coherence between the customer profile and each discrete session of interaction.  When a user enters the website, the IP address is recognized or the person is prompted to “log on”, which in turn retrieves the information necessary to create the customized interface unique, based on that customer’s past preferences.  The  Amazon.com site greets a regular user by name, markets according to past preferences, and allows for a person to check the status of current or past orders.  If a customer purchased a book of Spanish poetry or Chinese cooking, his or her customized marketing at Amazon.com might suggest more books of this genre, in a more customized and efficient approach toward marketing.  Additionally, this centralization of information increases efficiency by reducing the likelihood of duplication errors, thus increasing the value of the profile and the database.

 

The Commodification Of Personal Information

 

The final technique hypothesized in this paper is the commodification of information, which involves the exchange of personal information and may be considered a transferring technique.  “Information is a natural resource to the modern economy in a democracy and technological environment information is, in fact, the fuel of our future.”[7]   For the purposes of this analysis, commodification is understood to be the conversion of use value to exchange value, in the sense that the value of information is quantified as a commodity.  Commodification is defined broadly, and includes the exchange of information between affiliates, the use of information internally within a company, and the use of information for customization.  Non-monetary personal information exchanges are considered to be a form of commodification because an economic incentive nonetheless underlies the exchange—personal information is exchanged because it is an asset and a resource input in a process that produces value for a company.

The commodification of personal information is far from new.  Companies have long recognized the value of customer information, market research and prospect lists.  As Richard Varn, Chief Information Officer for the State of Iowa, points out that, “our government and consumer economy is very info-dependent.  60% of our economy is consumer spending and marketing drives this.”[8] In the e-commerce business model, personal information is critical to the business model.  Although several e-commerce business models exists, depending more or less on personal information, the effectiveness and low cost of collection and organization of personal information through e-commerce technologies means that personal information can often represent a competitive advantage for e-commerce ventures.  E-commerce companies are more likely to differentiate themselves by virtue of customization or the packaging of audiences for advertising dollars.  In contrast, “brick-and-mortar” companies that have a web-based interface as an additional sales channel are less dependent on the commodification of information than “pure play” e-commerce ventures. 

Commodification occurs on various levels of sophistication, from the simple to complex.  For example, lead generation information can contain a single set of demographic data.  Companies regularly buy and sell simple contact information of potential customers in the form of mailing lists for potential customers.  This information is often exchanged between companies with a comparable demographic customer base.  For example, Wine.com would be more likely to exchange mailing lists with Williams Sonoma than with Nascar, because they perceive an affinity in the customer base.  The demographic assumptions are based on years of market research conducted regarding demographic data and buying patterns. In addition to direct exchange between companies, infomediaries often facilitate such exchange by packaging lists according to demographic categories.  One of the significant points about the Bank of America case, in which the company was sued for obtaining and re-selling thousands of credit reports, is that less than one-quarter of the individuals involved were even Bank of America customers.[9]

While mailing lists are a very common form of commodification, they are also relatively simple.  More complex forms of commodification include website flow analysis and the aggregate analysis of a company’s customer base.  Website flow analysis is often conducted for internal company consumption.  However, as discussed earlier, this fact does not imply that the personal information is not commodified, because the product of that data mining acts as a substitute for other services that a company would have purchased, e.g., market research products.  Website flow analysis may also support efforts to package an audience by demonstrating viewing patterns of individuals through their “click stream” through a website.  The revenues for online advertising on the Web by U.S. companies alone was $3.5 billion in 1999.[10]  Important questions that may help to understand a set of consumers include:

·        Which advertisements receive the most attention (as measured in “clicks”)?

·        Do customers read news or updates or do they proceed directly to search for a particular product? 

·        Do customers navigate smoothly through the website? 

·        What is the comparison of initiated purchases versus completed purchases?  

·        What is the relationship between a customer record and his or her behavior in terms of traffic and navigating the site? 

·        Is there a relationship between completed sales and customer viewing patterns? 

In addition to website flow analysis, another type of commodification is the aggregate analysis of the customer base.  This commodified information may be used internally to improve efficiency, or used to position personal information products for sale to a third-party.  Such aggregate analysis draws conclusions from the demographics of a particular set of customers that a website tends to attract.  Some e-commerce business models in e-commerce rely heavily on this type of aggregate analysis; an “e-commerce” company may not actually be charging its “customers” substantially, but rather deriving its revenues primarily by “packaging that audience” for a third company that wants to advertise to that demographic group.  This is not dissimilar to what other media outlets have done, such as television or newspapers.  The subscription price of a magazine or newspaper does not generally cover the cost of production, any less likely would the revenues produce a profit.  Neither has network television, which is “free of charge” to the user, supported itself on customer revenues.  E-commerce companies are able to innovate this business model by having more detailed profiles of their customers.  While subscription magazines or newspapers may have some limited information about their readership, e-commerce sites have extremely detailed records of customer behavior on how the product is used, including how many “eyeballs” are going to specific advertisements, or how many “hits” it has received.

 

Assessing The Net Effect Of Techniques On Privacy

 

 

Although descriptions of these three techniques help to outline their basic operational characteristics, additional analysis is necessary in order to ascertain the actual effect of those techniques on individual privacy in the context of e-commerce.  To aid such an assessment, this study suggests four categories of analysis, derived from the concept of technique, to help delineate the contours of control over personal information flow.  To some extent, these categories of analysis incorporate fair information practices that have been articulated both nationally and internationally, but these categories attempt to go further in characterizing the contours of control over the flow of personal information.

Efficiency of Technique

           

The first category of analysis that helps to outline the contours of control over personal information flow is efficiency.  According to Ellul, the very purpose of a technique is to improve efficiency—as part of a process of automation, a “goal” of technique is to streamline and improve process so that a certain sequence of events or actions flows more smoothly.  “The technical phenomenon is the main preoccupation of our time; in every field men seek to find the most efficient method…The choice is less and less a subjective one among several means which are potentially applicable.  It is really a question of finding the best means in the absolute sense…”[11]  The goal of efficiency, therefore, is an absolute goal that encapsulates the very essence of technique and its pursuit of rational process.  However, in actual practice, a particular technique can be more or less efficient due to various reasons.  The precise mode of efficiency can also lead to varying effects for individual privacy.  Therefore, when addressing privacy concerns, it is important to analyze the extent to which any particular technique operates efficiently, and by what means.

One cause of decreased efficiency of a technique is through its interruption.  For example, a legal or technological requirement for user authorization would require the interruption of the technique of data collection in that additional steps are introduced into the process that do not contribute to the immediate goal of the technique—the collection of personal information.

Another issue that might affect the efficiency of a technique is the streamlining and/or robustness of a technology.  Largely due to the politics and the incentives of resource allocation, some technologies have developed faster than others.  Although this study does not purport to be highly technical, the relative development of certain techniques over others affects efficiency.  For example, advances in ICT appear to have improved e-commerce tracking technology and the efficiency of decentralized collection of information and centralization of information to a greater degree than privacy enhancing technologies (PETs).

 

Boundaries of Technique

 

            A second category of analysis that describes the contours of personal information flow is the boundary of a technique.  One of the primary characteristics discussed by Ellul to describe technique is its tendency to gain momentum, especially through history and across institutions, but also more generally.  Discussing the tendency of techniques to extend and grow, Ellul also points out that, “Apparently this is a self-generating process:  technique engenders itself.  When a new technical form appears, it makes possible and conditions a number of others.”[12]  The growth also occurs in terms of the automation of more aspects of life, such that, “The human being is no longer in any sense the agent of choice.”[13]  For this reason, analyzing the three techniques of personal information flow according to its boundaries helps to assess the effect of techniques on privacy, as measured through individual control over personal information flow.  This category of analysis outlines the scope of the operation of a technique, describing a line that balances competing rights and responsibilities in the control over personal information flow.   Such a description of scope may define the breadth of a technique’s operation, the depth of operation, the groups of individuals that are included or excluded, and the types of information that are involved. 

Technique may be bound in many ways.  Those boundaries may be legal, prohibiting the collection of certain types of information.  For example, a boundary is established in the EU Data Protection Directive against the collection of information concerning racial or ethnic origin.[14]   Other legal mechanisms may include “use limitations” such as those that set forth regulations on the length of time that a company can use information.  In the area of e-commerce, the Children Online Privacy Protection Act (COPPA) attempts to bound the collection technique in the treatment of children specifically.[15]

The bounding of technique can also be achieved through non-legislative mechanisms, including publicity, the negotiation of contracts, or PETs.  Publicity may bound a technique by threatening a company with loss in revenues due to public outcry and even boycott at the revelation of certain practices, such as in the cases of DoubleClick, Amazon and Intel.  Contracts may bound technique by outlining limits of the commodification of data.  Finally, PETs may bound a technique by giving individuals effective control over certain data handling practices, such as the case with the Platform for Privacy Preferences (P3P), which is a preferences technology.

 

Locus of Control over Technique

 

            A third category of analysis is the locus of control over a technique.  This category builds on certain ideas represented by fair information practices, such as access and security, but goes beyond those practices to encompass a more robust analysis of control.  Analyzing techniques in terms of the locus of control builds on the categories of efficiency and the boundaries of technique.  As an additional indicator of the effect of technique on individual control over personal information flow, the locus of control of a technique helps to delineate the role of individual.  Ellul points out that the tendency of techniques to exceed current boundaries impacts the control that an individual has over a technique.  “The implications of self-augmentation become clearer:  the individual’s role is less and less important in technical evolution…Advance for its own sake becomes proportionately greater the expression of human autonomy proportionately feebler.”[16]  In addition to this tendency for successful techniques to marginalize individual action, techniques also tend toward technical centralization[17], which alters the balance of control over personal information flow.  The particular environment in which a technique emerges is important in understanding the balance of control between individuals and institutions such as federal agencies and corporations.  Indeed, the question of control over personal information flow is fundamental to this entire study.  How is control constituted?  Who exercises control, and at what inflection points? 

The establishment of control over a technique is exhibited in the e-commerce context through the ability to edit profiles, access data, remove data, or to retain, purge, or protect data.  The question of who exercises such control may be answered through an analysis of the centralization or decentralization of data, accountability requirements, and notice and choice provisions.  It is important to note that formal control over a technique may not translate into actual control.  For example, a technique may be established in a way that discourages certain mechanisms of control.  Control over centralization of data by an e-commerce company does not necessarily imply that the company has strong control over that data itself.  In a similar vein, the centralization of information does not imply the centralization of control.  For example, control might be constituted in a way that data is centralized but various actors have influence over the access, editing and flow of that data.  Conversely, the mere decentralization of information does not imply that there is a decentralization of control.

            Many rules and resources may shape the locus of control for any particular technique.  Mechanisms by which individuals may access and review information that is stored about them, such as the Federal Credit Reporting Act (FCRA), represents a right of the individual and a responsibility of a corporation.[18]  Other mechanisms may affect the locus of control through either positive or negative publicity.  For example, identify theft may create negative publicity as a response to market failure, revealing that the locus of control over personal information may be outside of even recognized actors such as companies, if adequate security measures have not been implemented.  Certain industry initiatives also offer a degree of control to individuals through opt-out provisions in privacy policies.

Transparency of Technique

           

The final category of analysis that defines the contours of control over personal information flow is the transparency of technique.  Due in part to the tendency of techniques toward technical centralization, analysis of a technique’s observability by individuals is critical to an understanding of its effect on privacy.  In practice, individuals may have difficulty gaining information about techniques due to what Ellul describes as the heightened position of the technician in society.  That is, decision-making becomes entrusted to technocrats who understand the techniques and technology underlying it, although the knowledge of those technocrats is itself confined to a small sphere of activity.[19]  The extent to which information practices are known to all parties is a critical component of control over those personal information flows.  The question is the degree to which an average user understands the operation of techniques of personal information flow and his or her choices.

Of critical importance to the category of transparency is the notion of format—in what way is a technique transparent?  For example, a technique and its operation may be transparent through privacy notices, individual notices, publicly available information such as SEC filings, congressional hearings and research, or subpoenas.  Each of these formats for transparency requires a different level of involvement for the user.

This leads to another important aspect of transparency of a technique, a characteristic that overlaps with the other three categories of analysis.  In many ways, effective transparency is a precursor to any other action of control over a technique.  Without transparency, is it possible to identify a locus of control, the efficiency of a technique, or its boundaries?  In this way, transparency acts as a limiting factor in the analysis of individual privacy.

 

THE ROOTS OF RULES AND RESOURCES:  SHAPING EMERGENT TECHNIQUES

 

The three hypothesized techniques—decentralized collection, centralization, and commodification—emerge in e-commerce within a particular context and shaped by a certain set of influences.  Analyzing privacy as an information flow issue through the lens of that contingent situation—rules and resources, specifically—reveals an emergent pattern of information flow that can be discerned even at the early stages of technological development.  According to Giddens, rules and resources structure social relations through a process of structuration.[20]  In the case of e-commerce, the rules and resources that are exercised by competing interests in the attempt to control patterns of personal information flow help to shape the structure of privacy in the social environment of e-commerce.  While the exercise of these rules and resources may immediately affect the flow of personal information in the context of e-commerce, it is important to note that social structures are related to a wider context, often leading to unintended consequences of one specific situation to a multitude of others.

The most significant rules and resources shaping techniques of personal information flow can be grouped into major four major themes.  These main themes are:

·        Rules of the U.S. Federal Government;

·        Emergence of the Self-Regulatory Model;

·        Corporate Resources and Rulemaking; and

·        Other Resources:  Technological Innovation and Publicity.

Although fair treatment of each set of rules and resources requires a more rigorous analysis of each, a short description of the themes offer an overview of the rules and resources for the purpose of clarifying the analytical framework.

The rules and resources of the U.S. federal government shape the emergence of techniques within e-commerce through legislation, court decisions, and regulations.  These formal rules often act to establish a minimum standard, or “floor”, for privacy practices.  In the area of e-commerce specifically, the U.S. federal government has been slow to pass legislation or promulgate regulations, relying instead on a more sectoral approach that can be described as a patchwork of laws.

A self-regulatory model has emerged in the context of this sectoral approach toward federal rules governing privacy in the private sector.  In terms of regulatory authority, the FTC’s Section 5 powers—the principle of the governing contracts and overseeing fraud in the private sector—have provided the regulatory background for the emergence of a self-regulatory model in the U.S.  From an historical and philosophical point of view, as well as constitutional law, the self-regulatory model is based on the principle that the federal government does not have the power—nor should it—to govern the form or specifics of expression between private parties.  In this way, U.S. privacy policy is consistent with its liberal roots, according to which the right of privacy exists as a protection vis à vis state invasion.  While privacy may be regarded as worthy and valuable, the unintended consequences of government legislation of privacy definitions, standards, or practices, are deemed to be a greater threat to the long-term cause of democratic government than the privacy invasions themselves.  Restrictions on the free flow of information for privacy reasons increase the power of government to control speech.  "The difficulty is that the right to information privacy—my right to control your communication of personally identifiable information about me—is a right to have the government stop you from speaking about me."[21]

While this liberal approach thwarts the passage of federal legislation in many instances, it may also support certain private assertions of privacy.   Several legal mechanisms of the federal government support privacy, including the Section 5 powers of the FTC in monitoring deception and unfairness in trade practices, and legal requirements that commercial and publicly distributed information be truthful, such as commercial speech laws.  The main components of the self-regulatory regime are:  the principle of competition; the principle of voluntary status of the consumer and of contracts; and, the standard of truthfulness of speech.

As important as the role of the federal government in the shaping of personal information flow is the role of corporations, especially in the context of the self-regulatory regime towards U.S.-based e-commerce.  Corporations have exercised their power and supported their interests through both the development of rules and resources.  At the urging of the federal government, industry groups have organized to create standards for privacy notices through industry rule making.  Corporations have also deployed technologies to innovate established practice established in the industry of personal information.  Finally, industry has responded to government action, including international actions, in the case of multinational e-commerce entities.

Due largely to resource issues, e-commerce corporations have been able to deploy ICT in a way that tends to support profiling activities and the commercialization of personal information.  However, there has also been a movement to develop privacy enhancing technologies (PETs), including permissions management, such as the Platform for Privacy Preferences (P3P) in which a consumer sets forth privacy “rules”, and anonymizing technologies that act to mask identity.  According to the Organization for Economic Cooperation and Development, many PETs are designed for individual users and focus largely on collection limitation (45%), collection avoidance (40%) and security (27%).[22]

In addition to technological innovation, publicity has been shown to be an exceptionally useful tool in the shaping of personal information flows, to the extent that practices have been revealed to the public.  The idea of publicity as a resource is related to the principle of the voluntary status of the consumer—the choice a consumer has to “walk away” from a company—but it takes a different tack on the level of broad exposure and reporting of infringing companies’ practices.  The power of publicity has been exhibited several times from 1994 through 2000 in the prevention of several companies’ actions.  For example, in 1996, America Online cancelled plans to sell the phone numbers of its subscribers to telemarketers after angry protests from subscribers.[23]  RealNetworks also responded to negative publicity, when it changed its software when there was public revelation that its product, RealJukebox, collected information on users’ habits.[24]

CONCLUSION:  TOWARD AN ASSESSMENT OF CONTROL OVER PERSONAL INFORMATION FLOWS

 

This paper proposes an analytical framework according to which one might evaluate shifts in the balance of privacy between individuals, corporations, and government entities in an e-commerce environment.  The specific techniques that are emergent in the context of e-commerce—decentralized collection of information, centralization of information, and, commodification of information—create a pattern of personal information flow in e-commerce based on the exercise of rules and resources in a process of structuration by competing interests vying to control personal information flows.  These techniques are very much interwoven and interdependent, creating a unique and complex matrix of personal information flows that result in a complex and nuanced portrait of individual privacy in the context of e-commerce.

Setting forth an analytical framework for privacy and e-commerce, this paper represents the first step toward an assessment of privacy as a dynamic and varied pattern of control over personal information flow.  By considering privacy through the lens of information flow and analyzing mechanisms of control, it is hopeful that such an approach would lay the foundation for a robust discussion of privacy that accommodates a range of subjective interpretation as to the constitution of privacy and the desirable balance between individual, government, and corporate control over the flow of personal information.