Junkbusters

Speeches in Public Forums

[Feedback]  Prepared remarks and slides from past speeches


  1. The slides from the Secure iWorld Online Privacy Conference (2002/8/21)
  2. The slides from the Privacy Officers Association Conference in Washington D.C. (2002/1/30)
  3. The slides from EF Telecoms' Mobile Location Services 2001, London (2001/5/10)
  4. The slides from American Marketing Association's Eighth Annual Marketing on the Internet conference, Pasadena, California (2001/3/30)
  5. The slides from the Personalization Summits in London, England (2000/9/12) and San Francisco, CA (2000/11/13)
  6. The slides from the Internet Commerce Expo, Dusseldorf, Germany (2000/9/20)
  7. The slides from Brightmail's Spam Summit in Washington, DC. (2000/5/4)
  8. The prepared remarks for Forum on Technology in Washington, DC. (2000/3/29)
  9. The slides from Iconocast's Web Attack in New York (2000/5/8)
  10. In a speech at the annual conference of the National Governors Association, Junkbusters President Jason Catlett urged the states to protect privacy. [Text of prepared remarks] [Tribune Review] (2000/6/10)
  11. Catlett's speech about the Microsoft Web browser privacy alert at the U.S. Chamber of Commerce can be seen and heard on their web site. (2000/7/20)
  12. Catlett chaired panels on privacy at Spring Internet World in Los Angeles and at Computers, Freedom and Privacy Conference 2000 in Toronto. [Salon]
  13. Catlett was also one of the judges for the Orwell Big Brother Awards 2000, which were bestowed in Toronto. (2000/4/5) [Scientific American] At CFP '99 Catlett chaired a panel on profiling at the ninth annual Computers, Freedom and Privacy Conference in Washington DC. (1999/4/6) ``Did Vint Cerf Create Al Gore?'' asked the NY Times. [Press Release] [Wired on Gore's Invention] [USA Today] [NY Times] [Business Week] [ZDNN] [IDG] [Computerworld] [Wired] (1999/4/7)
  14. The winners of the Junkbusters Awards for Privacy in Commerce were announced at a ceremony in Washington DC. (2000/11/8) For a list and details see the Awards page.
Audiotapes only available for:
  1. The Computers, Freedom and Privacy Conference 2002 in San Francisco (2002/4/18)
  2. Fall ISPCON, Las Vegas (2001/10/10)
  3. The Milken Institute's 2001 Global Conference, Beverly Hilton, Los Angeles (2001/3/20) [Audio tape available]
  4. Penton's Spring Internet World, Los Angeles (2001/3/16)
  5. The ACM's Computers, Freedom and Privacy Conference 2001, Boston (2001/3/7) (Audiotape available from Fleetwood) [London Free Press]
Online recordings may be available for:
  1. The Cybersimposium at Harvard Business School (2002/2/10)
Sorry, no slides available for:
  1. The 25th International Conference of the Data Protection and Privacy Commissioners. (2003/9/10)
  2. The FTC's Spam Forum in Washington DC. (2003/4/30) (Official transcript is expected to be published.)
  3. The Italian Data Protection Commission's International Conference on Privacy: Cost to Resource in Rome, Italy. (2002/12/5)
  4. Privacy Conference, Victoria University Conference Centre, Melbourne, Australia (2001/6/25)
  5. The Personalization Summit, New York (2001/4/2)
  6. The Industry Standard's Wireless conference, Tucson, Arizona. (2001/4/10)
  7. Lecture at the London School of Economics. (2001/2/14)
  8. Penton's Internet World Wireless 2001, New York (2001/2/23) (Audio cassette may be available from conference organizers.)
  9. November 8, 2000: Annual Conference of Business for Social Responsibility, New York
  10. November 10, 2000: 6th CACR Information Security Workshop, Toronto
  11. November 11, 2000: Chicago Humanities Festival, Chicago
  12. November 20, 2000: ZKS Forum on Privacy by Design, le Chateau Montebello, Quebec
  13. October 23, 2000: Fall ADWEEK Forum, New York (Audio cassette may be available from conference organizers.)
  14. October 24, 2000: New York University
  15. October 27, 2000: Fall Internet World, New York (Audio cassette may be available from conference organizers.)
  16. October 31, 2000: Privacy 2000, Columbus, Ohio
  17. November 2, 2000: Purdue University, Indiana
  18. October 3, 2000: Ceremony of the Lasker Callaway Awards by the New York Civil Liberties Union, New York
  19. October 5, 2000: NCR Executive Forum, Laguna Niguel, CA
  20. September 27, 2000: The Public Voice in Privacy Policy, Venice [Cybercast]
  21. September 28, 2000: Data Protection and Privacy Commissioners' meeting , Venice, Italy
  22. August 21, 2000: The Sixth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining , Boston, Massachusetts
  23. August 28, 2000: Sommerakademie 2000, Kiel, Germany [Paper]
  24. August 29, 2000: Heinz Nixdorf Forum, Paderborn, Germany
  25. May 10, 2000 e-financial World in New York
  26. May 17, 2000 Stephens' e-business conference in New York.

[Feedback]  Spam Summit 2000

What can history of consumer privacy can tell us about spam?

Presented by Jason Catlett
President, Junkbusters Corp.

http://www.junkbusters.com/forum.html
catlett@cut-this-word.junkbusters.com
[Most of the material from this talk has been expanded and reworked into a new talk.]
1832: Hiroshige's woodblock print series 53 Stages of the Tokaido

The Tokaido was a road between the Japanese capitals of Edo and Kyoto

Intermediate stops include Goyu
Also in 1832: On War by Clausewitz (1780-1831)

Defined war as ``a continuation of politics by other means''

``The conqueror is always a lover of peace; he would prefer to take over our country unopposed.''

Clausewitz says war arises from the defensive: the goal in the offensive is ``not so much fighting as the taking possession of something.'' (Book 6, Chapter 7)

[Feedback]  Tech forum

This is the prepared text of a speech delivered at the US Capitol on March 29, 2000 at the Forum on Technology where a RealAudio version of the actual proceedings is available. Either may be quoted and attributed. [Transcript]

My name is Jason Catlett, and I am President and CEO of Junkbusters Corp., a for-profit corporation dedicated to the reduction of junk communications and to the promotion of privacy.

When I came to this country from Australia eight years ago to join the research staff at AT&T Bell Laboratories, I never imagined that I might one day have the honor of addressing Washington's leading policy makers on a question of such key importance to technology, the economy and to human rights. I'm truly grateful for this opportunity to discuss with you what is needed to protect privacy in the Internet age.

First, as a technologist who has spent a great deal of time developing and distributing technology to protect privacy, I can assure you that technology alone is not going to protect the privacy of Americans. They need legally guaranteed rights to stop information about them being gathered and used without their consent. Technology generally offers more opportunities for data collection and transmission than it does to prevent or control these things.

Congress has often responded to technological change with technology-specific legislation such as the Telephone Consumer Protection Act of 1991, which banned junk faxes. No vast government bureaucracy was created to enforce this law, merely a private right of action in small claims court. The Video Privacy Protection Act of 1988 required the consent of anybody who rents a video cassette tape prior to the disclosure of the title of the video. Unfortunately it is technology-specific and does not protect the titles of movies delivered over new broadband Internet services for example, showing the need to update laws. In 1998 Congress responded to the Internet with the Digital Millennium Copyright Act and the Children's Online Privacy Protection Act, which took effect on Friday. Experience shows that privacy legislation needs to be either framed in a technology-neutral manner, in terms of the personal data rather than to the particular communications technology used to transmit the data, or it has to be reconsidered and updated as new technologies arrive.

Because the US has few technology-independent privacy laws, many Internet businesses have adopted information practices that are so intrusive to privacy that they would be illegal if conducted in other older media. To illustrate this with an analogy to telephony, imagine for a minute that you have on this panel today a representative of a fictional phone company called Orwell Long Distance, or OLD for short.

Let's call him George. George tells you that the drop in profits for phone companies in recent years is placing huge strains on the industry. Because George fervently believes in keeping toll-free calls free for all telephone subscribers, Orwell Long Distance is introducing a wonderful new service for personalizing phone calls. First, OLD will use speech-recognition systems to spot keywords in your phone conversations. Over time, OLD's computers will build up a profile of the kinds of goods and services that you are interested in, based on what you say on the phone. It combines this with the yellow pages information about the kind of businesses you call (health clubs, bars, pizza parlors) so that it can provide you with more personalized telemarketing calls, calls about products you will find more interesting, less repetitive and more according to your individual speaking and dialing habits.

Now some privacy extremists have objected to OLD's ``surveillance,'' as they put it, particularly of people who hadn't even heard of OLD let alone signed up with them. They hadn't realized that simply by dialing an 800 number, or even just receiving a call from a business or consumer that uses OLD, they would be entered into OLD's database. George quickly assures you that OLD does not currently sell transcripts of conversations or even provide any keyword data to unaffiliated companies. But to go the extra mile, Orwell Long Distance has appointed a Chief Privacy Officer. George now outlines a six-point package to persuade you policy-makers not to pass any law that might materially impede OLD's information practices.

First, OLD does not use any sensitive information, defined as when you call the offices of doctors or attorneys, nor phone sex 900 numbers, nor any conversations involving children. Second, it has appointed a firm of charted accountants to ensure that it rigorously adheres to its policy of only recording keywords from your conversations with non-sensitive companies and with other consumers. Third, it has embraced the four key privacy principles of the Online Privacy Alliance, namely:

  1. Notice: OLD publishes a privacy policy giving full disclosure of its practices and has even promoted its existence to consumers through its "phone privacy options" web site and ad campaign.
  2. Choice: Consumers can call an 800 number to "opt-out" their phone number from targeting. Of course this only opts out of OLD's personalization service, not any its 600 or so competitors.
  3. Access: OLD guarantees each consumer the inalienable right to see the phone number and street address that OLD has on record for them, and fill out their own change-of-address forms at any time.
  4. Security: When personal data is transmitted to OLD telemarketing call centers, it is always fully encrypted. And if OLD ever decides to sell transcripts or profiles from your phone conversations, they will be delivered via armored car.
So George claims all this as evidence that OLD is deeply committed to protecting privacy, but I wonder how many of you would actually be convinced? How many people would find OLD's practices acceptable?

The point of this allegory is that OLD's fictional practices in telephony, which would be illegal under present law, are closely analogous to the actual current practices of several Web-based advertising companies. They monitor the keywords you type into search engines and other forms, and the specific Web pages of sites you visit that carry their ads. Some track you by name, address etc. using a cookie. And most people have never heard their names. This raises two important questions: first, why aren't those practices illegal on the Internet, and second, how can it be that they comport with the four privacy-protection principles of the Online Privacy Alliance, TRUSTe, several industry groups, and indeed the Federal Trade Commission, when anybody who has used a telephone can see that they are plainly unacceptable violations of privacy?

The answer is simple. Congress is being served a dull, boring lie about what is necessary to protect privacy. Many members of Congress have already dismissed the idea that self-regulation will protect privacy; that was an obvious non-starter. But the Online Privacy Alliance, a group of Internet companies hoping to prevent the passage of legal privacy protection, has formalized an industry-wide fiction that they hope you will fall for when you draft legislation on privacy. The key slight-of-hand is the word "choice." What this really means is any token opportunity to opt-out of some uses of personal data, no matter how burdensome, unfair or ineffective the procedure may be. An effective law would use the word "consent" instead - called in the jargon "opt-in" - and it corresponds to the desires of more than 90% of Americans in any survey that asks whether companies should be able to use personal information without consent. On the Internet, consent can be obtained inexpensively, with just a mouseclick; indeed opt-in email is a multi-billion dollar business, while opt-out junk email is reviled, spurned by reputable companies and is illegal in some states. An effective privacy law would also limit the use of personal information to the purpose for which it was collected, unless further consent is obtained. These are among the real principles of fair information practice, articulated by the Organization for Economic Cooperation and Development in 1980 and since adopted into the law of most developed countries, including recently Canada. That is what is necessary to protect privacy. We take it for granted on the phone; why don't we have it on the Internet? Recent surveys indicate support for privacy legislation at between 57 and 82 percent, and show that fear for privacy it is the number one reason for non-participation in ecommerce. So why don't we have it?

This summer the Federal Trade Commission will present you with another report on Internet privacy. Last year's report, which the Electronic Privacy Information Center's Marc Rotenberg described in Senate testimony as "one of the oddest reports on privacy ever produced by a government agency," recommended that Congress not pass any law to protect privacy, with only one Commissioner dissenting. The FTC may tell you to do nothing again this summer, but there is little point waiting for their deliberations, because the FTC's model legislation essentially follows the OPA's fake-protections based on opt-out. It will not fix the problem, as the allegory of Orwell Long Distance shows.

What you see plainly unfolding before you in the newspapers and on the computer screens in your homes is the Orwell Internet Service. Big Brother has been superseded by big browsers, and the big browsers don't want to be required by law to ask permission before from grabbing all that personal information. The solution is plain, and it's what people want: to be asked for their consent before their personal information is used. The question is whether Congress will give them the legal rights necessary to protect their privacy.

I appreciate the opportunity to speak before you today. I would be pleased to answer your questions.

Home · · Site Map · Legal · Privacy · Cookies · Banner Ads · Telemarketing · Mail · Spam · Opt Out
  ·  Surf The Web Faster Without Ads, Free!

Copyright © 1996-2005 Guidescope Inc ®. Copying and distribution permitted under the GNU General Public License. 2005/01/15 http://www.junkbusters.com/forum.html