Roger Clarke's PITs and PETs Resources Site

Roger Clarke

Principal, Xamax Consultancy Pty Ltd, Canberra

Visiting Fellow, Department of Computer Science, Australian National University

Version of 6 April 2001, with a small enhancement 21 October 2002

© Xamax Consultancy Pty Ltd, 2000-2002

This document is at http://www.anu.edu.au/people/Roger.Clarke/DV/PITsPETsRes.html

Introduction

This is a resource-site that accompanies a semi-regular column for the newsletter Australasian Privacy Law & Policy Reporter.

The series examines particular Privacy Invasive Technologies (the PITs) and Privacy Enhancing Technologies (PETs). This page provides access to the articles as they appear, and to additional resources.

Contents

• Series Introduction
• Published Columns
• Key References
• Resources that Explain Underlying Infrastructure
• Resources on Specific PITs and PETs
• Other Resources
• The Origins of 'PIT' and 'PET'
• About Privacy Law & Policy Reporter

Series Introduction

The first article in the series is a double-length piece that was designed to set the stage for what followed. So start here. That appeared in PLPR 7, 9 (March 2001).

Published Columns

• 'P3P Re-visited' PLPR 7, 10 (April 2001)
• 'Meta-Brands' PLPR 7, 11 (May 2001)

Key References

This section provides some particularly important sources on the topic.

Burkert H. (1997) 'Privacy-Enhancing Technologies: Typology, Critique, Vision' in Agre P.E. & Rotenberg M. (Eds.) (1997) 'Technology and Privacy: The New Landscape' MIT Press, 1997

Clarke R. (1994) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues', Information Technology & People 7,4 (December 1994) 6-37, at http://www.anu.edu.au/people/Roger.Clarke/DV/HumanID.html

Clarke R. (1999) 'Identified, Anonymous and Pseudonymous Transactions: The Spectrum of Choice', Proc. Conf. User Identification & Privacy Protection, Stockholm, June 1999, at http://www.anu.edu.au/people/Roger.Clarke/DV/UIPP99.html

Froomkin A.M. (1995) 'Anonymity and Its Enmities' 1995 J. Online L., at http://www.law.cornell.edu/jol/froomkin.htm

IPCR (1995) 'Privacy-Enhancing Technologies: The Path to Anonymity' Information and Privacy Commissioner (Ontario, Canada) and Registratiekamer (The Netherlands), 2 vols., August 1995, at http://www.ipc.on.ca/web%5Fsite.eng/matters/sum%5Fpap/papers/anon%2De.htm

Resources that Explain Underlying Infrastructure

Here are some resources that explain infrastructure technologies that underlie some of the privacy-invading and the privay-enhancing technologies:

• information infrastructure generally
• fundamentals of the Internet

Resources on Specific PITs and PETs

Here are some resources on particular technologies that the series is unlikely to cover (because there's just not enough room):

• PITs
  • the Australia Card, the enhanced Tax File Number scheme and some subsequent attempts at a national identification scheme
  • direct marketing in general

Here are some resources on important technologies that I will cover when I can, but haven't got to yet:

• PITs
  • multi-purpose identification schemes
  • video-surveillance in the workplace
  • vehicle tracking
  • consumer profiling
  • profiling ( Clarke 1993b) a technique whereby a set of characteristics of a particular class of person is inferred from past experience, and data-holdings are then searched for individuals with a close fit to that set of characteristics;
  • Internet tools such as spam, cookies and single-pixel gifs for tracking purposes
  • various tools used by direct marketers, including consolidated collections of consumer data, consumer profiling and text pattern-matching
  • call centre technologies
  • Calling Number Display (CND), aka Caller-ID and Calling Line Identification (CLI)
  • the PBL/Acxiom consumer database in particular
  • call centres
  • Calling Number Display (CND), aka Caller-ID and Calling Line Identification (CLI)
  • person location and person tracking
  • stalking
  • privacy issues on the Internet generally
  • spam
  • e-lists
  • cookies
  • identity theft
• PETs
  • remailers
  • cryptography
  • net-based payment mechanisms
  • Platform for Privacy Preferences (P3P)
  • Intrusion Detection and Firewalls for Personal Users
  • Napster (a File-Sharing Technology with a Central Directory)
  • Distributed File-Sharing Technologies (aka peer-to-peer or P2P)
• technologies that can be either PITs or PETs
  • chips and chip-cards
  • Public Key Infrastructure (PKI)

Other Resources

• other papers of my own on dataveillance and privacy:
  • my base paper on 'dataveillance'
  • the concept of 'the digital persona'
  • papers relevant to PETs
  • an annotated bibliography of my dataveillance papers
  • my dataveillance home-page
• other introductory papers:
  • the Internet
  • a history of the Internet in Australia
• my catalogues of:
  • other people's papers on the topic
  • other people's resource sites
  • e-lists on the topic

The Origins of 'PIT' and 'PET'

The term 'privacy-enhanced mail' (PEM) was used at least as early as the mid-1980s, in the RFC series 989 (February 1987), 1040 (January 1988), and 1113-1115 (August 1989), which defined a 'Privacy Enhancement for Internet Electronic Mail'. See RFC1113. The term referred, however, only to the narrow concept of message transmission security, and its requirements of confidentiality, authentication, and message integrity assurance.

The much broader concept of 'privacy-enhancing technology' or 'PET' has been around since at least the mid-1990s. Marc Rotenberg has tracked down an early usage of the phrase (at that stage without the acronym) in a CPSR Statement of 10 June 1991. Ann Cavoukian in Toronto and Peter Hustinx in Amsterdam used it as the title of a joint work in 1995. EPIC's Marc Rotenberg in Washington DC was also using it at around the same time. They're likely to know whether one or more of them originated it, or they co-opted it from someone else again.

As far as I'm aware, I originated the neologism 'privacy-invasive technologies' or 'the PITs' in late 1998. For a while I flirted with the notion of 'PST' (privacy-sympathetic technology), as a means of distinguishing between tools for anonymity (PETs) and those for pseudonymity (PSTs). To the extent that they think about its precise meaning, most people tend to use PET to cover both categories; and that's how PET is used in this series of papers. I am using 'savage PETs' and 'gentle PETs' to distinguish anonymity from pseudonymity tools.

Like some of my other neologisms over the years, 'the PITs' may or may not catch on. But the pleasantly academic question of the naming of memes is a side-issue; what's important is that the concepts that they describe come into the mainstream, and get discussed.

About Privacy Law & Policy Reporter

Australasian Privacy Law & Policy Reporter is a well-established newsletter, with over 60 issues behind it. The General Editor is longstanding privacy specialist Graham Greenleaf. He is Professor of I.T. Law at the University of U.N.S.W. and Director of the Cyberspace Law & Policy Centre@UNSW, and Co-Director and Co-Founder of the Australasian Legal Information Institute (AustLII). Associate Editor is Nigel Waters, who served for many years as deputy to the Privacy Commissioners of the United Kingdom and then Australia.

The Reporter is published by Oliver Freeman of Prospect Media in Sydney, who commissioned this column. Here are subscription details for the Reporter.

Navigation

Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Created: 28 November 2000

Last Amended: 6 April 2001, with a small enhancement 21 October 2002; addition of FfE licence 5 March 2004

These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).