Date: Mon, 23 Sep 1996 21:18:36 +0200


Brave Old World:

Reflections on Europe in the Digital Age

Steve Carlson

So much fuss about a bottle of ketchup

Hungarian police recently sent a fax around to the local Internet service providers (ISPs) asking them to provide lists of their users in Esztergom, a small town outside of Budapest. It seems somebody had planted a bomb in a bottle of ketchup. Since everyone knows you can download bomb-making instructions from the Internet, the police figured they should investigate the local users. No, I'm not making this up.

What's more, nearly every local ISP gave the police this information. Fortunately my company has no users in Esztergom and so that's what we told the police. We got off lucky. Believe me, as much as might want to make a stand for privacy of information my company is NOT eager to do battle with the Hungarian authorities.

But that's what it might take. Because if the Hungarian police really understood the Internet they could have asked for even more. For example, it would only take a few keystrokes to forward a users' mail to the authorities. The police might also have ask for old email, since many ISPs back this up routinely.

But that's not all. Some ISPs run caching servers, machines that store frequently-viewed webpages so that users access them locally rather than across the net. An ISP's caching server could give the police a profile of what web pages the users have been browsing.

I'm not trying to scare anyone. My point is that sharing information on the Internet is a two-way street. Computers keep extensive records. Using the Internet often means you leave a trail behind you. This is part of life in the digital age.

This "electronic trail" is not unique to the Internet. Every time you use a credit card you create a record in several computers. Other computers may be storing information about you such as your medical history, driving record, tax filings and so on. The more we rely on computers to manage our affairs, the more information that may be "out there." This means citizens in the digital age should know their rights.

Many governments already have laws to protect private information. For example, the US has many laws restricting access to sensitive information such as medical and credit records. You might be surprised to know Hungary passed a law in 1991 to prevent misuse of information associated with the national identity card.

Yet the growth of new technologies is outpacing legislation. For example, Holland and other countries are experimenting with "smart road" systems that can identify the licence number of a moving car for purposes of toll collection. Cellular phones and satellite navigation systems can report the locations of their users. It's not difficult to imagine how these and other technologies could be abused.

Of course, now you know that even your local Internet provide has access to some rather sensitive information about you. This leads me to ask: what sort of service is your Internet provider actually offering?

When it comes down to it, your ISP is like your doctor, your lawyer, your accountant or your psychiatrist. Each of these professionals deals with your data; each profession is governed by a code of ethics, written or implicit. Moreover these limits are codified in law. If your accountant allowed your competitors to read the company books, you could take him to court.

Similarly, your Internet provider has an implicit duty to protect the privacy of your communication. Most professionals in my industry recognize this. I know most of the people working in Hungarian Internet and I doubt very much that they are reading your mail or mine. But they don't know where they stand in the eyes of the law.

Internet professionals should certainly assist the police in a legitimate investigation. But should every Internet user in Esztergom be investigated just because they could (theoretically) find bomb-making information on the Internet?

To hammer that point home a local Internet-based magazine has published, in Hungarian, complete bomb-making instructions: < netto/cyber/special/dinamit.htm>. In other words, if you've read this far you may be the subject of a future investigation. Have a nice day!