Joel Reidenberg, Ph.D., is no stranger to the spotlight. As a law professor at Fordham since 1990 and current president of the faculty senate, Reidenberg is naturally comfortable with publicity.
His area of expertise, ironically, is privacy. In 2005, he founded the Center on Law and Information Policy (CLIP), which explores how the law protects information, cultivates innovation and supports information-based economies. Among CLIP’s activities are monthly roundtables between academic experts and practitioners from the New York region about such issues.
After watching the Internet grow from a tool of die-hard computer enthusiasts to an integral part of 21st century communication, Reidenberg points to two aspects of online life that remain unsettled—how individuals’ private information is handled and the way online space is regulated. If the technological infrastructure of the Internet provided much of the regulatory force in its infancy, he maintains that the law is catching up.
“Governments are really looking to see how the law can be used to harness technology and to assure that societal values are being supported by the way technology is deployed, rather than vice versa,” Reidenberg said.
The Communications Decency Act of 1996, which Congress passed to regulate pornography on the Internet before the law was overturned, is a good example. In addition, the court ruled against the file-sharing program Grokster in 2005 for facilitating the violation of United States copyright law.
“So we are seeing the law focus more on intermediaries—the technological developers—as key gateways to relegating behavior online,” he said.
What interests Reidenberg, who has co-authored three books and monographs on international data privacy, are the struggles between what he calls network elites and the democratically chosen rules of sovereign countries. In 2000, for instance, Yahoo was ordered by a French court to block Internet users in France from accessing Nazi memorabilia sold through the Yahoo auction site. Yahoo argued unsuccessfully that it was not bound to respect French laws barring the sale of items that incite racial hatred because the company was based in the United States.
“Yahoo is a global organization. It’s doing business around the world. Is it appropriate for us to say that an American company doesn’t have to comply with the laws of a country where it does business? I don’t think so,” Reidenberg said. “Just like we would say a company doing business in the United States doesn’t get immunity from American laws if its headquarters is based overseas.”
To show how it cuts both ways, Reidenberg noted that when the Canadian website iCraveTV.com began streaming American television shows on the Internet back to the United States in 1999, 21st Century Fox pursued legal action against the site, forcing it to shut down.
Filtering technologies are much more robust now, as shown by the way regimes in Burma and in China have sealed themselves off from the world, he added.
As computer processors become faster and memory becomes cheaper, Reidenberg said that technology is encouraging greater data gathering and storage. This runs contrary to typical notions of privacy.
“Greater gathering and greater storage pose a privacy problem when the gathering and storage is done without an architecture that disaggregates identity from the data,” he said. “Organizations can have large quantities of data stored and used anonymously; but typically they don’t, and our law does not encourage anonymization.”
A more hopeful place for privacy advocates is Europe, where Reidenberg earned a Ph.D. in law at the Universite de Paris 1 (Pantheon-Sorbonne) after completing his J.D. at Columbia. Europeans view privacy as a fundamental right and not as a marketable commodity, so corporations have been forced to tighten standards for sharing information.
As a result, Reidenberg thinks it would be highly unlikely that a program like Facebook.com’s Beacon would have been introduced there. The much-maligned program publicized users’ online purchases to other Facebook members. In one instance, a man’s fiancée learned through the site that he’d bought a diamond ring via Overstock.com, a bargain basement website. Protests forced the company in December to allow users to opt out. Unfortunately, Beacon is not unique, Reidenberg said.
“Let’s assume he bought that ring with a credit card. The credit card company would certainly be data mining the fact that he bought the ring from a particular store, and the card company would try to use that information to market new products to the guy,” he said. “What’s the difference? Behind the scenes information about that same purchase was most likely being sold to third parties, but the buyer didn’t know about it.”
It’s not only a situation of big businesses that are in favor of collecting information versus individuals who want to keep it private. The American government is pushing for greater surveillance over data such as airline passenger lists and transactions between banks.
“We now have the problem that business becomes an instrument of law enforcement,” Reidenberg said. “The government is so concerned about getting data for surveillance. Where do you think they get information? The government buys data from the private sector. We would never allow our government to collect much of this information directly, but we do allow the government to buy it.”
Reidenberg is currently working on a book about the power struggle between the rule of law and democratic rulemaking versus the technological rules of the networking community that first launched the Internet.
“How information flows has enormous political and social implications and in democracies we usually confer on the state the regulatory authority to establish the rules,” he said. “But the people who have been writing the rules up until now were the technologists. As the ’Net becomes more mainstream, technologists lose authority to the state, and they don’t like that.”