We Need a 'Do Not Track' List

Over a decade ago, the federal government did something which made people's lives better. A law was passed by a Republican House and a Republican Senate and signed by a Republican president, and it has demonstrably made people's lives better. It was called the "Do-Not-Call Implementation Act" and it created a government database where private individuals could voluntarily add their phone number to block its use by telemarketers. So far, it's been a smashing success, and the law was improved by making the list permanent (so people don't have to keep signing up for it) in 2007. Also in that year, a survey showed that 72 percent of Americans had registered for the list. The time has now come to build upon this landmark legislation and create a "Do Not Track" list, to further protect consumers' privacy.

While I have to admit that the recent news that Senator Dianne Feinstein has discovered a new love for the Fourth Amendment, when she realized she was being spied upon by a government agency (and which she is now being roundly ridiculed for, due to her previous lack of interest in upholding the Fourth Amendment for ordinary Americans), this is not actually the subject I'm writing about today. I admit that the news did inspire this column, but only because of a peripheral issue I noticed as a footnote in one of the Feinstein articles. President Obama's deadline for coming up with a plan to replace the N.S.A.'s bulk telephone metadata program is approaching at the end of this month. One of the suggestions made when Obama first announced this shift in policy never got the attention it deserved, perhaps because at first glance it sounded better than what's going on now: instead of the N.S.A. collecting all the telephone data (some suggested), why not have a private company do so instead? That way the big, bad government couldn't access the data without a court's approval.

Nobody ever offered up any details to this harebrained scheme. What company would go into this business, after all? Just vacuuming up telephone data and then creating a massive database of it all would be the business' main function, and doing so would be expensive (to say the least). But who would be its customers? The federal government might be convinced to pay for the data searches it required, but would that bring in enough money to fund the massive computer server installation it would require? Would the business somehow be legally barred from making any other sort of profit off the information it collected, or would it be free to sell the data on the open market? Is that really a better scenario than the N.S.A. holding the data in the first place? At least the way things are now, your telephone metadata isn't being sold in bulk to anyone willing to pay. Or maybe it is, but at least it's your own phone company doing the selling, and not some third party you've never even heard of.

Americans are now being tracked as they've never been tracked before. What is normal and accepted these days sounds like a tinfoil-hatted paranoiac's delusion from just a few decades ago, in fact. Imagine meeting a conspiracy theorist from the 1980s, if you will, and telling him that computer tracking chips have not, in fact, been implanted in everyone's brains by a secret government program, but instead we have all gone out and paid our own money for computer tracking chips, which we all then voluntarily carry around with us at all times. These chips track our location at all times, courtesy of a network of "global positioning" satellites put in space to do so, and the data is then harvested by the government without scary government doctors ever having to implant a single chip into a single baby's brain. The 1980s conspiracy theorist would probably chide you for coming up with such an unbelievable theory, and refuse to accept that we'd all ever pay our own money for such chips. Until you showed him your cellphone, of course.

Last week, CBS ran a segment on 60 Minutes about how much we are tracked online. "Data brokers" know an amazing array of things about anyone who surfs the web with any regularity, and they will happily sell this information to anyone who wishes to purchase it. The list of information tracked was a long and detailed one: name, sex, birthdate, religion, medical history (including prescription purchases), sexual preferences, what you buy, where you go, where you live, and so on. Also recently in the news was a story about companies that do nothing but track license plates of all the cars on public roads. They amass license plate data and then sell it, which together with vehicle registration records, gives any purchaser a complete record of everyone's travel. These days, it's hard to identify any piece of data which isn't tracked for hundreds of millions of Americans on an ongoing basis.

Americans, as things stand, don't have an explicit constitutional right to privacy. There is no privacy amendment (even though it'd probably be a good idea). The law is, quite obviously, on the side of those tracking and selling all this data. This is what needs to change.

We need a "Do Not Track" list, to compliment the "Do Not Call" registry. How it would work would be simple. You would go to a website (or call a number) and add your name to the list, on a voluntary basis. Nobody would be forced to use the list if they didn't want to, in other words, just like the Do Not Call list. On the website, you would make your own choices about what you didn't want tracked. You could list your name, or your computer's I.P. address, or your vehicle license number. There might be a row of checkboxes to select what level of privacy you desired, containing things like your birth date or your prescription drug records. The amount of information you provide would be entirely up to you. If you didn't want to add your license plate number, then you could still have your name or your computer on the Do Not Track list, or vice versa.

Once on such a list, third-party private companies could not track your data. Period. Any data brokers would have to scrub their databases of everyone on the list before selling their data to any third party. This would include people who track website usage, medical data, license plate data, phone data, and any other personal data collected by a company without the consumer's knowledge.

As I said, it's a pretty simple idea. Do Not Track means do not track. At all.

The data brokers are currently operating in Wild West fashion. There are few rules to constrain them. They are breaking new technological ground -- even a few years ago, it would have been impossible to gather license plate data on such a scale, for instance. And in the data feeding frenzy, the consumer has almost no protection for the most private pieces of data about them.

So before anyone rolls out their "let's have a private company do what the N.S.A. is currently doing" plan, let's instead concentrate on the other side of the issue first. It is high time for Congress to take up the subject of consumer privacy. After a decade of the wildly-successful Do Not Call list, it is obvious that such a government system could be set up and could work as designed. OK, well, maybe hire someone different than the Obamacare website guys, but still....

Kidding aside, the only thing lacking for the creation of a Do Not Track list is political will. The core idea was passed by a Republican Congress and signed by George W. Bush, so there shouldn't be any ideological or partisan argument to even be made. The public would (if their enthusiastic acceptance of Do Not Call is any indication) be overwhelmingly in favor of such a law. Civil libertarians from both sides of the aisle could be the ones to boldly push such a bill -- say, a bill co-sponsored in the Senate by Rand Paul and Patrick Leahy. Freedom from unwanted tracking could be a rallying cry just about any politician should be able to support.

Do Not Track. It's simple, really. I don't want to be tracked. I don't want my name sold, my personal information sold, or my physical location sold. Period. I bet I'm not alone in that feeling, either.

We need a Do Not Track list. And we need it now.


Chris Weigant blogs at:

Follow Chris on Twitter: @ChrisWeigant

Become a fan of Chris on The Huffington Post