Computers Freedom and Privacy 2002

Conference Overview and Key Themes

During the week‑long Computers, Freedom & Privacy (CFP2002) gathering, a diverse group of attorneys, corporate executives, lawmakers, and privacy advocates turned the city into a battleground for civil liberties, data protection, and commercial interests. The schedule was packed: four consecutive days of panels, workshops, and keynote speeches that left attendees with a clearer sense of the stakes involved. Even the casual observer could hear the tension in the room as each side argued over the balance between national security, economic growth, and individual rights.

One of the most striking moments came early in the first session when Sun Microsystems CEO Scott McNealy declared, “You have zero privacy anyway,” to a crowd of reporters. The remark seemed to echo a prevailing cynicism that privacy is a myth in the digital age. Yet, across the floor, several speakers challenged this fatalistic view. They argued that while the threat to privacy is real, it is not insurmountable. Their stance was simple: we need to engage actively with the technology that endangers us, not simply resign ourselves to its consequences.

Throughout the conference, the conversation repeatedly returned to the question: how do we protect what little privacy we have left? Panelists noted that the erosion of privacy is most acute after significant national events. The September 11 attacks, for example, accelerated legislative proposals that would broaden government surveillance. The CFP2002 sessions provided a platform to dissect these proposals, assess their risks, and identify practical measures for mitigation. The consensus that emerged was that the fight for privacy requires coordinated action at both the public and private levels.

Even with the heavy topics on the agenda, the event remained accessible to newcomers. The organizers ensured that each session was followed by a Q&A, giving attendees the chance to pose real questions. In many cases, the audience itself became a catalyst for change, with participants expressing concerns that the speakers had not yet covered. This dynamic helped keep the conversation grounded in everyday reality rather than abstract legal jargon.

Overall, CFP2002 proved to be more than a series of speeches; it was a living debate that reflected the anxieties and hopes of a society wrestling with rapid technological advancement. The discussions set the stage for the following sections, where we dive into the specifics of national ID proposals, state‑level reforms, and the organizations fighting for privacy.

National ID Card Debate and the Aftermath of 9/11

After the attacks on September 11, 2001, the idea of a national ID card gained traction among some technology leaders and policymakers. The argument was straightforward: a single, government‑issued ID would simplify background checks, streamline services, and reduce fraud. Yet the conversation at CFP2002 turned the notion on its head. Andrew Schulman, a software litigation consultant, presented a detailed critique of the so‑called “border crossing card” concept. He argued that the idea was a pretext for an intrusive surveillance apparatus that would undermine civil liberties.

Schulman’s paper, accessible through his website undoc.com, outlined how a national ID system could become a “one‑stop shop” for tracking citizens. It highlighted how the system would likely be integrated with existing databases, creating a sprawling network that could be exploited by both domestic and foreign actors. The presentation underscored that the technical feasibility of such a system has long been surpassed by the political will to implement it, a combination that had already proved disastrous in the past when other data‑collection programs were misused.

The conference participants debated whether a national ID was the best response to the security crisis. Many felt that it represented a slippery slope: once the government has the power to collect data on every individual, the temptation to expand that power is immense. Others, however, argued that a well‑designed ID system could coexist with robust privacy safeguards. They suggested that a modular approach, in which each jurisdiction maintains control over its own data, might mitigate the risks. Still, the consensus leaned toward caution, with several speakers urging that any ID proposal be subjected to rigorous independent oversight before moving forward.

Another key issue that emerged during the discussion was the role of private corporations in the national ID debate. Several CEOs and executives acknowledged that tech companies could provide the infrastructure for such a system. Yet they also emphasized that their own corporate policies could become a shield for government overreach. This tension between commercial interest and public oversight highlighted why the CFP2002 sessions were critical: they brought together the very stakeholders who would shape the final outcome.

While the conference did not resolve the national ID controversy, it did plant the seeds for a more nuanced debate. The participants left with a clearer understanding of the technical, legal, and ethical dimensions involved. That knowledge would be essential for anyone looking to influence the ongoing policy discussion surrounding personal data and national security.

California’s Legislative Push: SB 773 and State‑Level Privacy Reform

California often leads the way in privacy legislation, and CFP2002 featured an in‑depth look at Senate Bill 773 (SB 773). Senator Jackie Speier presented the bill’s core goal: to curb the sale of private financial information by banks and other financial institutions. The legislation sought to grant Californians greater control over who could access their banking data and under what circumstances.

Speier’s presentation highlighted the bill’s three main provisions. First, it would require explicit, written consent from consumers before any financial information could be shared. Second, the bill would impose stricter penalties for non‑compliance, including fines and the potential revocation of banking licenses. Third, it would mandate transparent reporting, so that consumers could see which entities had accessed their data. The speaker stressed that the bill was not designed to stifle legitimate business practices; instead, it was aimed at protecting individuals from unauthorized data exploitation.

California’s unique approach to privacy was also reflected in the broader context of the conference. Several IT leaders from state agencies demonstrated how existing systems could be upgraded to meet SB 773’s requirements. They explained that, with the right investment in technology, banks could transition to a consent‑based model without significant disruption. The audience was impressed by the practical examples, noting that privacy and profitability could coexist.

The conference underscored how state legislation can set a national precedent. While SB 773 would only apply to California, its success could pressure other states to adopt similar measures. Moreover, the bill’s structure could serve as a template for federal privacy law, especially given the lack of strong privacy advocacy at the national level.

Speier also used the platform to call for continued grassroots advocacy. She encouraged attendees to get involved in the legislative process, whether by writing to their representatives, participating in public comment periods, or attending town hall meetings. The underlying message was clear: protecting privacy requires civic engagement, not just legislative drafting.

National Privacy Organizations and the Fight for Public Awareness

While individual states were making strides, several national organizations remained active in the privacy arena. These groups were at the forefront of litigation, public education, and policy advocacy. Among the most notable were the Electronic Privacy Information Center (EPIC), Consumer Action, the Privacy Rights Clearinghouse, and JunkBusters. Each organization took a slightly different angle but shared a common goal: to safeguard consumer data.

EPIC’s website epic.org hosts a wealth of resources, including research reports, policy briefs, and legal briefs. The organization has been involved in landmark cases that defined privacy rights in the digital era, such as fighting the surveillance powers of the Department of Homeland Security. EPIC also runs an active public outreach program, offering workshops and seminars for law students and journalists.

Consumer Action focuses on the intersection of consumer protection and privacy. Their online library, consumer-action.org/English/library/privacy_rights, includes a comprehensive guide to privacy rights, best practices for businesses, and a directory of privacy‑friendly products. The organization is also known for its “Right to Know” campaign, which urges companies to disclose the extent of their data collection.

The Privacy Rights Clearinghouse (