Multimedia as a new challenge and opportunity in privacy: The examples of sound and image processing

Joel R. Reidenberg Fordham University School of Law - New York

Multimedia presents the Information Society with a variety of novel challenges and opportunities for privacy. Multimedia combines image, audio, text, data, transmission and transaction capabilities to enable the creation of products and services as varied as home shopping and PC videoconferencing. These possibilities alter the dimensions of privacy.

Prior to digitalization, recordings were relatively static media. Diversions, manipulations and modifications were possible only with special equipment and transmissions usually entailed discrete point-to-point transfers. Society generally expected sound and image to be authentic. In these contexts, voice and photographic processing implicated specific, limited privacy interests. Privacy typically meant the prevention of intrusive photographers, the restriction of the unauthorised uses of one's name or likenesses, and the preclusion of unwanted listeners. [1] Before the turn of the Twentieth Century, Warren and Brandeis wrote of the threat to privacy from intrusive new technology, the camera. [2] Well before that, in biblical times, civilization developed a strong tradition controlling images: the Ten Commandments went as far as prohibiting any attempt to make a certain graven image. More recently, in this century, communications technology spawned anti-wiretap-ping laws. [3]

Digitalization and the combination of transaction capabilities remove constraints on sound and image processing. Manipulations and modifications of sound, image, text and data become routine and desirable in the construction of a networked Information Society. Digitalization destablizes society's expectations for sound and image; digitalization both expands the privacy interests of individuals and consolidates diverse areas of the law. The treatment of digital images and audio implicates the control of personal information and not just the problems of intrusive recordings or unauthorized disseminations. Image and sound now fall under a broader rubric of fair information practice. Principles of fair information practice set conditions for the collection, use, storage and dissemination of personal information. [4] Digitalization further overlays the treatment of personal information with intellectual property protections that historically allocated rights to control images and sound. Already, this expansion of interests has been raised in public discussions in the United Kingdom concerning image processing for college applications [5] and by regulatory authorities in France. [6]

In essence, multimedia and the Information Society are now pushing and redefining the boundary that society accepts for the observation and disclosure of an individuals thoughts and activities. [7] The multimedia "data stream” presents a critical challenge to privacy through the impact of digitalization and the structure of multimedia systems. At the same time, the multimedia data stream offers opportunities for fresh thinking about privacy boundaries and for the establishment of new consolidated norms to respond to the challenges.

I Understanding the Multimedia data stream

The development of multimedia relies on the digital conversion of sound and image and the efficient structuring of their delivery systems. Multimedia requires that sound and image be encoded to numeric representations and decoded back to aural and visual form. The characteristics create new electronic data streams of personal information with unintended consequences for privacy. These data streams encounter established principles for the fair treatment of personal information that did not expect the "processability” of sound or image. At the same time, the new data streams confront enshrined rules and norms for image and voice (intellectual property and privacy) that did not anticipate the information processing aspects of today's multimedia.

Beyond the digital conversion, networks for processing and delivering multimedia push for efficient architectures that can consolidate or distribute functions and data across a wide range of sites. For example, video-on-demand services may involve one site to store the content, another site to route content to users, and a third site to process payment aspects. [8] Alternatively, all features and functions may be centralized on one processor and one local storage medium like a CD-ROM. At any point, the architecture may also be changed. This dynamic structure leaves the dimensions of privacy in a state of flux.

A. The Digital Conversion

Digitalization is one of the keys to both the challenges and opportunities in multimedia privacy. Digitalization itself moves image and audio into the realm of complex information processing. Any personal computer can manage and modify a data stream. Digital information has significant "plasticity”. [9] Digitalization also means that multimedia users become producers of components of the data stream; interactivity leaves critical traces that themselves become part of the data stream. Digitalization turns sound and image into dynamic information rather than static aural and visual representations.

The digital conversion is significant in terms of each multimedia component. For images, numeric processing allows the matching, manipulation and creation of visual information. For example, with just a few key strokes, a faxed image of a letter can be reconstituted in different computerized form by the recipient. A signature may be electronically "cut out” and saved for future use and portions of the text may similarly be cut out and saved. These elements can then easily be re-assembled with additional text or images. The personal information in the image becomes automatically processable. [10] Optical character recognition software enables the conversion of images and faxes to searchable text. [11] Hypertext software and object packaging [12] can transform images into computer searchable data. This type of software allows users to define searchable, hierarchical levels. With these features, images can be packaged as objects and linked to key words in a hierarchical level. Essentially, these features create indexed images that can be accessed, rearranged and used electronically. [13] Direct image recognition and editing software also exist. [14] For example, image processing now enables law enforcement to match eye retinas or finger prints to suspects. [15] In essence, digitalization transforms images into personal information. As such, digitalization implicates the standards for the treatment of personal information.

Similarly, for sound, digitalization creates "processability.” Analog sound waves when translated into numeric representations acquire malleability and transaction processing capabilities. For example, in the United States, telephone directory services use voice recognition to provide telephone numbers to callers. [16] The local telephone company in New York, NYNEX, offers customers voice dialing. [17] With voice dialing, a caller says the name of the person to be called and voice recognition functions process the oral statement, associate the voice with the caller, check the caller's personal directory and place the call. Telemarketing order departments are also using voice recognition and digital processing to manage customer orders. [18] Compaq even brought voice processing to the desk-top with digital voice messaging features built into their personal computers. [19] At the core, digitalization allows electronic sorting, organizing and categorizing of sound.

The digital conversion allows multimedia applications to combine the processability of each component (sound, image, data and text.) Electronic publishing, for example, offers complex processing capabilities inexpensively. [20] Hypertext software allows electronic sorting and organizing of sound, video and image all together. [21] High speed digital telephone lines (ISDN service) make videoconferencing on personal computers possible with real time simultaneous visual, aural, textual and data communications; [22] live video and audio inputs convert to a digital data stream. [23] These services link information to individuals as do teleshopping and other on-line multimedia services. Both the act of using multimedia and the content of multimedia generate personalized processing of information.

Beyond the processability of the content of multimedia (the sound and image), users create a wealth of new information for the data stream. The customization of multimedia for users provides an increasingly precise profile of the behavior of individuals. Transaction capabilities built into multimedia products generate personal information. Imagine, for example, a film-on-demand service sponsored by advertisers who provide teleshopping opportunities during each film. The user's film preferences as well as advertising preferences can now be monitored and analyzed with details as precise as the viewer's sound volume choice for particular segments of specific commercials. Even self-contained multimedia products generate similar transaction information. Hypertext program features include the creation of an audit trail. [24] Multimedia makes knowledge of individual behavior easier to obtain; patterns and details of interactive uses flourish in the multimedia environment.

B. Dynamic System Structure

The architecture of technological systems for multimedia comprises a second key novelty that impacts on privacy interests. Multimedia may be fixed locally, such as the case with a CD-ROM, or may be designed for interactive use across distances, such as the various on-line services. System architecture takes on a complex character that implicates the responsibility for the handling of personal information. Depending on the architecture, different participants control the multimedia data stream. For example, content may be intrinsically bundled with software that only allows read access to sound and image. Or, the same sound and image may be distributed through a web site on the Internet that allows users to download the data for future applications. Technological responsibility for the treatment of personal information, thus, varies widely according to the structure of the multimedia data stream.

The architecture possibilities are also significant because distributed creation or delivery means that elements from various jurisdictions may be combined to form one multimedia production. [25] Multimedia products may be created and distributed across many computing and transmission sites at one or more locations. For example, in the area of "telemedicine”, ultrasound images are transmitted from nine geographically diverse clinics in Maryland, Virginia and the District of Columbia to centrally located specialists. [26] In Georgia, North Carolina, Texas, West Virginia and twelve other U.S. states, interactive systems allow doctors to examine patients hundreds of miles away and consult with specialists at distant locations. [27] These features have the consequence of raising privacy interests in multiple places simultaneously.

Like the "plasticity” of multimedia content, the system structure itself is also malleable. Digital multimedia combines mechanisms for product creation with those of delivery. Functional capabilities of hardware and software along with transmission and storage facilities each contribute to the development of multimedia products and services and each contribute to the delivery of those products and services to users. Many alternative technological paths are available to produce and distribute the same multimedia product. If one architecture has obstacles, such as undesirable rules, another may be developed to by-pass the trouble spot. Market pressures will also drive flexible system development. Multimedia markets will push for new ways to mine and recycle data streams. These pressures embed incentives for alternative system architectures.

II. The challenge of sound and image digitalization

The multimedia data stream forces sound and image processing to confront issues of personal information and fair information practices. Sound and image relate intrinsically to identifiable individuals. With multimedia, all information in the data stream becomes "personal information” linked to specific individuals. Information processing for sound and image, thus, directly implicates fair information practice principles. The data can be collected, scanned, searched, linked, and disseminated electronically. Digital sound and image processing with intelligent communications networks nevertheless challenge the distinctiveness of standards for the fair treatment of personal information. Multimedia merges legal regimes for the protection of individuals' interests. In addition, multimedia challenges the locus of control of information flows: the data stream diffuses processing and substantially widens the access afforded to digital sound and image.

A. Merging Distinct Legal Regimes

Sound and image processing pose a challenge to the distinct nature of the legal regimes developed to secure individuals' interests in society. Assuring the fair treatment of personal information in the multimedia data streams blends different forms of privacy protection. Digitalization of sound and image radically expands the applicability of principles for fair information practice, while at the same time merges intellectual property protections with the objectives of fair information practice principles.

Twentieth Century privacy law draws its origin in the "right to be let alone.” [28] This basic concept grew in the United States to enshrine interests against intrusions upon one's seclusion, the appropriation without authority of one's name or likeness for commercial purposes, the publication of private facts about a person, and the publication of facts that portray an individual in a false light. [29] During the last twenty years, distinct standards for fair information practices developed to assure the protection of individual interests in response to the transformation of record keeping from paper trails to electronic files. Fair information practice principles in the United States and data protection laws in other countries sought to establish standards for the collection, use, storage and dissemination of personal information subject to electronic processing. [30]

Before digitalization, the protection of rights to solitude and publicity offered individuals a specific mechanism to control image and voice recordings and transmissions, while fair information practice doctrines designed unique treatment for electronic personal information. Multimedia and the digital conversion links these two strands of privacy protection. The concept of electronic files and discrete processing activity no longer exists. Data streams and networks replace the data file. Multimedia automatically implicates the classic rights to prevent unauthorized publication of one's name, likeness and even voice. [31]

These 'rights to publicity' traditionally protected against the commercial appropriation of individuals' interests in their identity. Digital imaging and sound sampling cross these rights with fair information practice principles. For example, one of the major U.S. banks now issues a credit card with the cardholder's digital photograph imprinted on the card. [32]

Although U.S. rules for the treatment of personal information do not prohibit the card issuer from disclosing the details of a cardholder's transactions, the right of publicity would nevertheless restrict the issuer from using the digital photograph. [33] Similar crossovers exist in other legal systems. [34]

The solitude strand of privacy protection faces challenging scrutiny. The tort of intrusion upon seclusion traditionally applied to the manner in which sound and images were collected. The protection guards against hidden surveillance. To benefit from the seclusion right, some violation of private space must occur. Similarly, the protection against the dissemination of private facts historically assured individuals of control of sensitive or highly embarrassing information that was not publicly known. In informational privacy terms, solitude is only offended if multimedia derives from non-publicly accessible sources. By contrast, fair information practice principles maintain that personal information may not be collected surreptitiously, even if the information does originate in publicly available places. Under data protection standards individuals have rights of notice and consent to data collection. [35]

In according individuals control over sound and image data, solitude objectives overlap with the control granted to individuals by fair information practice principles. However, the threshold of interdiction is significantly lower for solitude than for fair information practice. Solitude would not, for example, protect against the use of digital recordings made while an individual was in a public square, but fair information practice rules might. Multimedia effectively eliminates the different thresholds. The overlap between solitude and fair information practice principles allows restrictions on the use of multimedia based on the lowest common denominator. In this environment, either solitude gains strength as a protection applicable even for public activities or fair information practices loses strength as a protection for all gatherings of personal information.

Another particular challenging aspect of the multimedia data stream is the allocation of responsibility for the accuracy of digital sound and image. System architecture may result in receipt by multiple participants of personal information. The server, processing nodes, user and data subject each may technologically gain access and store elements of the multimedia data stream. The "plasticity” of content and dynamic system architectures hides the actual control of personal information. Sorting out the site of particular multimedia activities and the treatment of personal information is not likely to be easy. For the application of basic fair information practice rights of access and correction, these features pose an important obstacle to individuals. Similarly, assuring data minimization and deletion of stale personal information becomes uncertain with robust and diverse multimedia data streams. Ironically, at the same time as responsibility becomes diffused, the transmission or delivery mechanisms for multimedia increase opportunities for unintended access to the data stream. For example, data traffic on the Internet is accessible to anyone connected to this global network. Thus, security precautions, including encryption, surround issues of accessibility and accuracy of data.

Specific attributes of digital sound and image processing also raise hybrid challenges. An act of "multimedia consumption” produces a wealth of personal information in the form of network transaction data and patterns. "Netsurfing,” for example, becomes attractive to find patterns or other identifiable information. On the Internet's world wide web, the names of users who accessed on-line pictorial catalogs are for sale. [36] One company, eWatch, already monitors thousands of discussion groups on the Internet for clients who are interested in learning whether others are saying negative things about them. [37] The same functions will become available to scan and search images and sound for particular characteristics.

Sound and image processing also pose a challenge to the principle of fair information practice that seeks distinct protection for sensitive data. Every sound and image falls within the category of "sensitive data.” Images of individuals reveal racial characteristics and medical conditions such as skin or eye problems. Sound processing reveals nationality or ethnic origin through the classification and recognition of accents. For example, voice dialing must distinguish accents for the transaction features to work. Yet, to treat all sound and image as "sensitive data” diminishes the meaning of the term and the level of protection. The data stream from telemedicine, for example, is at once as intrusive, obtuse and anonymous as any information can be. Telemedicine may contain the most sensitive health information such as a magnified image of a person's sexually transmitted disease virus, yet be incomprehensible to the untrained eye of anyone in the data stream other than a specialist physician. Similarly, the image may not be identified to any particular patient at sites along the data path. In effect, the multimedia data stream introduces ambiguity for special protections for "sensitive” information.

Beyond the hybrid challenges to principles of fair information practice, the treatment of digital information mixes with the treatment of intellectual property. While data privacy may have a foundation in property and intellectual property theories, [38] multimedia works directly evoke the protection of intellectual property laws. [39] Copyright historically accorded rights to control the exploitation of expression. These principles apply to the storage, dissemination, and use of image and audiovisual works. The dissemination of information becomes complex with distributed computing systems and the application of conventional copyright rules to multimedia becomes uncertain. [40] "Digital libraries” place newstrains on the use of information and traditional works of audiovisual entertainment. [41] Despite the special problems applying intellectual property rights to multimedia works distributed through digital networks, [42] evolving standards for intellectual property will continue to mediate aspects of the control of images and sound. This overlaps with the objectives of fair information practices and further erodes the distinctiveness of the two legal and policy regimes.

The emphasis in intellectual property law on rights to control the commercialization of works of authorship parallels the concern in data protection for the finality of data use. Protection for the ownership of sound and image data under intellectual property may operate to impose limits on multiple uses of the data stream. For example, Microsoft's arrangement with content providers for its new global network, MSN, establishes rules of control of personal information generated through the system. [43] The rules set up by Microsoft protect the privacy of network users by banning content providers' use of network client data, but they also assure to Microsoft the proprietary value of the users' information. Although the results of protection for fair information practice and intellectual property may overlap, they cannot be coextensive. Copyright protects individuals as such only as an incident to the allocation of valuable economic rights, and fair information practice principles impinge on the copyright allocation of those economic rights. In essence, digitalization challenges the boundary between intellectual property and fair information practices.

Even beyond the general body of privacy law and intellectual property law, multimedia merges the treatment of personal information with previously unrelated areas of law. For example, the telecommunications doctrine that provides immunity to carriers for liability based on the content of communications is now under scrutiny. [44] Whether or not new liability standards are imposed on networks for the content of the data stream, the scrutiny will have an effect on the processing of sound and image. Liability threats will push networks to force content providers (i.e. the producers of multimedia) to examine the treatment of personal information. This does not, however, suggest any specific outcome. Similarly, labor laws condition employer monitoring activities and regulate image and sound surveillance of employees.

The expansion of the scope of treatment of personal information and the merger of legal regimes poses a further challenge to efficient network architecture. Uncertainty and con-fusion over legal standards will affect the development of multimedia infrastructures. The technological systems for multimedia networks will be structured around the legal challenges. Participants in the data stream will try to by-pass rules and standards they find undesirable. This can present either an opportunity or a hindrance to business activity.

B. Shifting Control of Information

Multimedia technology also effects a significant shift in technical control of personal information. Any computer can manipulate the multimedia data stream. Every access point to multimedia services can simultaneously generate a data stream. The architecture of multimedia systems increases in geometric fashion the number of processors of personal information and the availability of access to the data stream.

Multimedia empowers government, businesses and citizens with new scanning capabilities and applications. This technical empowerment of all segments of society diminishes the relative strength of individual participation in the circulation of personal information. For example, video surveillance once was the province primarily of the state and has now become ubiquitous. [45] The pressures to increase digital surveillance shift greater control of data streams away from individuals and toward institutions. [46] Paradoxically, wider access to the data stream and personal computers defy any central control of data streams. Instead, digital sound and image processing may be controlled simultaneous by various participants. Intelligent transportation systems ("ITS”) provide a good example of this combination. Various forms of ITS surveillance rely on image and sound processing capabilities. [47] At Newark airport in New Jersey, the license plate of every vehicle exiting the parking lot is scanned and matched against a list of suspect plates. Matching drivers is similarly available. These features may be controlled by law enforcement or by an administrative agency. [48] Yet, at the same time, private sector companies may control parts of the data stream or have access to key elements such as the cars passing through Newark airport. [49] One private organization, ITS America, for example, wants to develop national standards for the data stream. [50]

The multimedia data stream also shifts significant stakes in the regulatory control of the data stream. This shift occurs across subject areas and territorial jurisdictions. The digitalization of sound and image confers substantially greater power on data protection regulatory authorities. Fair information practice takes on an overarching role in the flows of data. The shifting regulatory stakes are not a positive sum transfer. Mediators of intellectual property rights lose a degree of control to data protection authorities. The more robust role for data protection may also come at the expense of other regulatory authority. For example, those responsible for labor laws and employee monitoring will be marginalized in comparison to data protection. A key reason for this shift will be the body of expertise that data protection authorities already have in the supervision of fair treatment for personal information.

Because the multimedia data stream is global, national regulatory control also loses efficacy. The identical data stream (or elements of it) will encounter both national and foreign regulation. Consequently, foreign standards emanating from the various privacy, intellectual property and fair information practice doctrines will impact on national standards for the treatment of sound and image processing. No single set of regulations nor any single territory will be able to dictate a complete set of standards for multimedia and privacy.

These shifts in technical and regulatory control of personal information are unlikely to be smooth. The specific implications of the technical power shift will be hard to recognize ex ante. Privacy consequences of a particular technological change will emerge ex poste after movements in the data stream. In contrast, the regulatory shifts face interbureaucratic struggles for power as multimedia data streams develop. Jurisdiction over the data stream goes to the heart of future power in an Information Society. Throughout these shifts, a social consensus on sound and image processing will be elusive because the issues are complex and span a diverse international community.

III. The Opportunity for Converging Protections

Despite all the challenges, multimedia offers an unusual opportunity to enhance individual interests through the convergence of privacy protections. The merging of fair information practices with other concepts of protection for information can create new "privacy” for individuals based on the combined application of standards from different areas. By assembling a package of protections, the fair treatment of personal information may acquire an important conceptual strengthening and may gain significant technological enhancements.

A. Conceptual Strengthening

Although multimedia erodes the distinctiveness of standards for the treatment of personal information, the expansion of fair information practice coverage and the merger of legal disciplines does not weaken the underlying goal of protecting the interests of individuals. Rather, the convergence of privacy protections provides a subtle, but important conceptual strength to fair information practice principles. By overlapping intellectual property rights with fair information practice principles, multimedia introduces major political and intellectual allies to the cause of fair treatment of personal information.

The legacy of intellectual property rights for image and sound offers an intuitive basis for protection of digital multimedia. Individuals readily perceive the abuse from an unauthorized use of their photograph or voice. Because economic value is allocated to intellectual property rights, the stakeholders recognize an immediate need to protect ownership in the multimedia data stream. These stakeholders including content providers and infrastructure developers are well organized and have strong incentives to promote legal protections for image and sound processing.

In contrast, fair information practice principles have a more subtle, sophisticated basis for the protection of individuals. Fair information practice standards enshrine human rights and democracy values in society. [51] The ground rules for the treatment of personal information address intangible social issues like citizen rights and free flows of information.

These concepts are more difficult to grasp than the economic interests in intellectual property. As a result, the stakeholders are diffused across society with many divergent interests and not readily organized.

By crossing the lines of privacy protections, multimedia crystallizes the problems for individuals and mobilizes the organized stakeholders from the intellectual property arena in a way that can benefit individual interests in fair information practice. Multimedia augments the conceptual appeal of standards for the treatment of personal information. Multimedia makes the treatment of information an immediate and significant issue for individuals; the convergence with intellectual property results in an intuitive grasp of the need to protect individuals in the multimedia data stream. Individuals perceive how integrity is directly implicated by the appropriation of any elements of one's image or voice. Yet, for the typical forms of personal information gathering, integrity only becomes an issue when a sufficient amount of personal information is aggregated. For the average citizen, the details are often hard to obtain and therefore difficult to perceive as problematic. [52] Now, the traditionally strong protections of intellectual property and tort re-enforce the protections for personal information. Simultaneously, multimedia raises an immediate and significant need for intellectual property owners to assure fair protection of information. This promotes efforts to create legal protections for the treatment of sound and image.

Ultimately, the merging of legal doctrines offers novel possibilities for devising new protections. Elements of previously diverse legal doctrines, such as rights of publicity and copyright, may now be assembled to provide a single coherent legal structure to the processing of sound and image. The coherence results from the aggregate effects that protect individual interests.

B. Technical Mechanisms

The multimedia data stream also invites opportunities to develop technical mechanisms for the protection of individuals. Technical measures for self-help have a long, sometimes tortured, history. [53] Technical choices can embed privacy interests in the multimedia data stream. [54] For example, the choice of delivering content via a CD ROM rather than a client server network has a major impact on finality of personal information and access to transaction patterns. With the CD ROM, the recipient can control the usage data and may not be limited in the manipulation of the images and sound stored on the disk. In the network environment, the server, rather than the recipient, has greater control over both. In any event, a range of technological options from encryption to digital signature standards responds to disclosure and authentication concerns of digital works. [55]

The business community often looks to security protections to assure its ownership interests in intellectual property "assets.” [56] The implementation of security provides valuable control over the treatment of digital images and sound. Although this control seeks to protect business ownership, it can offer possibilities for fair information practices that protect individuals' interests. Security can assure accuracy and integrity of personal information. At the same time, security can be used to accomplish limitations on the use and circulation of personal information on a network. These features are each critical for multimedia in a dynamic network environment and show that business and individual interests may be contiguous.

Technical standards, like those established by the International Standards Organization or the American National Standards Institute, for equipment, transmission and processing interoperability may also provide options for the treatment of personal information. As standard formats develop to facilitate the electronic exchange of information, [57] coding for the treatment of personal information becomes a logical corollary. Standards organizations can, for example, develop protocols to include permission codes along with transmissions of multimedia works. Already, electronic royalty clearing systems are emerging to allow calculations of copyright fees based on network usage. [58] These systems electronically tag digital works to identify owners and execute royalty payments. For the multimedia data stream, similar electronic tags can be created to preserve the participation and interests of individuals in sound and image. As an example, protocols may be developed to lock data after use or to assure only specific uses of image and sound.

Finally, technical standards may be used as a means to regulate the appropriate treatment of personal information. For example, the Canadian Standards Association has prepared a code for data privacy and is contemplating a proposal for audit certifications. [59] In today's financial marketplace, no major corporation would ever fathom doing business without regular financial audits. In tomorrow's Information Society, no multimedia enterprise will contemplate participation without information audits and fair treatment of personal information.

IV. Conclusion

Multimedia presents significant challenges to privacy. Digitalization expands the scope of activities that involve the computerized treatment of information about individuals. In blurring boundaries, multimedia merges intellectual property, traditional privacy, and established fair information practice norms together. Sorting out the appropriate treatment for the multimedia data stream calls for new models and tools.

The complexity and overlapping nature of privacy protections in the context of the multimedia data stream provides opportunities for customized rules for the treatment of personal information. Society has an interest in standardizing privacy features in network architecture. Technological options and developments should be regarded as valuable components of a system of standards for fair information practice in the multimedia arena. The elements of varied regimes for legal protection including intellectual property rights should be assembled to frame the treatment of sound and image as personal information.

As a high priority, the multimedia data stream requires institutionalized vigilance. Society has an enormous stake in the manner in which multimedia products and services develop and the outcome of varied protections. Both the planning and implementation stages of multimedia products and services must consider the fair treatment of individuals. Yet, the challenges and opportunities of multimedia for all participants in society cannot be understood in an ad hoc fashion. Review of the treatment of sound and image as well as strategic analysis must be systemic in the Information Society. Satisfactory solutions will only come from careful, multifaceted and interdisciplinary thinking.

1 See, e.g., Restatement (Second) of Torts, § 652 (1977); William Prosser, The Right of Privacy, 48 Calif. L. Rev. 383 (1960).

2 Samuel Warren & Louis Brandeis, The Right of Privacy, 4 Harv. L. Rev. 193, 196 (1890) (the press was "overstep-ping in every direction the obvious bounds of propriety and of decency.")

3 See, e.g., 18 U.S.C. §§ 2510-2520 (1988 & Supp. 1993).

4 See, e.g., U.S. Information Infrastructure Task Force, Privacy and the National Information Infrastructure: Principles for Providing and Using Personal Information (June 6, 1995) (available on Internet World Wide Web at http:://iitf.doc.gov); U.S. Privacy Protection Study Commission, Personal Privacy in an Information Society (1977); O.E.C.D. Recommendations of the Council Concerning Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, O.E.C.D. Doc. No. C (80) 58 [hereinafter "OECD Guidelines"]; Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data, Euro. T.S. No. 108 (Jan. 28, 1981)[hereinafter "European Convention"]; Directive of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data, (July 24, 1995) [hereinafter "European Directive"].

5 British colleges are considering accepting UCAS applications as images, but recognize that the data protection rules mean different treatment for the applications and confidential reports. This was discussed on the Internet listserve, "dataprotection@mailbase.ac.uk," during June, 1995.

6 See C.N.I.L., 14ieme Rapport, at 65-70 (1994).

7 Robert C. Post, The Social Foundations of Privacy: Community and Self in the Common Law Tort, 77 Calif. L. Rev. 957 (1989) (arguing that privacy torts form a consensual boundary in society).

8 See, e.g., C.N.I.L., Délibréation no. 94-058 du 21 juin 1994 et Délibréation no. 94-059 du 21 juin 1994, reprinted in C.N.I.L., 15ieme Rapport, 64-65 (1995) (describing some of the pay per view arrangements in France).

9 Pamela Samuelson & Robert J. Glushko, Intellectual Property Rights for Digital Library and Hypertext Publishing Systems, 6 Harv. J. Law & Tech. 237, 240 (1995) (the authors denote "plasticity” as the ease with which digital works can be manipulated and modified.)

10 These activities can be accomplished readily using an IBM compatible personal computer and Windows software (e.g. WinFax Lite and Word Perfect 5.2). The entire operation takes just a few minutes.

11 Many commercial scanning devices come pre-packaged with "Optical Character Recognition” software. Hewlett Packard, for example, sells its scanners with Calera WordSCan. See, e.g., J&R Computer World, Pre-Summer Catalog, at 87 (1995).

12 Object packaging refers to the preparation of a digital image that is to be accessed by clicking on an icon at a specific point in a database file. See, e.g., Microsoft Corp, Microsoft Windows & MS-DOS 6.2 User's Guide, at 120 (1993).

13 See Folio Corp., Folio Views Personal Electronic Publishing Software User Guide Version 3.0 for Windows, at 47, 186, 292-299, 324-335 (1993).

14 See J&R Computer World, Pre-Summer Catalog, at 90 (1995) (Cannon sells its scanning devices packaged with OFOTO 2.0 image editing software.) The popular Microsoft Paintbrush program for Windows also allows image "editing” or manipulation.

15 See Ben Grove, In a blink cops find ways to ID suspects, Chicago Trib., July 14, 1995, at 1 (describing retina imaging technologies); Indentix, Inc., SEC Filing Form 10K (June 30, 1994), available on LEXIS On-Line Service, COMPNY libary, COMPNY file (describing fingerprint imaging technology).

16 See Michael T. Kaufman, Sorry, Ma'am, No Listing for 'enry 'iggins, NY Times, June 26, 1995, at D1, D4.

17 Id.

18 Richard Szathmary, Telemarketing Computer Communicates; New Technology, designed to replace operators, gets the gist of conversations, DM News, June 5, 1995, at 10.

19 The Compaq Presario line of personal computers comes equipped with a "complete phone center” that includes call switching to voice mailboxes and caller id capture features.

20 Programs are commercially available for several hundred U.S. dollars.

21 See Folio Views Corp., Folio Views Electronic Publishing Software User's Guide Version 3.0 for Windows (1993).

22 Intel ProShare is one of many emerging commercial PC videoconference products; CU-SeeMe is one of the first university products that experiments with videoconferencing over the Internet. The concept is not complicated. The user mounts a small camera and microphone on a PC. With an add-on circuit board, the PC converts the camera image and microphone sound for digital transmission and displays the other party on screen. At the same time the parties communicate on screen, the PC allows the parties to share the same document or database file.

23 A "codec” converts live video and audio inputs into digital information. The device relies on emerging international standards to establish common, recognized protocols for the processing of multimedia data streams.

24 Folio Views 3.1, for example, has a "backtrack” feature that reconstructs previous use of other program features. The program also automatically tracks the databases that a user accessed during the current session.

25 See M. Ethan Katsh, Law in a Digital World 65-91 (1995) (discussing the mislabeling of information databases as "libraries.”)

26 Douglas D. Bradham, Sheron Morgan & Margaret E. Dailey, The Information Superhighway and Telemedicine: Applications, Status and Issues, 30 Wake Forest L. Rev. 145, 153 (1995).

27 Id., at 154-59.

28 Warren & Brandeis, supra note 1.

29 Restatement (Second) of Torts, § 652; See also Raymond Wacks, Personal Information: Privacy and the Law (1989); William Prosser, The Right of Privacy, 48 Calif. L. Rev. 383 (1960).

30 See supra note 4; Joel R. Reidenberg, Privacy in the Information Economy: A Fortress or Frontier for Individual Rights?, 44 Fed. Comm. L. J. 195 (1992).

31 The right of publicity protects a celebrity's interest in the prevention of unauthorized endorsements. The right has been extended to protection for voice. See Cal. Civ. Code, § 3344; Midler v. Ford Motor Co., 849 F. 2d 460 (9th Cir., 1988), cert. denied 112 S. Ct. 1513, 1514 (1992) (Ford violated Bette Midler's rights when it used her voice in a commercial). But see Tin Pan Apple, Inc. v. Miller Brewing, 737 F. Supp. 826 (1990) (strict interpretation of New York privacy statute does not extend protection to voice).

32 Citibank encourages its Visa cardholders to provide a photograph for use in digital form on the card.

33 See, e.g., Restatement (Second) of Torts, § 652C; N.Y. Civ. Rights Law, §§ 50-51 (McKinney 1990).

34 See Gilles Nejman, Les applications multimedias interactives: une analyse juridique pluridisciplinaire, 1994/4 Rev. de droit de l'informatique et des telecomms, at 12-13 (similar questions raised in France.)

35 See Joel R. Reidenberg, Setting Standards for Fair Information Practice in the U.S. Private Sector, 80 Iowa L. Rev. 497 (1995).

36 See Larry Jaffee, Web Firm Offers to Sell Requesters' Names: Catalogers can buy them from software firm, The Marketeers, DM News, Aug. 14, 1995, at 8.

37 See Larry Jaffee, Is Big Brother Netsurfing for Business Clients?, DM News, June 5, 1995, at 1.

38 See Yves Poullet, Data Protection between Property and Liberties in Amongst Friends in Computers and Law (H.W.K. Kaspersen and A. Oskamp, eds., 1990) (rejecting property basis for data protection in favor of foundation relying on liberty.)

39 See C.N.I.L., 14ieme Rapport, 65-70 (1994)

40 See Pamela Samuelson, Legally Speaking: The NII Intellectual Property Report, Communications of the ACM (Dec. 1994); Katsh, supra note 25, at 215-227.

41 See, e.g., Pamela Samuelson, Copyright and Digital Libraries, Communications of the ACM, Apr. 1995, 15; Pamela Samuelson & Robert J. Glushko, Intellectual Property Rights for Digital Library and Hypertext Publishing Systems, 6 Harv. J. Law & Tech. 237 (1993).

42 Id.; see also U.S. Congress Office of Technology Assessment, Information Security and Privacy in Network Environments, 106-108 (1994); U.S. Information Infrastructure Task Force, Intellectual Property and the National Information Infrastructure (Sept. 1995) (available on Internet World Wide Web at http:://iitf.doc.gov).

43 See Denise Caruso, New Microsoft Network will offer a wealth of Privacy, N.Y. Times, July 24, 1995, at D4.

44 See Stratton Oakmont, Inc. v. Prodigy Services, 1995 N.Y. Misc. Lexis 229; Cubby v. CompuServe, 776 F. Supp. 135 (S.D.N.Y. 1991). There are also controversial debates in the U.S. Congress regarding liability for the electronic distribution of pornography and within the Administration concerning liability for electronic dissemination of copyrighted works.

45 The installation of surveillance cameras now permeates urban banks, supermarkets, and workplaces. See also, C.N.I.L. De´libe´ration no. 93-001 du 12 jan. 1993 reprinted in C.N.I.L., 14ieme Rapport, 66-70 (1994) (discussion of concerns over increase in surveillance programs).

46 See Simon Davies, Welcome Home Big Brother, Wired, May 1995, at 58 (discussion of pressures to increase video surveillance in Kings Lynn, United Kingdom.)

47 See, e.g., Sheri Alpert, Privacy and Intelligent Highways: Finding the Right of Way, 11 Santa Clara Computer & High Tech. L. J. 97, 101 (1995).

48 The New York and New Jersey Port Authority have responsibility for Newark airport.

49 See, e.g., Dorothy Glancy, Privacy and Intelligent Transportation Technology, 11 Santa Clara Computer & High Tech. L. J. 151, 170 (1995).

50 See Glancy, supra note 49, at 183,

51 See, e.g., Symposium: Data Protection Law and the European Union's Directive - The Challenge for the United States, 80 Iowa L. Rev. 431 (1995); Joel R. Reidenberg, Rules of the Road for Global Electronic Highways: Merging the Trade and Technical Paradigms, 6 Harvard J. Law & Tech. 287 (1993).

52 See Joel R. Reidenberg, Setting Standards for Fair Information Practice in the U.S. Private Sector, 80 Iowa L. Rev. 497 (1995).

53 As Pamela Samuelson notes, Umberto Eco's famous novel, The Name of the Rose, points to a peculiar form of self-help to control readership of illuminated manuscripts from the middle ages. Pamela Samuelson, Copyright and Digital Libraries, Communications of the ACM, at 16 (1995).

54 See Joel R. Reidenberg, Rules of the Road for Global Electronic Highways: Merging the Trade and Technical Paradigms, 6 Harvard J. Law & Tech. 287 (1993).

55 See, e.g., U.S. Congress Office of Technology Assessment, Information Security and Privacy in Network Environments (1994).

56 See U.S. Congress, Office of Technology Assessment, Issue Update on Information Security and Privacy in Net-work Environments, 71-72 (1995)

57 See Henry H. Perritt, Jr., Format and Content Standards for the Electronic Exchange of Legal Information, 33 Jurimetrics 265 (1993).

58 U.S. Congress Office of Technology Assessment, Information Security and Privacy in Network Environments, at 108-110 (1994).

59 See Colin Bennett, Implementing Privacy Codes of Conduct: A Report to the Canadian Standards Association (April, 1995).