Those Who Are Upright

Berglund Authority Level 4

by Glee Cady <gleecady@gmail.com>

In this column, I had thought to write about new ways to think about the principles we use as foundations for our cultural (and business’) response to privacy matters. But as frequently happens, my intentions, good though they were, were redirected, this time by the untimely loss of Ron Plesser, privacy attorney extraordinaire.

I say loss because we will miss him so badly. Ron personified the experienced, savvy, smart, and caring attorney. He led many many of us through the intricacies of assembling, building, and implementing the compromises that assure that most stakeholders are consulted, considered and acknowledged in developing good public policy.

Let’s start with Ron’s contributions to something we in the United States take for granted: The Freedom of Information Act. FOIA is a product of our American mid-twentieth century, even though it seems like it’s been there since the Constitution was written. After Ron graduated from law school, he joined the Ralph Nader organization and became the first director of their Freedom of Information Clearinghouse (now, this, too is on the web at http://www.citizen.org/litigation/free_info/). His work there defined much of what we use today as the process for making FOIA requests. As the attorney in Vaughn v. Rosen (1973), he helped establish the way that courts proceed in cases involving freedom of information disputes. The case resulted in the “Vaughn index.” To keep a document from disclosure, an agency must: “(1) identify each document withheld; (2) state the statutory exemption claimed; and (3) explain how disclosure would damage the interests protected by the claimed exemption." A short description of this case can be found at http://www.lectlaw.com/def2/u049.htm.

Many of you are no doubt familiar with the Organization for Economic Cooperation and Development (OECD) set of guidelines on the Protection of Privacy and the Transborder Flow of Personal Data (see: http://www.oecd.org/document/
18/0,2340,en_2649_37441_1815186_1_1_1_37441,00.html). These guidelines are usually referred to as “The OECD Privacy Guidelines.” They are frequently cited as the basis for the US Federal Trade Commission’s Fair Information Principles (see http://www.ftc.gov/reports/privacy3/fairinfo.htm). What you may not have realized is that, as important as the OECD is in the development and promulgation of the privacy principles worldwide, there is work that came before. And a great deal of that work was done by Ron Plesser.

In the mid-1970s, following work done at the Department of Health Education and Welfare (DHEW, the predecessor to DHHS), the US Congress became aware of the privacy issues that were beginning to surround us because of increased digital collections of information by our government. You’d look at the technology and tools available then and most likely laugh – what were these folks worried about? There were no personal computers and those computers in use were mostly not interconnected. The Arpanet was established (see http://www.dei.isep.ipp.pt/docs/arpa--2.html). However, the few network connections involved were used by researchers, not the information gatherers who would come later. And, as is frequently the case much of the work in growing the use of technology was being done in universities and research labs and not in the halls of government. Well, Congress became worried about the same things that worry us today: data about medical conditions and care; data about financial transactions; data collected for one government purpose and then (bright idea) thought to be extremely useful in another.

As a result of the concerns, the Privacy Act of 1974 was passed to establish a base of law to protect individuals -- or at least allow the individual to determine what information governmental departments and agencies might hold about him or her. (See http://assembler.law.cornell.edu/uscode/html/
uscode05/usc_sec_05_00000552---a000-.html and mirrored at http://www.epic.org/privacy/laws/privacy_act.html). Section 5 of that law established the Privacy Protection Study Commission (http://www.usdoj.gov/04foia/1974prostudy.htm) and subsequently the commission held many hearings to discuss how information about individuals is treated. Ron Plesser was the general counsel to the Commission. He traveled and studied and developed an extensive list of people to testify before the commission. The testimony represented the best practice of the time from American corporations, from advocacy organizations, from medical researchers, from both public and private sectors. Even today the lists of witnesses remain remarkable. One person who testified told me privately that he still marvels at the preparation work that Ron undertook and the care with which he presented fairly the materials to characterize the “state of the art.”

Following the months of testimony, Ron wrote the “final report” of the Commission titled “Personal Privacy in an Information Society”. (See http://aspe.hhs.gov/datacncl/1977privacy/toc.htm and mirrored at http://www.epic.org/privacy/ppsc1977report/c1.htm). I hope each of you take the time to at least look over this work. The description of the history of the use of Social Security Numbers is, in my opinion, one of the best descriptions of the tension which stems from our fear and resentment of identification numbers and the necessity to identify and authenticate individuals so that they may receive benefits. The report of the commission has other wonderful parts, of course, including the principles expanded from the ones developed at DHEW. The Center for Democracy and Technology (CDT) has a Privacy Basics section of their website which easily sums up the expanded principles: http://www.cdt.org/privacy/guide/basic/ppc.html. These recommendations led to the OECD’s Guidelines, published first in 1980.

Ron went on from this frequently cited work to represent companies and trade associations. He helped those of us who had concerns about privacy. He worked in the then new arena of electronic commerce. He advised us about the issues that stem from transmitting intellectual property and/or information about people in the borderless world of the Internet and in the very border-conscious world of nations and the law.

I personally was privileged to work with Ron only in the last ten years of his life. I first met him when I worked with a coalition of concerned folks (the online service providers, the America Library Association, the Society of Professional Journalists, and many others) called the Citizen’s Internet Empowerment Coalition or CIEC (http://www.ciec.org/about/). The CIEC represented those interested in the constitutional challenge of a section of the Telecommunications Act of 1996 called the “Communications Decency Act” or the “Exon Amendment”. Mr. Exon, then the US Senator from Nebraska, believed that indecent transmissions on the Internet should be prevented. My small part was to try and explain Internet technologies to the attorneys, the legislators, and the news people. Ron was one of the attorneys who prepared us, even though our corporate legal representatives were from one firm and the coalition’s principle litigator was Bruce Ennis, from another firm.

While the Communications Decency fight was being fought, privacy concerns continued. Ron was counsel to the Individual Services Reference Group (http://www.nib.com/irsg.htm), a group that privacy advocates certainly believed were the “dark side”. This group formed from the companies that gathered and sold information about individuals. There was great concern about the operations of these companies and Ron was instrumental in helping them develop principles they would use in their work. You can read the FTC’s report which includes the principles at http://www.ftc.gov/opa/1997/12/inrefser.shtm.

In addition to his work within the US, Ron’s knowledge of privacy matters made him an asset to many of the data protection directorates throughout the world. He was especially well known in Europe where he reached out to data commissioners on behalf of his many clients.

Of course, when it rains, it pours, and all this was happening at the same time as a new copyright treaty was being discussed at the World Intellectual Property Organization (WIPO). In December 1996, WIPO convened a convention to discuss the new copyright framework. (See http://www.tashian.com/carl/docs/copyright/ for one description of the convention). And Ron was helping us there, too. Our concern as network providers was that of liability for infringement. Carriers are not (and can not, in my opinion, effectively be) responsible for the activities of their users. Again I was dispatched to describe the infringement case in which my company found itself and to explain the technology. Ron made it possible for me to help all of us Internet users by understanding which conference attendees needed to know more to make a balanced treaty.

Ron also was kind enough to supply Pat McGregor and me with a piece for our privacy book on COPPA (the Children’s Online Privacy Protection Act) and the FTC’s decisions resulting from the act. His taking the time to contribute is a perfect illustration of the way that Ron mixed the professional with the personal.

None of these important things touch on the essential Ron. He cared. He cared about his clients. He cared about his family. He cared about me and my family. He always asked about my children. He gave me tickets to a ballgame to entertain my very ill brother-in-law. He cared about people he’d never met but could imagine would need the protection that legislation and principles could provide. He wrapped all of us in what one of his eulogizers called “hoops of steel”, keeping us and our families close, surrounding us with his love. All of us, even those of you who never met him, have benefited from his caring.

For a perspective from someone who knew Ron much better than I, see his partner’s remembrance at http://www.piperrudnick.com/media/newsdetail.aspx?id=12948. There is also a remembrance blog at http://ronplesser.blogspot.com.

The celebrant at his memorial service chose Psalm 15 (http://bible.oremus.org/?passage=Psalm+15 in one translation) as the responsive reading. This song so represents all that Ron was: “Those who are upright; who do justly; who speak the truth within their hearts … Who give their word and … do not retract; who do not exploit others.”

That was Ron -- All smart, all caring, all the time on your side (even when you disagreed with him) without exploiting others. How we will miss him.