o

OC

SOCIAL IMPLICATIONS OF THE COMPUTER UTILITY

Paul Armer

August 1967

Copyright © 1967THE RAND CORPORATION

P-3642

1

SOCIAL IMPLICATIONS OF THE COMPUTER UTILITY

Paul Armer

The RAND Corporation, Santa Monica, California

I am concerning myself in this Paper with the social

implications of the computer utility concept. The emphasis

will be on the privacy issue and what we can do about it.

But before I deal with this problem, I'd like to devote a

few minutes to some of the others; in particular, the un-

employment problem.

In the 1950s a number of people were predicting mass

unemployment as a result of the introduction of computers

and automation into the U.S. economy. Predictions were

made that a few percent of the labor force, utilizing ma-

chines, would soon be able to produce all the goods and

services society could consume. In these days of near

full employment, such predictions are less numerous. But

the emergence of the computer utility concept appears to be

bringing the prophets of mass unemployment back on stage.

For example, in The Challenge of the Computer Utility [I] ,

Any views expressed in this Paper are those of theauthor. They should not be interpreted as reflecting theviews of The RAND Corporation or the official opinion orpolicy of any of its governmental or private researchsponsors. Papers are reproduced by The RAND Corporationas a courtesy to members of its staff.

This Paper was delivered at the Informatics/UCLASymposium on "Computers and Communications - Toward a Com-puter Utility," held at UCLA, 20-22 March 1967.

2

Douglas F. Parkhill says, "For the plain truth is that we

are fast approaching the day when very little, if any,

human labor will be necessary in our economy." I think

this is nonsense. My argument goes like this.

Even though the U.S. is the richest nation in the

world, in 1963 the average family had about $6700 to spend

annually. Let's assume several rates of growth of produc-

tivity (productivity is defined as output-per-man-hour) and

see how that $6700 might increase by the year 2000. If the

present rate of approximately 2.6 percent is maintained,

each family will have about $14,700. Even if the rate

increased to 4 percent per year, the number is less than

$27,000. At those figures, I think you will agree thatpeople won't be sitting around with more money than they

know how to spend. The rate of growth of productivity would

have to more than double for average family income in the U.S

to become significantly large in even 50 years, a possibility

which seems to me to be extremely unlikely for the economy

as a whole. And this analysis ignores the rest of the world-

an omission we can hardly afford, even if we wanted to do so.

The base for the world starts out much lower. Excluding the

U.S., the world's per capita income is about 12 percent of

what we enjoy in this country. Looking at that part of the

world outside of Europe and North America, the base is but

6 percent of the U.S. income.

I want to emphasize that what I've been saying is

that I disagree with the prediction that a few percent of

3

"A

our labor force will be able to produce all the goods and

services that society can consume. I have not denied that

computers and automation displace people from jobs—that

is often the very motivation for their introduction. Con-

sequently, I do believe that computers and automation do

cause problems in the employment arena—problems for which

society must develop solutions. But I disagree with the

prediction that the problem will be one of massive un-

employment. Rather, I believe, the chief problem will be

one of retraining, relocation and placement; of providing

for continuing education, and of keeping the economy grow-

ing. Further, I have not said that we will not suffer from

unemployment in the future. Rather, I have said that we

will be in need of the output of our entire labor force.

Unfortunately, we may not be socially sophisticated enough

to keep everyone producing. For example, a great many con-

struction workers are out of work today even though we

badly need more schools, hospitals, and housing.

Before leaving the topic of unemployment, let me make

an observation. It used to be that an individual could go

to school, take a job, learn through experience, move up

in his organization, and do well until retirement—drawing

in his latter years, so to speak, on the intellectual

capital he coined in school and on the job. This is be-

coming less and less true. Now the pace is such that

significant changes take place in a period of time which

4

is short compared to the life span of man. Today we find

companies terminating men of a given speciality while

hiring younger men in that same speciality. We find com-panies restricting the percentage of older men among new

hires; we find companies in trouble because their managers

are obsolete. We find individuals psychologically dis-

turbed because they feel that they are obsolete. Society

must find ways of dealing with these problems by facili-

tating the process of continuing education. A big question

is how to finance such education, where the losses

associated with foregone wages and salary while going to

school will be very large.

Let me briefly touch upon several other issues

Parkhill [1] uses the phrase "altered almost beyond recog-

nition" to describe the society that will exist after the

current computer revolution has run its course. Although

I find those words somethat extreme, I do believe that we

are in for some very significant changes. One of the few

safe things one can say about the future is that it will be

fantastic and full of surprises.

Richard Hamming [2] has pointed out that large quanti-

tative changes often bring about profound qualitative

changes. He notes that when things are changing rapidly

an "order of magnitude" or "factor of ten" is a convenient

measure. For example, we can travel by foot at about 4miles per hour, by auto at 40 miles per hour, and by jet

5

aircraft at something more than 400 miles per hour; i.e.,

each mode differs from its predecessor by an order of mag-

nitude—a factor of ten. The capability of getting around

at 40 miles per hour has profoundly affected our way of

life, and jet travel has shrunk our world immeasurably.

Contrast the pace of these changes with what has been

occurring in the computer field. The last order-of -magnitude

change in transportation took about 50 years for us to achieve,and while another factor of ten may be but 10-15 years in the

making, another order of magnitude beyond that, at least for

earthbound travel, is probably infeasible. But the speed

of the electronic portions of computers has been increasingby an order of magnitude about every four years, and it looks

like that pace will continue for some time. Size (againI'm talking about the electronic portion of the computer)

decreased by an order of magnitude in the last ten years,

and will probably decline by three orders of magnitude during

the next decade. More importantly, the cost of raw com-

puting power has declined by an order of magnitude every

four years, and this trend looks like it will hold for

awhile.

The amount of computing power in the U.S. has been

expanding by an order of magnitude in something less than

four years. Shouldn't we expect a great impact on society

from such rapid change in computer technology? And now,

with the advent of the computer utility, we foresee that

6

computing power will be distributed in much the same way

as electrical power and telephone service. Developments

in the computer field will indeed alter our way of life

significantly.

Concomitant with dropping costs and utility-like

distribution of computing power, information— as a com-

modity—will become inexpensive, widely marketed, and

readily available. That may not sound like either a very

profound or a very significant prediction—until you stop

and think about its implications.

As you know, the computer-utility and information-

processing technology will have tremendous impact on

medicine, government, education, and law enforcement.

Legal practice will change considerably. The impact on

banking and finance will be revolutionary. The cashless

and checkless society is obviously technologically feasible

now and will soon be economically feasible. (Political

feasibility is another question.) Personally, the thought

of a system that will record and store information on what

I purchased for how much at what time and place everytime

I purchase so much as a newspaper or candy bar frightens

me. And that brings me to the privacy question.

I have predicted above that information, as a commodity,

will become inexpensive, widely marketed, and readily

available. Here we are concerned with information on indi-

viduals. As we go through life we generate an endless

7

+

stream of information about ourselves and our activities.

We are born and immediately have medical records; we go

to school and generate grades, IQ test scores, psychological

profiles, and behavior information; we get a Social

Security card and have an employment history; we may enter

military service or take a job requiring a security clearance

we may get married and have children; we take trips and make

purchases. Today, much of the information about our ac-

tivities is never recorded; e.g., most of our cash financial

transactions. What information that is recorded and col-

lected is widely dispersed and somewhat difficult and ex-

pensive to assemble. Information exists in small, widely

dispersed puddles. But the advent of computer utilities

and rapid changes in related technology are making it

feasible to draw these puddles together into large pools of

information. To put it another way, present systems give

the individual a measure of privacy that he may lose in

the computer utility era.

The Panel on Privacy and Behavioral Research of the

Office of Science and Technology [3] defined privacy in this

way :

The right to privacy is the right of the indi-vidual to decide for himself how much he willshare with others his thoughts, his feelings,and the facts of his personal life. It is aright that is essential to insure dignity andfreedom of self-determination.

I trust that the importance of privacy, both for indi-

viduals and organizations, is self-evident. It apparently

8

isn't to everyone; I've been asked at various times whenspeaking on this topic: "Why are you so concerned—what

have you got to hide?" The fact is that individuals and

organizations do need, at times, to hide. The Constitutionof the United States was itself hammered out behind closed

doors in Philadelphia. Historians are agreed that if ourforefathers had been forced to work in a fishbowl, the

results would have been much different. The individualneeds personal autonomy—he needs the emotional release of

"off stage" moments when he can be "himself," free of thevarious roles he plays in his daily life; he needs limitedand protected communication. I trust I needn't dwell on

the specter of Orwell's 1984.

On this question of the need for privacy, I would liketo call attention to two articles by Alan Westin appearing

in the June and November (1966) issues of the Columbia Law

Review [4,5]. (These will be incorporated in Westin 'sabout-to-be published book.)

But if privacy (like God and motherhood) is inviolable,

what's the problem? The problem arises out of conflictsbetween the individual's right to privacy and society's

right of discovery. By the latter I mean the belief that

society has the right to know anything that may be known

or discovered about any part of the universe— and man ispart of the universe. Society aspires to know the universe.

Society has raised its level of aspirations in many

ways—we look for improved efficiency in government, better

9

1

1J

law enforcement, and more rational programs in general.

To do this, government needs more and better information

about what is going on —information about people and or-

ganizations. Government also feels that it must have

information to protect society from disorder and subversion

Thus, today, we read of proposals to consolidate govern-

ment files and to establish National Data Banks of various

types .The common good cannot be realized in a society con-

sisting only of private entities—it requires some re-

nunciations of the rights of personal and corporate privacy

But the threat to privacy is not confined to the

public sector. Many believe that the private sector repre-

sents a much more serious threat. The market for informa-

tion on individuals and organizations has always existed.What is new is that computer technology is introducing

orders-of-magnitude change into the economics of that

market. Information about people is useful in making de-cisions about hiring, granting credit, and myriads of otherissues. Information about people is the stock in trade

of many magazines and newspapers. There are, of course,

nefarious uses of information—e.g., the stock-market caper

early in 1967 involving the manipulation of stock brokers

around the country [6] .Thus we see that threats to privacy arise in both the

public and private sectors. And we see that privacy is not

10

an absolute—we must strike a balance between the right

of the individual to privacy and the common good. Achieving

the proper balance is the problem.

What can be done about assuring individuals and or-

ganizations an appropriate level of privacy in the era of

the computer utility? First, let me repeat that the problem

has been with us for a long time and has not been brought

about by the computer. But the computer, by introducing

orders-of-magnitude change into the economics of the situ-

ation, is bringing about significant qualitative changes.

We might consider one aspect of this change as positive:

the computer is focusing light on a situation of long

standing, where reality is undoubtedly much worse than most

people realize. As a result of the examination going on,

some aspects of the problem may be improved over the present

A system of controls on the invasion of privacy must

have four elements: rules, safeguards, penalties, and

remedies. Rules are mainly the province of Congress and

state legislators. They must decide on what information

can be collected and consolidated, and who can have access

to it for what purposes. This will not be an easy task,

and the lawmakers should be able to draw on the computer

industry for advice and counsel. The rules with respect

to interrogation of a computer file must require that the

enquirer have a legitimate need to know. The question must

be material—i.e., important to the inquiry. It must be

11

relevant to the inquiry; and it must be lawful —i.e.,information obtained for one purpose should not be used

for some other purpose.

We are apt to see new rules as a result of this in-creased attention to the overall problem of privacy. For

example, it is likely in many instances that the individualwill be given the right to know what is stored about himin the computer utility and the right to challenge that

information. Rules may be enacted to require that the

system record every consultation of an individual's file,

and that the individual be notified of each consultation.John McCarthy once proposed a new civil right for the era

of the government computer utility: no one may be asked

by the government for information it already has.

Along more serious lines, McCarthy has also proposed

[7] that we invent the right to prohibit the maintenance of

files of information on individuals, by the government or

by private industry, without specific authorization. Such

a policy would represent a marked change from present

practice, but it is one that I believe should be seriously

considered. As I have stated earlier, I believe that thethreat to privacy from the private sector is most serious.Legislation limiting the existence of files would appear

to be one way of dealing with this threat. I also believethat the right of confrontation and of being notified of

consultations should apply to the private sector as well as

the public.

12

Let me skip over the topic of safeguards for the

moment and briefly discuss penalties and remedies : Thereis apt to be considerable incentive, financial and other,

to breach the security of information utilities. If

penalties are to be an effective deterrent, they must be

severe. The remedy problem is knottier. We do haveprecedence in the law of libel with respect to remedialaction if an individual or organization were to be damaged

by incorrect information. But if the damage results from

the truth, things become muddy. I'm obviously not a legal

expert, but this looks to me like a problem needing

attention.

Returning to safeguards: Let me first reiterate a

basic principle recently stated by Frank Wagner—"a de-

termined intelligent penetrator can crack any security

system if he has adequate resources available. Absolutesecurity cannot be achieved." What we must do is make thecost of breaking the system sufficiently high so as to

discourage most potential violators.

What are the vulnerabilities of a computer utility?

Let us briefly review the makeup of such a system. At the

user's end are terminals connected by communications linesto a switching center connected by other lines to thecentral processor, to which are connected the physical files.

Such a system is vulnerable to wiretapping or listening every

where it exists. An obvious remedy, of course, would be an

13

encryption (or privacy-protection) program. Encryption,

however, is not cost free; and cost-effectiveness criteriaare indicated. We'll need a lot more data here before any

intelligent decisions can be made. Cost data on variouslevels of protection will be easier to arrive at than

assessment of the loss resulting from a breach of the

system.

At the console end of the computer utility, we are

faced with problems of both user and terminal identifica-

tion and authentication. We can anticipate the use of keys,

identification cards, passwords, and "computer hang-up and

call back" procedures. It should be borne in mind thata password may be compromised by a single use; there islittle protection in the present practice of repeated use

of passwords.

At the other end of the system are the physical files

themselves. The threats here are theft, copying, and un-

authorized access. We're probably in pretty good shape

with respect to protecting such files against physical

theft—that's a problem we've had to deal with for a long

time. Unauthorized access and copying are more difficultmatters, requiring much more work and inventiveness. At

the central processor we must provide security in bothhardware and software, including schemes to monitor theprotection features built into both. We are all painfullyaware that we've much homework yet to do here. The central

processor represents the acme of system security since it

14

not only has access to all files and programs, but also

to necessary passwords, file access authorization lists,

and keys to the encryption schemes. Clearly, here, we

need the highest available level of protection.

Computer-utility personnel will include the user at

the terminal; the men involved in the maintenance of the

terminals, communications, and the computer system itself;

computer operators; and system programmers. These last

are obviously in the most sensitive position of all, for

they "know all" concerning the protective features built

into the hardware and software. You're probably all aware

of the recent instance of a programmer for a bank who

"patched" a program so that it paid his overdrafts and

suppressed the printing of the fact that his account was

overdrawn. All this suggests the need for personnel-

security systems similar to those required for the handling

of classified military information. (Incidentally, here

we see an example of the fact that privacy is not an

absolute thing--i . e . , individuals involved must give up

some of their privacy, through security investigations,

for the common good.) I would also hope that we will find

personnel-security systems required in the processing of

sensitive information in the private sector. If that sounds

like a somewhat radical proposal, I would point out that it

is akin to the accepted practice of licensing.

Clearly, we will need the equivalent of bank examiners

to insure the overall integrity of computer-utility systems.

15

Such monitors should have the authority and duty to con-

duct random audits, legislate practice, license and bond

personnel, etc. They might also employ teams of people

charged with attempting to penetrate systems.

In closing, I'd like to quote from Edward Shils [8]

Everyone needs to be allowed to live somewhatin the shade—both rulers and ruled —in orderto "keep" what "belongs" to one.

Intrusions on privacy are baneful because theyinterfere with an individual in his control ofwhat belongs to him. The "social space" aroundan individual, the recollection of his past, hisconversation, his body and its image, all belongto him. He does not acquire them through pur-chase or inheritance. He possesses them and isentitled to possess them by virtue of thecharisma which is inherent in his existence asan individual soul—as we say nowadays, in hisindividuality--and which is inherent in hismembership in the civil community. They belongto him by virtue of his humanity and civility—his membership in the human species and hismembership in his own society. A society whichclaims to be both humane and civil is committedto their respect. When its practice departsfrom that respect for what belongs to the privatesphere, it also departs to that degree fromhumanity and civility. A civil society cannotexist without that respect.

16

REFERENCES

1. Parkhill, D. F. , The Challenge of the Computing Utility,irkhill, D. F. , The Challenge of the Computing UtilityAddison-Wesley Publishing Company, Palo Alto,California, 1966.

2. Hamming, R. W. , "Intellectual Implications of the Com-puter Revolution," The American Mathematical Monthly,Vol. 70, No. 1, January 1963, pp. 4-11.

3. Privacy and Behavioral Research, Executive Office ofthe President, Office of Science and Technology,February 1967; U.S. Government Printing Office,Washington, D.C., 244-490-67-2, 1967.

4. Westin, Alan F. , "Science, Privacy, and Freedom: Issuesand Proposals for the 1970 *5, Part I: The CurrentImpact of Surveillance on Privacy," Columbia LawReview, Vol. 66, No. 6, June 1966, pp. 1003-1050.

5. , "Science, Privacy, and Freedom: Issues andProposals for the 1970 's, Part II: Balancing theConflicting Demands of Privacy, Disclosure, andSurveillance," Columbia Law Review, Vol. 66, No. 7,November 1966, pp. 1205-1253.

6. "Mob Blackmailing Broker to Push Stocks, Paper Says,"Miami Herald, March 15, 1967.

7. McCarthy, John, "Information," Scientific American,Vol. 215, No. 3, September 1966, pp. 65-72.

8. Shils, Edward A., "Privacy and Power," Computer Privacy,Hearings before the Subcommittee on AdministrativePractice and Procedure, Committee on the Judiciary,U.S. Senate, 90th Congress, Ist Session, March 14-15,1967; U.S. Government Printing Office, Washington,D.C., 77-577, 1967, pp. 231-248.