Privacy Technology Demonstrations
Department of Commerce
September 19, 2000

American Express,
American Express' Private Payments offers a more secure way to pay online using a random, unique number for each online purchase. This enables customers to purchase online without transmitting their actual Card account number over the Internet. Private Payments is available to American Express consumer and small business Cardmembers in the US. Private Payments generates a unique Private Payments number with expiration date that is then randomly created by American Express. The Cardmember transfers this information into the merchant order form to complete the purchase. The Cardmember's actual Card account number is not sent over the Internet, thus keeping this information private. The Private Payments number is designed to be used for a single purchase and to expire after the merchant authorization process is completed. Upon expiration, the Private Payments number cannot be used again if stolen., is an online privacy service, providing secure, anonymous web-surfing and email. The Anonymizer service is entirely server-based, allowing users to access their personalized anonymous services from anywhere on the Internet.

Netscape Cookie Manager - a feature of the new Netscape browser that allows users to view, block, and delete cookies based on their individual privacy preferences. For instance, it allows a user to determine who may and who may not set cookies on his computer, edit and/or delete any of the cookies on his computer, and review a list and detailed description of all the cookies on his computer.

This P3P user agent is implemented as a browser helper object for Internet Explorer. When users install this software, it adds a privacy button to the top of their browser window. Clicking on this button brings up a window where users can set their privacy preferences, check how well a site's P3P policy matches their preferences, or view a site's privacy policy in P3P or human-readable format. This tool was developed jointly with Microsoft.

Direct Marketing Association,
The DMA created this tool to help marketers create policies that are consistent with The DMA's Privacy Principles for Online Marketing. Companies can complete the questionnaire (basing their answers on their site information policies) and create a privacy policy statement to be posted on their own Web page.

Disappearing Inc.,
Disappearing Inc. is a San Francisco-based developer of email policy management systems and services that allow companies to mitigate the risks associated with email. The company's approach to email security is based on enabling cooperating parties to eliminate their old messages. The free Disappearing™ Email service gives corporations control over their email systems, and lets individuals write their messages in the digital equivalent of disappearing ink. Additionally, this commercial service expands on its basic offering to enable organizations to implement email policies that foster open, candid communications of sensitive matters via email.

Encirq is an online marketing services company that has developed a unique data engine to deliver individualized, consumer-centered personalized content over the Internet in a way that preserves consumer privacy. Neither marketers nor Encirq ever see the data. Rather, the data reside on each consumer's personal computer. Client-side modeling technology works to determine the interests and behavior of the user, and filters out irrelevant content. Marketers can send "multiple choice" messages, and Encirq's system ensures that only the relevant messages are seen by the consumer.

IBM will demonstrate the IBM P3P statement generator, and an application offered by Tivoli Systems (an IBM subsidiary) called "Privacy Manager," and will have information about its work to implement the security and draft privacy standards of HIPAA.

Privacy Companion is a browser add-on that helps protect surfer's privacy on the Web by providing control and information over cookies (both incoming and outgoing) and blocking data spills. Privacy Companion alerts surfers to possible tracking, lets users know who may have attempted to track them and where, and allows users to block 3rd party cookies while still enjoying personalized services from the site they are visiting. IDcide will demonstrate the preview version of the P3P-enabled version, allowing automated cookie decisions based on the site's P3P policy.

ID-Vault operates the Privacy Network, a solution that is a technical, legal, and security framework for B2B privacy. Today, not only do individuals need better control of their privacy preferences, but managers at organizations who handle the transfer of personal information need better tools to make sure each individual's privacy preferences are respected. The ID-Vault Privacy Network addresses the challenges of automation, compliance, and utilization of existing standards such as P3P and APPEL.

iLumin improves privacy and eliminates the hassles of doing business. ILumin delivers the technology to accelerate the closure of business, finance, government and personal transactions. iLumin's Digital Handshake ™ (DHS) product is a fully automated solution that enables people to securely and privately complete legally binding online transactions from start to finish. The DHS solution uses XML technology and Public Key Infrastructure (PKI) integration to ensure privacy by maintaining the integrity of documents. DHS empowers users to limit access to personal sections of a document and provides an auditable transaction trail throughout the life of the document. DHS satisfies emerging and existing legal standards and integrates easily into existing eBusiness infrastructure.

Incogno SafeZone™ is a patent-pending business process that enables Internet merchants to offer anonymous checkout directly to buyers. Using Incogno, customers buy and receive product shipments without ever revealing their names, addresses (including e-mail) or credit card information to the merchant. Incogno requires no software purchase or installation by the buyer, and the checkout process is not complicated in any way. Since a merchant no longer receives, stores or communicates credit cards with Incogno, its risk of fraud loss is greatly reduced.

iPrivacy's private e-commerce software lets users surf, shop, receive correspondence and receive delivery of goods on the Internet with privacy. Consumers download the iPrivacy Identity Manager from trusted third parties to generate proxy identities, financial and shipping information on a purchase-by-purchase basis. iPrivacy's software shields consumers from the gathering of click data about their Internet behavior and prevents the creation of databases with their personal and financial information.

Microsoft's Enhanced Cookie Controls for IE 5.5 will allow users to delete all cookies with a single click; will give users better information about cookies; and, significantly, will prompt users, by default, when a 3rd party (a site other than the site being visited) attempts to set or read a cookie on the user's hard drive. Microsoft will also demo its Privacy Statement Wizard that offers small and medium sized businesses an easy way to develop a privacy policy. It walks the user through a series of questions about the company's information practices. Upon completion, it spits out a draft policy. The user can also mark the policy with XML tags, a key step towards making the policy P3P compliant. Lastly, Microsoft's Kids Passport gives Web sites the means by which they can seek that consent from parents, and it gives parents whose children visit those sites the ability to better manage the PII given out -- in compliance with COPPA.

Persona will demonstrate tools that allow consumers to protect the use and distribution of their personal information on the Internet. It will present the PersonaValet, a free downloadable toolbar which contains, among other features, an alert for sites that contain valid P3P privacy policies and the ability for the user to compare it to their own privacy preferences; a "Cookie Manager" that allows the user to monitor and block sites that are attempting to drop cookies on their browser; and the ability to review and modify the cookies already residing on their machine. Completely free to consumers, Persona acts as a consumer-driven information broker between the consumer and a Web sites, helping Internet users regain control over their personal information

PrivacyRight's Unified Customer Permissions ™ platform (UCP) is a server-side privacy solution which may be accessed by consumers at any point during their visit to a Web site, and with which they may set privacy preferences governing the use of their personal information. The UCP Platform allows the interpretation and enforcement of persistent rules assigned to personal information and facilitates consumer-approved data exchanges between applications within an organization and from business-to-business. The core platform is free to both businesses and consumers, and is based on an scalable, open architecture design which allows it to integrate with existing eCRM and commerce platforms.

Privada has created a fully-integrated privacy infrastructure that encompasses bi-directional support for Web browsing and email. Using PrivadaControl™ with their current browser and email client programs, users can conduct their activities without their personal information being appropriated and misused and can choose with whom they are willing to share what information.

YOUpowered's Orby Privacy Plus™ and Consumer Trust™ resolve both consumer and business privacy issues. Orby Privacy Plus is a client-side software application that enables consumers to set privacy preferences and decide how, when and where to share their personal information. Additionally, Orby Privacy Plus matches Web sites' P3P privacy policies to the consumer's privacy preference settings, provides feedback regarding the Web site's privacy behavior, and lets users manage cookies.

Zero Knowledge Systems,
Zero-Knowledge is the provider of an online privacy service. The service works with a client side application called Freedom that works in conjunction with the Freedom Network, a series of independently hosted proxy servers. Freedom ensures privacy by encrypting all mail, HTTP, NNTP and telnet communications. Ancillary services include Spam blocking, cookie management and scanning of outgoing text.

Note About Demonstration Descriptions: The product and service descriptions above are representations by the respective organizations and are not evaluations by any third-parties, including the Internet Education Foundation.