Sue Halpern

The New York Review of Books - - Contents - Sue Halpern

The Known Cit­i­zen: A His­tory of Pri­vacy in Mod­ern Amer­ica by Sarah E. Igo and three other books on pri­vacy and tech­nol­ogy

The Known Cit­i­zen: A His­tory of Pri­vacy in Mod­ern Amer­ica by Sarah E. Igo.

Har­vard Univer­sity Press, 569 pp., $35.00

Habeas Data:

Pri­vacy vs. the Rise of Sur­veil­lance Tech by Cyrus Fari­var.

Melville House, 281 pp., $27.99

Be­yond Abor­tion: Roe v. Wade and the Bat­tle for Pri­vacy by Mary Ziegler.

Har­vard Univer­sity Press, 383 pp., $45.00

Pri­vacy’s Blue­print:

The Bat­tle to Con­trol the De­sign of New Tech­nolo­gies by Woodrow Hart­zog.

Har­vard Univer­sity Press,

366 pp., $35.00

1.

In 1999, when Scott McNealy, the founder and CEO of Sun Mi­crosys­tems, de­clared, “You have zero pri­vacy . . . get over it,” most of us, still new to the World Wide Web, had no idea what he meant. Eleven years later, when Mark Zucker­berg said that “the so­cial norms” of pri­vacy had “evolved” be­cause “peo­ple [had] re­ally got­ten com­fort­able not only shar­ing more in­for­ma­tion and dif­fer­ent kinds, but more openly and with more peo­ple,” his words ex­pressed what was be­com­ing a com­mon Sil­i­con Val­ley trope: pri­vacy was ob­so­lete.

By then, Zucker­berg’s in­ven­tion, Face­book, had 500 mil­lion users, was grow­ing 4.5 per­cent a month, and had re­cently sur­passed its ri­val, MyS­pace. Twit­ter had over­come skep­ti­cism that peo­ple would be in­ter­ested in a zippy pa­rade of 140-char­ac­ter posts; at the end of 2010 it had 54 mil­lion ac­tive users. (It now has 336 mil­lion.) YouTube was in its fifth year, the mi­croblog­ging plat­form Tum­blr was into its third, and In­sta­gram had just been cre­ated. So­cial me­dia, which en­cour­aged and re­lied on peo­ple to share their thoughts, pas­sions, in­ter­ests, and im­ages, mak­ing them the Web’s con­tent providers, were as­cen­dant.

Users found it em­pow­er­ing to by­pass, and even su­per­sede, the tra­di­tional gate­keep­ers of in­for­ma­tion and cul­ture. The so­cial Web ap­peared to bring to fruition the early prom­ise of the In­ter­net: that it would de­moc­ra­tize the cre­ation and dis­sem­i­na­tion of knowl­edge. If, in the process, in­di­vid­u­als were up­load­ing pho­tos of drunken par­ties, and dis­cussing their sex­ual fetishes, and pulling back the cur­tain on all sorts of pre­vi­ously hid­den per­sonal be­hav­iors, wasn’t that lib­er­at­ing, too? How could any­one ar­gue that pri­vacy had been in­vaded or com­pro­mised or ef­faced when these rev­e­la­tions were vol­un­tary?

The short an­swer is that they couldn’t. And they didn’t. Users, who in the early days of so­cial me­dia were pre­dom­i­nantly young, were largely guile­less and un­con­cerned about pri­vacy. In a sur­vey of sixty-four of her stu­dents at Rochester In­sti­tute of Tech­nol­ogy in 2006, Su­san Barnes found that they “wanted to keep in­for­ma­tion pri­vate, but did not seem to re­al­ize that Face­book is a pub­lic space.” When a ran­dom sam­ple of young peo­ple was asked in 2007 by re­searchers from the Pew Re­search Cen­ter if “they had any con­cerns about pub­licly posted pho­tos, most . . . said they were not wor­ried about risks to their pri­vacy.” (This was largely be­fore Face­book and other tech com­pa­nies be­gan track­ing and mon­e­tiz­ing one’s ev­ery move on- and off­line.) In ret­ro­spect, the ten­den­cies to­ward dis­clo­sure and pruri­ence on­line should not have been sur­pris­ing. As Sarah Igo ob­serves in The Known Cit­i­zen, her master­ful study of pri­vacy in the United States, the shar­ing and over­shar­ing of in­ti­ma­cies pre­dates the so­cial Web; in­deed, the so­cial Web sim­ply al­lowed these be­hav­iors to pro­lif­er­ate on a more open and ac­ces­si­ble plat­form. Igo cites the enor­mous pop­u­lar­ity of An Amer­i­can Fam­ily, a doc­u­men­tary doled out in twelve in­stall­ments on pub­lic tele­vi­sion in 1973, as one of the ear­li­est cul­tural wa­ter­sheds in Amer­i­cans’ chang­ing ap­pre­ci­a­tion of pri­vacy. Culled from the film­mak­ers’ seven-month im­mer­sion in the day-to-day lives of an or­di­nary fam­ily, the Louds of Cal­i­for­nia, the se­ries sug­gested that noth­ing was off-lim­its on TV: the Louds’ mar­riage fell apart; their son came out as gay; his fa­ther’s in­fi­deli­ties were ex­posed. Part of what made this so sen­sa­tional was that, by mak­ing the pri­vate pub­lic, voyeurism and ex­hi­bi­tion­ism be­came main­stream en­ter­tain­ments. (Decades later, with we­b­cams built into com­put­ers, peer­ing into other peo­ple’s homes and lives no longer seems all that un­usual.)

Igo also points to the in­flu­ence of con­fes­sional talk shows, like Phil Don­ahue’s in the 1970s and Oprah Win­frey’s in the 1980s and be­yond, where guests opened up about pre­vi­ously taboo sub­jects such as in­cest and spousal abuse. The pub­lic also had a vo­ra­cious ap­petite for rev­e­la­tory mem­oirs, a genre that grew ex­po­nen­tially as writ­ers, fa­mous or not, of­fered up in­creas­ingly star­tling, true—or pos­si­bly true—con­fes­sions of drug ad­dic­tion, al­co­hol abuse, child­hood trau­mas, sex­ual mis­ad­ven­tures, and fail­ures of ev­ery stripe. Igo writes:

Con­fes­sional cul­ture, 1990s style, had many tap­roots: the me­dia forms and celebrity cul­ture that made self-pub­lic­ity so al­lur­ing, the cri­tique of se­crets that was trans­form­ing po­lit­i­cal cul­ture, and the in­cite­ments to au­then­tic­ity and re­demp­tion em­a­nat­ing in equal mea­sure from the couch and con­gre­ga­tion.

When the so­cial Web came along not long af­ter­ward, peo­ple were primed to par­tic­i­pate. None of this meant that Amer­i­cans—or­di­nary peo­ple and law­mak­ers alike—were un­con­cerned then, or at any time, about what they per­ceived to be ac­tual and po­ten­tial in­cur­sions into their pri­vate lives. Govern­ment over­reach into the homes and lives of cit­i­zens an­i­mated the Framers, and their in­tent has been de­bated in the courts and Con­gress ever since. As Cyrus Fari­var writes in Habeas Data: Pri­vacy vs. the Rise of Sur­veil­lance Tech, a lively cat­a­log of pri­va­cyre­lated court cases and laws that have arisen along­side new tech­nolo­gies, “Nowhere in the Bill of Rights, or in the Con­sti­tu­tion, is the word ‘pri­vacy’ men­tioned. But schol­ars, lawyers, judges, and oth­ers have in­tu­ited, or ex­trap­o­lated, some­thing re­sem­bling a pri­vacy right from both doc­u­ments.” “The right to be let alone is in­deed the be­gin­ning of all free­dom,” Supreme Court Jus­tice Wil­liam O. Dou­glas wrote in 1952, echo­ing the words of Jus­tice Louis Bran­deis, who, nearly a quar­ter-cen­tury ear­lier, wrote in his dis­sent­ing opin­ion in Olm­stead v. United States, “The right to be let alone [is] the most com­pre­hen­sive of rights, and the right most val­ued by civ­i­lized men.”

Bran­deis and his law part­ner, Sa­muel War­ren, are cred­ited with in­sert­ing mod­ern ideas about that right into Amer­i­can ju­rispru­dence when in 1890 they pub­lished a Har­vard Law Re­view ar­ti­cle ti­tled “The Right to Pri­vacy.” In­spired by a new tech­nol­ogy—the cam­era—and the wide­spread, unau­tho­rized dis­sem­i­na­tion of pho­to­graphs taken by pry­ing tabloid jour­nal­ists, Bran­deis and War­ren de­cried the in­stan­ta­neous pho­to­graphs and news­pa­per en­ter­prise [that] have in­vaded the sa­cred precincts of pri­vate and do­mes­tic life...and [the] nu­mer­ous me­chan­i­cal de­vices [that] threaten to make good the prediction that “what is whis­pered in the closet shall be pro­claimed from the house-tops.”

The law needed to re­spond as new tech­nolo­gies brought about new in­va­sive prac­tices, they ar­gued, be­cause “po­lit­i­cal, so­cial, and eco­nomic changes en­tail the recog­ni­tion of new rights.”

As a Supreme Court jus­tice, Bran­deis had the op­por­tu­nity to pur­sue these ideas fur­ther a few decades later in Olm­stead. In that case the new tech­nol­ogy at is­sue was the tele­phone and the pre­sump­tion of pri­vacy it did—or did not—af­ford. The plain­tiff, a boot­leg­ger un­der sur­veil­lance by law en­force­ment, ar­gued that his con­sti­tu­tional rights had been vi­o­lated when in­ves­ti­ga­tors lis­tened to his calls with­out a war­rant. The Court’s ma­jor­ity did not see it that way. Since the govern­ment’s wire­taps did not en­tail an ac­tual phys­i­cal breach of the man’s pri­vate prop­erty, they found no in­jury.

In his dis­sent, Bran­deis chided his col­leagues for fail­ing to take into ac­count the de­vel­op­ment of new tech­nolo­gies unimag­ined by the Framers:

Time works changes, brings into ex­is­tence new con­di­tions and pur­poses. There­fore, a prin­ci­ple, to be vi­tal, must be ca­pa­ble of wider ap­pli­ca­tion than the mis­chief which gave it birth. This is pe­cu­liarly true of con­sti­tu­tions . . . . The fu­ture is their care, and pro­vi­sion for events of good and bad ten­den­cies of which no prophecy can be made.

But then he made a prophecy that per­fectly an­tic­i­pated our cur­rent, postSnow­den mo­ment, when both the courts and the coun­try grap­ple with govern­ment sur­veil­lance of e-mail, cell phones, and other elec­tronic de­vices:

The progress of sci­ence in fur­nish­ing the Govern­ment with means of es­pi­onage is not likely to stop with wire­tap­ping. Ways may some­day be de­vel­oped by which the Govern­ment, with­out re­mov­ing pa­pers from se­cret draw­ers, can re­pro­duce them in court, and by which it will be en­abled to ex­pose to a jury the most in­ti­mate oc­cur­rences of the home.

In Habeas Data, Fari­var il­lus­trates how this “some­day” is now here, as he ex­am­ines the pri­vacy is­sues aris­ing from such rel­a­tively new tech­nolo­gies as li­cense plate read­ers, se­cu­rity cam­eras, drones, stingrays (de­vices that mimic cell phone tow­ers in or­der to in­ter­cept calls), stingrays mounted on drones, Dop­pler radar, fa­cial recog­ni­tion, and per­sis­tent sur­veil­lance sys­tems—cam­eras mounted on air­planes that can see and record what’s hap­pen­ing on the ground. The sto­ries he tells, of­ten about how these tech­nolo­gies are used by the govern­ment to spy on its cit­i­zens, are all the more

chas­ten­ing be­cause, for the most part, they are le­gal. The prob­lem, as Fari­var points out, is that “ab­sent a de­part­ment pol­icy or state law specif­i­cally for­bid­ding a par­tic­u­lar prac­tice or reg­u­lat­ing a par­tic­u­lar tech­nol­ogy, law en­force­ment will al­ways push the lim­its un­til they are told to stop.”

The de­ploy­ment of new tech­nolo­gies fre­quently pre­cedes their reg­u­la­tion, or even the pub­lic’s knowl­edge that such tech­nolo­gies ex­ist or are be­ing used. All too of­ten, by the time these prac­tices are chal­lenged in the courts or ad­dressed leg­isla­tively, the spe­cific tech­nol­ogy at is­sue has been re­tired and re­placed by some­thing new and, very likely, more in­va­sive. For in­stance, fa­cial im­ages of more than half the Amer­i­can pop­u­la­tion al­ready re­side in var­i­ous govern­ment data­bases, col­lected from such be­nign ac­tiv­i­ties as re­new­ing a driver’s li­cense or reen­ter­ing the coun­try from a trip abroad, but now Axon, the na­tion’s largest sup­plier of po­lice body cams, has just an­nounced that it is con­sid­er­ing adding fa­cial recog­ni­tion to its cam­eras. Fa­cial recog­ni­tion soft­ware, which is pow­ered by ar­ti­fi­cial in­tel­li­gence, is no­to­ri­ously un­re­li­able in iden­ti­fy­ing peo­ple with dark skin. Even so, at least one com­pany is adding an “eth­nic­ity de­tec­tion” al­go­rithm to its fa­cial recog­ni­tion soft­ware. The De­part­ment of Homeland Se­cu­rity (DHS) is tak­ing this fur­ther, ac­cord­ing to the Elec­tronic Fron­tier Foun­da­tion, by us­ing

mo­bile bio­met­ric de­vices that can iden­tify faces and cap­ture face data in the field, al­low­ing its ICE (im­mi­gra­tion) and CBP (cus­toms) of­fi­cers to scan every­one with whom they come into con­tact, whether or not those peo­ple are sus­pected of any crim­i­nal ac­tiv­ity or an im­mi­gra­tion vi­o­la­tion.

These will be part of a new, com­pre­hen­sive DHS data­base that will in­clude, in ad­di­tion to fa­cial im­ages (sup­plied by, among oth­ers, air­line com­pa­nies), fin­ger­prints, iris scans, DNA data, de­scrip­tions of phys­i­cal anom­alies (scars, tat­toos), and maps of in­di­vid­u­als’ af­fil­i­a­tions and re­la­tion­ships culled from so­cial me­dia. The DHS will share this data­base with lo­cal and state law en­force­ment de­part­ments, other fed­eral agen­cies, and cer­tain for­eign gov­ern­ments.

2.

An ar­gu­ment could be made that a dif­fer­ent once-novel tech­nol­ogy—the birth con­trol pill—was at the root of the other ma­jor pri­vacy is­sue that be­dev­ils both the courts and so­ci­ety: abor­tion. In 1965, five years af­ter the Pill was ap­proved by the FDA, a case was brought be­fore the Supreme Court chal­leng­ing a Con­necti­cut law that banned the use of con­tra­cep­tives by mar­ried cou­ples, set­ting in mo­tion de­vel­op­ments that led to the Court’s Roe v. Wade de­ci­sion le­gal­iz­ing abor­tion eight years later. At is­sue in the 1965 case, Griswold v. Con­necti­cut, was the most ba­sic mea­sure of pri­vacy, the one iden­ti­fied by the authors of the Fourth Amend­ment: the right to be let alone, free from govern­ment in­ter­fer­ence in one’s home. “Would we al­low the po­lice to search the sa­cred precincts of mar­i­tal bed­rooms for tell­tale signs of the use of con­tra­cep­tives?” Supreme Court Jus­tice Wil­liam O. Dou­glas wrote, strik­ing down the Con­necti­cut law. “The very idea is re­pul­sive to the no­tions of pri­vacy sur­round­ing the mar­i­tal re­la­tion­ship.” Mar­riage, Dou­glas said, com­pelled a “right of pri­vacy that was older than the Bill of Rights— older than our po­lit­i­cal par­ties, older than our school sys­tem.” And while the pri­vacy right the Court was as­sert­ing in Griswold per­tained specif­i­cally to the le­gal union of a woman and a man, and would not be ex­tended to un­mar­ried cou­ples for an­other seven years, other lan­guage in the de­ci­sion—es­pe­cially the vague yet en­com­pass­ing no­tion that “the spe­cific guar­an­tees in the Bill of Rights have penum­bras, formed by em­a­na­tions from those guar­an­tees that help give them life and sub­stance”—set the course for fu­ture pri­vacy claims go­ing for­ward.

The Supreme Court is­sued its de­ci­sion in Roe v. Wade in 1973, the same year PBS broad­cast An Amer­i­can Fam­ily (and only a year af­ter the Court broadly le­gal­ized con­tra­cep­tion out­side of mar­riage). No other de­ci­sion has proved more con­tentious or more so­cially and po­lit­i­cally frac­tur­ing. This past spring alone, Mis­sis­sippi, In­di­ana, Iowa, and Ken­tucky passed laws aimed in dif­fer­ent ways at gut­ting it. Since the Rea­gan years, and even more so now un­der Don­ald Trump and Mike Pence, over­turn­ing Roe and out­law­ing abor­tion has been an or­ga­niz­ing prin­ci­ple of the Repub­li­can Party. But in 1973, when the Court is­sued its rul­ing, only two jus­tices dis­sented. Writ­ing for the ma­jor­ity, Jus­tice Black­mun noted:

The Court has rec­og­nized that a right of per­sonal pri­vacy, or a guar­an­tee of cer­tain ar­eas or zones of pri­vacy, does ex­ist un­der the Con­sti­tu­tion .... This right of pri­vacy, whether it be founded in the Four­teenth Amend­ment’s con­cept of per­sonal lib­erty and re­stric­tions upon state ac­tion, as we feel it is, or, as the Dis­trict Court de­ter­mined, in the Ninth Amend­ment’s reser­va­tion of rights to the peo­ple, is broad enough to en­com­pass a woman’s de­ci­sion whether or not to ter­mi­nate her preg­nancy. The detri­ment that the State would im­pose upon the preg­nant woman by deny­ing this choice al­to­gether is ap­par­ent.

The pri­vacy right es­tab­lished by Roe was not ab­so­lute. In the words of the Court:

The preg­nant woman can­not be iso­lated in her pri­vacy. She car­ries an em­bryo and, later, a fe­tus, if one ac­cepts the med­i­cal def­i­ni­tions of the de­vel­op­ing young in the hu­man uterus .... The woman’s pri­vacy is no longer sole and any right of pri­vacy she pos­sesses must be mea­sured ac­cord­ingly.

This, as we’ve wit­nessed in the in­ter­ven­ing years, is the le­gal wedge that the anti-abor­tion move­ment has used to pick apart Roe.

Yet when the de­ci­sion was is­sued, even some fem­i­nists, in­clud­ing Ruth Bader Gins­burg, were dis­mayed that the case had been ar­gued and de­cided on pri­vacy in­ter­ests. To them, re­ly­ing on claims of pri­vacy en­abled the Court to by­pass more en­dur­ing and in­clu­sive ar­gu­ments based on sex­ual equal­ity and self-de­ter­mi­na­tion, as well as to ig­nore the struc­tural rea­sons poor women, es­pe­cially, would face dif­fi­cul­ties in ob­tain­ing abor­tion ser­vices. This be­came even more ap­par­ent in 1976 when Con­gress passed the Hyde Amend­ment, block­ing fed­eral Med­i­caid fund­ing of abor­tions (ex­cept in cases of rape or in­cest, or if the woman’s life is en­dan­gered by the preg­nancy).

Nonethe­less, many fem­i­nists and fem­i­nist or­ga­ni­za­tions like the Na­tional Or­ga­ni­za­tion of Women, Planned Par­ent­hood (which had been the plain­tiff in Griswold), and NARAL sup­ported the pri­vacy ar­gu­ment. In the es­ti­ma­tion of the le­gal scholar Mary Ziegler, they then rein­ter­preted it, claim­ing that Roe con­ferred upon women a right “to choose” and a “right to con­trol her own body,” though these con­struc­tions do not ap­pear in the de­ci­sion it­self. “To some ex­tent, the con­nec­tion be­tween free­dom of choice and pri­vacy was im­plicit in the Roe de­ci­sion,” Ziegler writes in Be­yond Abor­tion: Roe v. Wade and the Bat­tle for Pri­vacy:

But ac­tivists also took raw ma­te­rial from the Roe de­ci­sion to make some­thing new. Ad­vo­cates de­scribed abor­tion as a right to choose and a right to con­trol one’s own body partly be­cause they be­lieved that these terms cap­tured the true mean­ing of the Con­sti­tu­tion.

It wasn’t only abor­tion ad­vo­cates who found Roe’s pri­vacy lan­guage both elas­tic and use­ful. Ziegler cites ex­am­ple af­ter ex­am­ple of groups that adapted Roe for causes far re­moved from ter­mi­nat­ing a preg­nancy. These in­cluded those ad­vo­cat­ing the right to die, the right to use un­proven med­i­ca­tions, and the right to refuse med­i­cal treat­ment, in­clud­ing men­tal health ser­vices. Un­der­ly­ing all of these was an in­ter­pre­ta­tion of Roe that found that the right to pri­vacy—a right that has been shown to be both pli­able and ca­pa­cious—in­cluded the right to con­trol one’s own body.

These post-Roe move­ments oc­curred at a time of height­ened pub­lic aware­ness—and wari­ness—of govern­ment in­tru­sions into peo­ple’s lives. COINTELPRO, the FBI’s covert sur­veil­lance of do­mes­tic po­lit­i­cal fig­ures and groups, had been ex­posed in 1971. The Water­gate break-in hap­pened the fol­low­ing year. Two years later, Con­gress passed the Pri­vacy Act of 1974, which, de­spite its many ex­emp­tions, was in­tended to give peo­ple the right to know what in­for­ma­tion was con­tained in their govern­ment records and the abil­ity to amend them when they were in­cor­rect, and pro­hib­ited fed­eral agen­cies from shar­ing their records with­out cit­i­zens’ con­sent. Ac­cord­ing to a Jus­tice De­part­ment state­ment ex­plain­ing the prove­nance of the law, the Pri­vacy Act came out of a Con­gress ea­ger to curb

the il­le­gal sur­veil­lance and in­ves­ti­ga­tion of in­di­vid­u­als by fed­eral agen­cies that had been ex­posed dur­ing the Water­gate scan­dal. It was also con­cerned with po­ten­tial abuses pre­sented by the govern­ment’s in­creas­ing use of com­put­ers to store and re­trieve per­sonal data by means of a univer­sal

iden­ti­fier—such as an in­di­vid­ual’s so­cial se­cu­rity num­ber.

The So­cial Se­cu­rity num­ber had been looked on with sus­pi­cion as soon as the So­cial Se­cu­rity Act was signed by Franklin Roo­sevelt in 1935. Here was the state col­lect­ing per­sonal in­for­ma­tion (re­li­gious af­fil­i­a­tion, mar­i­tal sta­tus) on or­di­nary cit­i­zens: What might it do with that in­for­ma­tion, and what might oth­ers (like em­ploy­ers) do with it? De­spite as­sur­ances from the So­cial Se­cu­rity Board that these records would be closely held, and de­spite the Board at first keep­ing them out of reach of the po­lice, fed­eral agents, and oth­ers who would find them of use to their in­ves­ti­ga­tions, its po­si­tion weak­ened dur­ing the war, open­ing up a Pan­dora’s box of in­for­ma­tion—not only for the mil­i­tary look­ing for de­sert­ers, but po­lice search­ing for es­caped con­victs, the FBI track­ing down sus­pects, the IRS pur­su­ing tax cheats, and in­ves­ti­ga­tors hunt­ing Nazi war crim­i­nals. (This, as we’ve seen, is a pat­tern dur­ing times of height­ened na­tional se­cu­rity—af­ter Septem­ber 11, the govern­ment’s sur­veil­lance of cit­i­zens in­creased un­der the Pa­triot Act.)

The ad­min­is­tra­tive state was just get­ting started. In the post­war pe­riod, com­put­er­i­za­tion and cen­tral­ized record­keep­ing be­came the norm, and with them came reawak­ened pub­lic recog­ni­tion of the po­ten­tial for and dan­gers of what the late Co­lum­bia pro­fes­sor Alan Westin, in his book Pri­vacy and Free­dom (1967), called “data sur­veil­lance.” When the So­cial Sci­ence Re­search Coun­cil and the Bureau of the Bud­get pro­posed com­bin­ing the records of the In­ter­nal Rev­enue Ser­vice, the Cen­sus Bureau, the So­cial Se­cu­rity Ad­min­is­tra­tion, the Fed­eral Re­serve, the Bureau of La­bor Statis­tics, and a slew of other fed­eral agen­cies, the pro­posal was met with fierce pub­lic re­sis­tance. There was a grow­ing sense, as Sarah Igo sug­gests, that the govern­ment knew its cit­i­zens bet­ter than they knew them­selves. But it wasn’t just the govern­ment. As ad­ver­tis­ers turned to psy­cho­log­i­cally de­ter­mined mar­ket re­search and em­ploy­ers re­lied on ob­scure per­son­al­ity tests, peo­ple be­came aware of the ways in which busi­nesses had be­gun to en­croach on some­thing more in­ti­mate than even the bed­room: their minds. In Igo’s es­ti­ma­tion:

Whether old like wire­tap­ping or fright­en­ingly new like sub­lim­i­nal ad­ver­tis­ing, the tech­niques of in­va­sion ap­peared to be es­ca­lat­ing in cit­i­zens’ daily lives. The threat came not from one par­tic­u­lar di­rec­tion but from ev­ery corner of Amer­i­can so­ci­ety.

3.

Those threats have es­ca­lated and mul­ti­plied, es­pe­cially now that cloud stor­age and ar­ti­fi­cial in­tel­li­gence have en­abled the col­lec­tion and anal­y­sis of vast amounts of data. The DHS alone, for ex­am­ple, has fin­ger­print in­for­ma­tion on 220 mil­lion in­di­vid­u­als and pro­cesses 350,000 fin­ger­print trans­ac­tions a day. The NSA has been hoover­ing up data as well. In May, when the of­fice of the di­rec­tor of na­tional in­tel­li­gence re­leased its an­nual trans­parency re­port for 2017, it re­vealed that the num­ber of Amer­i­cans tar­geted for sur­veil­lance un­der sec­tion 702 of the For­eign In­tel­li­gence Sur­veil­lance Act of 1978, which al­lows the war­rant­less sur­veil­lance of dig­i­tal com­mu­ni­ca­tions, had tripled in the past year. Among other things, last year the NSA col­lected the meta­data from 534 mil­lion phone calls and text mes­sages.

As we learned—yet again—from the Cam­bridge An­a­lyt­ica scan­dal, pri­vacy is also im­per­iled by the com­pa­nies that have built their busi­nesses by gath­er­ing, trad­ing, and sell­ing per­sonal data. In May, just two months af­ter Face­book apol­o­gized for the unau­tho­rized ap­pro­pri­a­tion of at least 87 mil­lion user pro­files by Cam­bridge An­a­lyt­ica and ex­plained that its poli­cies re­gard­ing data-shar­ing with third par­ties had changed in 2014 (so that users and their friends were now safe from that kind of vi­o­la­tion), the com­pany ad­mit­ted that it had al­lowed at least two hun­dred other apps ac­cess to its users’ data with­out their knowl­edge. Then it turned out that the com­pany was also shar­ing users’ per­sonal in­for­ma­tion with Ap­ple, Mi­crosoft, Ama­zon, and nearly sixty other de­vice mak­ers, even when users had de­nied Face­book per­mis­sion to share this in­for­ma­tion with third par­ties. One of these, the Chi­nese telecom­mu­ni­ca­tions com­pany Huawei, is con­sid­ered by US in­tel­li­gence to be a se­cu­rity threat. Around the same time, Face­book trans­ferred 1.5 bil­lion user pro­files from its in­ter­na­tional head­quar­ters in Ire­land to its Amer­i­can of­fices in Cal­i­for­nia. This was a few weeks be­fore the Euro­pean Union’s Gen­eral Data Pro­tec­tion Reg­u­la­tion (GDPR) was to go into ef­fect, en­abling the com­pany to fol­low (in the words of Mark Zucker­berg) the “spirit” of the GDPR for those users, while sidestep­ping the strict man­dates of what has been called “the most pro­found pri­vacy law of our gen­er­a­tion.” It also al­lows the com­pany to avoid, for the most part, the con­sid­er­able fines levied on firms that do not com­ply with the GDPR.

Face­book is not alone in try­ing to by­pass strict pri­vacy reg­u­la­tions. Re­cently, Google’s par­ent com­pany, Al­pha­bet, mounted a cam­paign to neuter what is con­sid­ered to be “the most rig­or­ous con­sumer pri­vacy statute in the coun­try,” the Illi­nois Bio­met­ric In­for­ma­tion Pri­vacy Act, which al­lows con­sumers to sue com­pa­nies that use their bio­met­ric data with­out their con­sent. And Google it­self, which in 2017 promised no longer to read users’ e-mail, in fact still al­lows third par­ties to read users’ e-mail. Add to all these in­cur­sions one more: it has re­cently been dis­cov­ered that US cell phone car­ri­ers have been sup­ply­ing cus­tomers’ real-time lo­ca­tion data to a com­pany called Lo­ca­tionS­mart that, in turn,

has been sell­ing it to other ob­scure and some­times shady com­pa­nies. One of them, Se­cu­rus, en­ables its cus­tomers to track any­one who car­ries a mo­bile de­vice, any­where, at any time, and with­out a war­rant.

Money trumps pri­vacy, not be­cause con­sumers want that, but be­cause in this new world of “sur­veil­lance cap­i­tal­ism” riches are to be had by lur­ing peo­ple to use “free” and in­ten­tion­ally ad­dic­tive prod­ucts and then, with their con­sent or not, suck­ing up ev­ery pos­si­ble bit of in­for­ma­tion about them. In Pri­vacy’s Blue­print, Woodrow Hart­zog sug­gests that com­pa­nies might be re­quired to take “pri­vacy val­ues” into ac­count and build them into the de­signs of their prod­ucts. This, in fact, is one of the man­dates of the GDPR, a law that does not ex­tend to the United States or other non-EU coun­tries. Con­sid­er­ing the pre­var­i­ca­tions of Face­book, for ex­am­ple, as it con­tin­u­ally di­min­ished users’ pri­vacy over the years while claim­ing to pro­tect it through ob­scure “pri­vacy poli­cies” that gave the com­pany new ways to mon­e­tize peo­ple’s per­sonal in­for­ma­tion, one won­ders how fea­si­ble this is. We can­not rely on law­mak­ers to ad­ju­di­cate these mat­ters. In the words of Se­na­tor Mark Warner, “If you leave us to do this on our own, we’re gonna mess it up.” Yet the House of Rep­re­sen­ta­tives voted once again not to fund the Of­fice of Tech­nol­ogy As­sess­ment, the bi­par­ti­san agency that pro­vides as­sis­tance and ad­vice on tech­ni­cal mat­ters. In 2016, the TRUSTe/Na­tional Cy­ber Se­cu­rity Al­liance Con­sumer Pri­vacy In­dex found that 92 per­cent of US In­ter­net users were con­cerned about their on­line pri­vacy, and that “wor­ries over on­line pri­vacy topped the loss of per­sonal in­come by 11 per­cent­age points.” This sug­gests that Mark Zucker­berg’s state­ment from 2010 may have been pre­scient in a way, though not in the way he would have liked: the so­cial norms of pri­vacy are chang­ing as the known cit­i­zen be­comes more know­ing. A sur­vey re­cently pub­lished in The At­lantic found that “78.8 per­cent of peo­ple said they were ‘very’ or ‘some­what’ con­cerned about the pri­vacy of their in­for­ma­tion on so­cial me­dia, and 82.2 per­cent said they self-cen­sor on so­cial me­dia.” This spring, Ver­mont passed leg­is­la­tion to reg­u­late data bro­kers. In June, Cal­i­for­nia passed the Cal­i­for­nia Con­sumer Pri­vacy Act, giv­ing its res­i­dents the right to be in­formed about the kinds of per­sonal in­for­ma­tion com­pa­nies have col­lected about them, as well as the right to re­quest that their per­sonal in­for­ma­tion be deleted. Also in June, Colorado passed a tough data se­cu­rity law; as of Septem­ber, Colorado-based com­pa­nies will be re­quired to, among other things, dis­pose of cer­tain kinds of per­sonal iden­ti­fy­ing in­for­ma­tion. Over­all, two thirds of Amer­i­cans are now ea­ger to see stricter pri­vacy laws. These may be—to bor­row Jus­tice Dou­glas’s word—em­a­na­tions of things to come.

An un­marked cam­era drone above Toronto, Canada, May 2018

‘We­b­cam por­traits,’ from a se­ries by Ro­man Drits, 2011

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.