Copy Link
Add to Bookmark
Report
The Network Observer Vol 03 No 07
--------------------------------------------------------------------
T H E N E T W O R K O B S E R V E R
VOLUME 3, NUMBER 7 JULY 1996
--------------------------------------------------------------------
"You have to organize, organize, organize, and build and
build, and train and train, so that there is a permanent,
vibrant structure of which people can be part."
-- Ralph Reed, Christian Coalition
--------------------------------------------------------------------
This month: Responding to arguments against privacy
--------------------------------------------------------------------
Welcome to TNO 3(7).
This issue of TNO was delayed as I finished my book. The book,
whose title is "Computation and Human Experience" (Cambridge
University Press), should be out in late spring 1997, and I'll
send a notice when it appears. Meanwhile, this issue of TNO is
devoted to another collection, hopefully the last, of arguments
against privacy protection. The previous collections appeared in
TNO 1(10) and TNO 3(2), and I have also rebutted single arguments
against privacy in TNO 1(6) and TNO 2(8). I'm hoping to collect
all of these arguments and rebuttals into a single document in
both paper and Web form, and I'll send out a separate notice
when that's ready. If I'm counting correctly, I've responded to
55 arguments in total, two thirds of them in this issue of TNO.
Perhaps new arguments will spring up once these arguments lose
their effectiveness. In that case, I guess we'll just have to
bite the bullet and organize another collection of rebuttals.
--------------------------------------------------------------------
Even more bad privacy arguments.
This is the third and (I hope) last installment in my collection
of bad arguments against privacy. I have been collecting these
arguments and writing rebuttals against them for two reasons.
The first, obvious reason is that I want to help people who are
working to protect privacy. The second, not-so-obvious reason
derives from my personal theory of political debate in the public
sphere. The standard theories of the public sphere are basically
individualistic; they presuppose that people have opinions and
arguments, and they ask about the conditions under which those
opinions and arguments get included or excluded in the decision-
making processes of society. But this theory does not correspond
to my experience, which is that every issue movement -- whether
organized by an industry association, an activist organization, a
social movement, a political party, or whatever -- needs channels
through which it can distribute arguments to its supporters.
An issue movement is effective only when these channels exist
and operate effectively, reaching the movement's supporters
in a timely way with arguments that are likely to sway the people
that the movement needs in its coalition.
This fact is usually suppressed because everybody has an interest
in maintaining the individualistic myth. Everybody will say
something like: "our opponents certainly distribute propaganda
to their sheep-like supporters, but *our* supporters think
perfectly well for themselves and don't just need anyone feeding
them a predigested party line". Both halves of this opposition,
however, are nonsense. Of course people think for themselves.
The problem, rather, is cognitive: nobody in the world has
infinite rhetorical capacities. Just because someone supports a
given position (protecting the environment, increasing the status
of women in society, returning to traditional moral values, etc),
it doesn't follow that they can spontaneously invent suitable
counterarguments to all of the arguments of their opponents.
Everyone, therefore, needs a source of arguments that support
their position. When an argument is offered, individuals can
determine whether they agree with it or not, and they can just
ignore the arguments that don't make sense. Having filed away
the arguments that *do* make sense, they no longer have to be
caught flat-footed when one of their opponents says something
that *sounds* false but whose underlying fallacy is not obvious
right away.
This collection of responses to bad arguments against privacy,
then, exemplifies a method of using the Internet to support
democratic values. This method has two parts: first, broadcast
a call to the supporters of a position asking for arguments that
they have encountered against that position; then, assemble those
arguments and suitable responses and broadcast those as well.
Lobbyists and other professional advocates have always done this
sort of thing. With the Internet, everyone can do it.
I would like to express sincere thanks to the numerous Internet
users who submitted arguments for this project. I have used
almost all of them, collapsing some variants and omitting a
few that seemed too weak to bother with. Some of the arguments
originated in public discussions that I have conducted with
others on privacy issues, for example in the question periods of
talks, and if anybody recognizes themselves in this list, I hope
they aren't offended. My point is not that the people who offer
these arguments are doing so in bad faith, much less that they
would agree with any of the *other* arguments. I do disagree
with these arguments, but in most cases I respect and learn from
the people who make them.
Also, note that the arguments that I've put in quotation marks
are usually composites and paraphrases, not direct quotations.
Someone might suggest that another phrasing of these arguments
might be stronger than the ones I've provided. That is indeed
possible. If anyone has actual examples in mind, they are most
welcome to tell me about them.
Here, then, are the arguments and responses:
* "If you have nothing to hide then you should have no concern
for your privacy."
The word "hide" presupposes that nobody can have a good motive
for wishing to protect information about their lives. This is
obviously false. People have a legitimate interest in avoiding
disclosure of a wide variety of personal circumstances that
are none of anyone's business. If you are raped, will you want
the full details published in the newspapers the next day? I
don't think so. People also have a broader (though obviously
not unbounded) interest in regulating how they are represented
in public. If someone doesn't like you, they will dredge up
all sorts of facts and portray them in a bad light. If only for
this reason, it is reasonable to avoid giving everyone unlimited
access to your life.
* "Privacy advocates oppose national ID cards, but they don't
talk about the benefits of such cards. In a country with a
foolproof, unambiguous means of determining identity, nobody
has to suffer cases of mistaken identity, for example from
arrest warrants issued for people with similar names and dates
of birth."
When someone points to a benefit of a privacy-invasive policy,
the first question to ask is whether other policies could provide
the same benefit. Cases of mistaken identity, including identity
theft, could be greatly reduced by cleaning up the information-
handling practices of a remarkably small number of organizations,
particularly departments of motor vehicles. National ID cards
carry definite risks, not the least of which is the proliferation
of privacy-invasive technologies that will occur as it becomes
easier to identify and track individuals in a wide variety of
contexts.
* "Privacy must be balanced with many other considerations."
Privacy rights are not absolute. In particular concrete cases,
privacy interests will naturally be found to conflict with
other interests. For example, I personally have no problem
with compulsive sex criminals being sentenced to long-term use
of electronic tracking mechanisms. But many arguments against
privacy are bad because they weigh down the scales, exaggerating
the case aginst privacy rights, and we should be alert for these
arguments.
* "Attempts to prevent companies from distributing personal
information are censorship, and that sort of censorship is no
more likely to succeed than any other sort in the new world
of the Internet."
If laws regulating the sale of personal information constitute
censorship, then so do copyright, trademark, and trade secret
laws, to name a few. Selling someone's personal information
without their permission is stealing, and decent societies still
try their best to outlaw stealing, even when technology makes it
difficult. Besides, companies that sell information are unlikely
to put that information on the Internet until they feel certain
that others cannot take that information without paying for it.
Companies that traffic in personal information therefore cannot
reasonably complain about being censored, given their need to
"censor" others who would grab their own illicit copies of the
information.
* "We hear a lot of hoopla against companies that place existing
databases of personal information on the Internet or publish
them on CD-ROM's. But all those companies are doing is making
access to information available to everybody, not just to the
powerful. This is a force for equality and democracy, and it's
ironic to hear supposed civil liberties advocates opposing it."
Civil liberties advocates do not favor a world in which the
powerful get illicit access to personal information and the
common people do not. They favor a world in which *nobody*
gets illicit access to personal information. If someone takes
a previously expensive database of personal information and
publishes it on a cheap CD-ROM, an existing harm is multiplied,
and that multiplies the argument for getting that data off the
market altogether. And if it is politically impractical to force
the powerful to cease their misbehavior, that is no argument for
allowing the lowly to misbehave in the same way.
* "People who collect welfare and other government benefits
have no grounds for complaint about fingerprinting and other
measures intended to suppress fraud. They need to learn that
rights come with responsibilities, and in particular the right
to free handouts comes with the responsibility to cooperate
with fraud prevention. Surely it's not too much to ask that
people should identify themselves before getting free money."
People who are experiencing hard times deserve the same dignity
that everyone else enjoys. The whole process of getting welfare
has already been designed to be as difficult and demeaning as
possible, and it's really not reasonable to kick these people
gratuitously while they are down. Of course it is reasonable
to identify people who want to receive welfare payments. But
the welfare system should be analyzed in the same way as any
other organizational system to determine which technology enables
people to be identified with the least indignity while reducing
fraud and other identification-related problems to reasonably
low levels. Objective evidence that fingerprinting significantly
reduces fraud is very hard to come by, and we shouldn't let
stereotypes of welfare recipients get in the way of rational
analysis.
* "Privacy prevents the marketplace from functioning efficiently.
When a company knows more about you, it can tailor its
offerings more specifically to your needs."
This is a non sequitur. Few proposals for privacy protection
involve preventing people from voluntarily handing information
about themselves to companies with which they wish to do
business. The problem arises when information is transferred
without the individual's knowledge, and in ways that might well
cause upset and alarm if they became known.
* "We don't need more laws about privacy. Our operations are
already governed by dozens and dozens of laws, each creating
its own layer of red tape."
This argument works by shifting attention away from the specific
issues of right and wrong to the abstract category of "laws".
In most industrial sectors in the United States anyway, it
is totally misleading to suggest that privacy is regulated by
numerous laws. In most cases it is not regulated by anything
beyond the notoriously weak privacy torts. Some industries,
such as credit reporting, are government by weak laws that
basically legitimize the practices of the largest players
while protecting them against competition from smaller firms
who do not have the resources necessary to comply with the
laws. Indeed, part of the problem is that, whereas most of
the industrial world has a coherent and unified system of data
protection regulation, the United States has a ragged patchwork
of laws, all of which could be repealed or rewritten in a more
rational fashion if the United States conformed to the system
employed everywhere else.
* "The constant insistence on privacy encourages incivility".
This argument is commonly heard from people with an interest
in defending bothersome invasions of privacy such as spam, junk
phone calls, and the like. These people often encounter irate
objections from the individuals they bother, and naturally the
least civil of these objections stick in their minds. Thus,
when privacy advocates agitate for privacy protection, it sounds
to these people like advocacy of incivility, vigilantism, and
other bad things. But the argument is a non sequitur. It's like
saying that opposition to any other form of obnoxious behavior
encourages incivility. People sometimes shoot burglars, but that
doesn't make burglary okay. Likewise, even if some people get
irate when their privacy is invaded, that doesn't make it okay
to invade anyone's privacy. It is equally arguable that what
causes incivility is obnoxious behavior that has not yet been
outlawed. Lacking formal recourse, someone who has been wronged
by an invader of privacy can only choose between complaining
and remaining silent. Most, in fact, remain silent, and the
illogical nature of the argument is proven when other invaders
of privacy turn around and say that this preponderance of
silence proves that people don't really mind having their privacy
invaded, and that the complaints represent only a small faction
of hysterics.
* "The closing of voter registration lists, drivers' license
records, and the like in the name of privacy is part of a
dangerous trend away from our tradition of openness, toward
making it more difficult for the public to access public
information."
This is an example of a common, insidious PR tactic. The tactic
has two steps: classifying an obnoxious practice under a broad,
vague, positive-sounding category, then painting opponents of
the practice as opponents of that broader category. The category
here is "openness": those who oppose the sale of drivers' license
records are made into enemies of that broader value. It is like
arguing that someone who opposes bullfighting is against sports,
or that someone who opposes abortion is against medicine. Those
who support a "tradition of openness" should not feel obliged to
make common cause with people who abuse it. The purpose of open
government is to permit citizens to participate in the processes
of a democracy, and to know whether the government is doing what
the people want it to do. Reselling voter registration lists
and drivers' license records do nothing to promote the effective
workings of a democratic government. Reasonable, civic-minded
people have a right to be offended when self-interested parties
attempt to drain the meaning from a word like "openness", given
the significant role that word plays in civic discourse.
* "The information is already public because it concerns things
that happened in a public place."
This argument is commonly used to suggest that people do not
have a privacy interest in information about things they have
done in public places, for example their use of public roads
and sidewalks. It depends on two fallacies. The first fallacy
concerns the word "information". If someone happens to see
me walking down Main Street on Sunday, I should not be able
to prevent that person from telling others what they have seen.
That's "information" in one sense of the term -- someone's
personal knowledge about me. But if someone creates a database
of information about where various people have been walking, then
they have created "information" in a different sense -- data that
is stored on a computer. That data may represent something that
happened in a public space, but it does not automatically follow
that the resulting data should be regarded as "public". If that
were really true then anybody at all would have a right of access
to such databases -- they would be "public data". Nor does it
follow that I -- as a person whose activities are represented in
the database -- have no moral interest in that data. The second
fallacy is the automatic conclusion that people have no privacy
interest in things that happen in a public place. If two people
have a whispered conversation on a park bench, having looked
around to make sure that nobody is close enough to overhear them
by accident, then most people will probably agree that they have
a reasonable expectation of privacy, and that it would be wrong
to set up a sophisticated recording device to pick up their
conversation at a distance, or to install a hidden microphone on
the park bench. The question, then, is precisely what privacy
interests people *do* have in activities that occur in public
places. Consider the case of a database that records my travels
over several months, using data collected from sensors that
have been installed along highways in several states. Even if
we agree that each individual observation constitutes public
information -- we could hardly prevent someone from standing
along a roadway and happening to notice me driving along --
it does not follow that it is acceptable behavior to set out
deliberately to gather such information systematically, much
less to use the information in ways that affect individuals'
lives. The word "public" needs to be treated with more respect.
* "We are just selling access to information from public sources.
If we can gather this information, so can anybody else."
Just because certain information is available from a public
source, it doesn't follow that it's *right* for that information
to be available in that way. Nor does it follow that it is
okay to further propagate the information in any particular way.
Maybe it *is* right, but that conclusion requires a separate
argument beyond simply saying that the information came from a
public source.
* "The right to privacy is an elitist concept because it provides
an excuse for the powerful to keep their secrets while they go
ahead and invade the rest of our lives."
If the law protects people unequally, it does not follow that it
should not protect anyone. If the elites are invading the rest
of our lives, then they should be stopped. Furthermore, even if
it is impractical to prevent the elites from invading our lives,
it does not follow that the concept of privacy is elitist. The
concept might be perfectly egalitarian, even if the structures of
society prevent it from being implemented in an egalitarian way.
* "If you think you're being persecuted then you're probably just
flattering yourself. Big organizations don't really care about
you as an individual, just about their own narrow goals."
It is true that some people with privacy concerns are paranoid
schizophrenics with delusions of reference -- people who
interpret every rustling leaf as a sign of a vast conspiracy
aimed specifically at them. But most people with privacy
concerns do not understand them in that way. Most of the harm
done to personal privacy by big organizations does not depend on
them singling anybody out. Quite the contrary, it depends on the
organizations' capacity to gather, process, and act on personal
information on a mass-manufacturing basis. The danger derives
precisely from the organization's focus on its own narrow
goals, to the exclusion of the goals, rights, and interests of
everyone else. At the same time, big organizations do in fact
sometimes persecute individuals. Whistle-blowers, for example,
have often been subjected to investigation and smear campaigns.
Perhaps the classic case was General Motors' campaign against
Ralph Nader, which resulted in one of few civil actions for
private surveillance that have led to significant damages in
the United States. The United States government, for its part,
has run huge, well-documented campaigns of surveillance and
sabotage against nonviolent dissidents for most of this century,
and there is little reason to believe that it has stopped.
* "New technologies will make it possible to protect privacy."
This doesn't sound like an argument against privacy protection
on the surface, and often it is not. It is sometimes used that
way, however. The context is usually that someone is proposing
a new technical arrangement that seems to invade privacy; when
you object to the privacy invasion, they will observe that new
technologies will make it possible to protect privacy, leaving
it unclear whether they actually plan to use those technologies.
An analogy would be the use of double-hulled oil tankers. When
it was first proposed to open Alaska to oil-drilling, people
concerned about the environment objected that a giant oil spill
could easily happen as a tanker hits a rock in the complex
waters near the Alaskan coast. Not to worry, the lobbyists
said, double-hulled oil tankers will make it unlikely that
much oil would be spilled in an accident. But no laws were
passed requiring that double-hulled tankers be used, and they
were in fact used rarely if at all. Never let anybody get
away with presenting any technological advance as inevitable --
particularly when it would not be in their interest to use it.
* "You're right, we do have privacy problems. People are
understandably upset when they assume that they have certain
privacy rights and then later find out that they do not. We
must communicate with people so that they understand the actual
situation in advance."
This is a something that managers often say. On a policy level,
the problem is that it pretends that notification of information
handling procedures constitutes an adequate privacy policy
all by itself. On a rhetorical level, it attempts to redefine
the nature of "privacy problems". For most of us, the phrase
"privacy problems" refers to invasions of privacy. For people
with a manipulative orientation, however, "privacy problems"
refers to situations where people object to having their privacy
invaded. These people would prefer to make those situations
go away by making complaints illegitimate ahead of time. Note
the pretense of empathy for the distressing experience of having
your privacy violated without having been told ahead of time that
your privacy would be violated. What's missing is any empathy for
the distressing experience of having your privacy violated period.
* "If you ask people in a poll whether they're concerned about
privacy then of course they'll say yes. But if people really
cared about their privacy then we would see them flocking to
debit cards, which are much more similar to cash than credit
cards. The fact is that they get a benefit from credit cards,
namely the float on their money, and they are evidently willing
to surrender some control over their personal information in
exchange for that benefit."
This is a fairly sophisticated argument, but it doesn't work.
The basic idea is that privacy can be understood as a commodity
that is bought and sold in the market. Just as people who want
cheese on their hamburger pay more for it, likewise people who
want privacy with their business transactions should expect
to pay more for it. Some people will object that it is simply
immoral to turn rights into commodities. But even if that
premise is accepted, the argument only works if privacy markets
operate correctly. One can demonstrate that a market in privacy
protection exists, but that is not the same as demonstrating that
this market does what markets are supposed to do: allocate scarce
goods according to the relative values that various people put on
them. Markets in privacy protection are in fact quite seriously
dysfunctional, not least because in most cases it is just about
impossible for any normal consumer to assess the value of a given
increment of privacy protection. It is possible in principle
that such markets can be made to function halfways correctly, but
a substantial burden of proof should be placed on the promoters
of such strange market mechanisms to demonstrate how. In the
particular case of debit cards, the contrast is greater than
just a matter of float. Many people in the United States do not
use debit cards because their liability is unlimited when the
card is stolen.
* "We have to weigh the interests of the individual against the
interests of society as a whole."
This is one of those arguments that proceeds by constructing huge
abstractions and positing a conflict between them. When framed
in such an abstract way, this argument sure does seem to caution
us against letting privacy rights get out of control. But when
actual specific issues are raised, this sort of argument is most
often meaningless or irrelevant. Once the actually available
options are rationally assessed, it almost invariably turns out
that privacy protection does not have to conflict with much of
anything. And when conflicts do occur, they can be weighed and
judged on much more concrete grounds, without being reduced to
huge abstractions.
* "Fear of extensive merger of databases is misplaced because in
actually practice it is extremely difficult to merge databases.
Two databases that arose in different organizations, or for
different purposes, will probably be incompatible in many ways,
for example through the different meanings they assign to data
fields that sound superficially the same. Organizations that
maintain personal data have their hands full just maintaining
the accuracy of the databases they have, without trying to
create the one gigantic Big Brother hyperdatabase that privacy
advocates are always warning us against."
This argument asks us to doubt the power of technical progress.
Merging databases is a huge research topic right now, not least
because of the significant business opportunities that would
arise if the problem were to be solved. Markets have always
grown through standardization, and standardization of data is no
different -- a hard problem but no harder than a thousand others
that have gone before. In many industries, merged databases
may arise through industry standard data models, for example the
standard categorizations being developed in medicine. If the
databases are created in a standardized way in the first place,
then merging them will be easy. Also, it is true that companies
that own large databases of personal information must invest
large sums in maintaining them. But these companies are hardly
zero-sum deals. Investment capital flows easily to wherever it
can turn the best profit, and if extra profit can be gained by
both maintaining existing databases and merging them with other
databases, the necessary funds will be available to do both.
* "Privacy advocates are crying wolf. We have been hearing these
predictions of some kind of privacy disaster scenario for 20+
years and its hasn't happened yet."
This argument gets its force from the stereotype of Big Brother.
Our society does not yet resemble George Orwell's dystopia, the
argument goes, so the warnings are all hype. Big Brother is a
convenient metaphorical handle, but like all metaphors it is only
intended to apply in certain aspects. Also, the word "disaster"
suggests that nothing really bad is happening unless there occurs
some single, well-defined, horrible event by analogy to a nuclear
power plant meltdown. But few problems work like this, and it
is more accurate to see privacy as being eroded from a thousand
directions at a steady pace. Privacy has been very significantly
eroded over those 20 years. Privacy advocates have, if anything,
underestimated the number and variety of threats to privacy, for
the simple reason that privacy advocates are few in number and
the threats are much more numerous than those few individuals can
keep track of.
* "AVI toll-collection systems don't really identify the person
who is driving the car, just the car itself. It's not clear
what weight that kind of circumstantial evidence would have in
court, and if it's no good in court then it's not clear to me
what we're supposed to be worrying about."
Note the transition from "it's not clear" to "it's no good", from
raising doubt about a problem to asserting that the problem does
not exist. Circumstantial evidence carries weight in court all
the time. And if you live alone and have no obvious reason to
be lending your car, any rational jury will regard your car being
spotted somewhere as strong evidence that you were there.
* "Attacks on direct mail under the guise of privacy concerns are
really attacks on free speech. Mail is a democratic medium,
available to all. When newspapers and television stations
publicize attacks on mail from the tiny handful of self-styled
privacy activists, their real agenda is to suppress competition
to their centralized control of communication in our society."
This is an actual argument; I am not making it up. It employs
a standard PR move, redefining attacks on unsolicited commercial
mail as attacks on mail as such. When attention is focused
on the specific category of unsolicited commercial mail, this
argument only carries weight in the context of mail that is
demonstrated to have political value for a democratic society.
That is surely a small proportion of the total. Given the
increasingly common practice of mailing negative attack ads
to voters on the eve of an election, making it impossible for
an opponent to reply, the proportion of defensible mail is even
smaller. But forget all that. Nobody is proposing to outlaw
unsolicited commercial mail, not least because of the free speech
issue. The problem is not unsolicited commercial mail as such;
it is the use of personal information to generate commercial mail
without the permission of the person targeted. No reasonable
person has a problem with direct mail that is solicited by its
recipient.
* "These issues about computers and privacy aren't really new and
aren't really about computers. Everything you can do with a
computer could be done before with paper files."
This is false. With paper files, it is literally impossible to
perform data mining with terabyte databases. Now, mathematicians
recognize various abstract senses of words according to which
things are possible even though it would take millions of years
to do them. But in normal language, things like data mining are
only possible if large organizations can do them in a lifetime.
Besides, the argument turns on a more elementary fallacy. Every
problem can be portrayed as "not new" if it is characterized in
a vague enough way. And problems frequently become qualitatively
worse with a large enough quantitative increase in one or more of
their contributing factors. This is a simple point.
* "Computer technology isn't bringing us into some scary new era
that we can't understand. Quite the contrary, it is returning
us to the old-time village where everybody knew everybody
else's business. That's the normal state of people's lives
-- the state that was lost as modern society and technology
caused us all to be separated into cubicles. Privacy is thus
a distinctly modern obsession, and an unhealthy one too."
Large organizations knowing everybody's business is not the
same as "everybody" knowing everybody's business. The village
metaphor suggests a degree of equality and reciprocity that does
not describe individuals' relationships to the organizations that
maintain databases of personal information about them. Now, some
people imagine science fiction worlds in which ordinary people
know as much about Equifax as Equifax knows about them. I'm not
placing my bets on the emergence of such a world. And even if
it existed, it would differ from an old-time village in ways too
numerous to count.
* "The problem isn't privacy per se. The problem is the
invention of a fictional "right to privacy" by American courts.
This supposed "right", found nowhere in the Constitution,
has been running amok, providing the courts with excuses for
inventing artificial rights, such as the right to abortion,
and interfering in people's lives in other ways, for example
by restricting the questions that employers can ask potential
employees in interviews. Ironic but true, the real agenda
behind this supposed "right to be let alone" is actually a
power-grab by which courts extend their control over society.
The best guarantee of privacy is freedom -- the freedom of
people to negotiate their relationships among themselves by
themselves, without government interference."
Starting with the last point, if the efficacy of regulation is
understood as an empirical issue and not a matter of dogma, then
it is empirically false that lack of regulation causes privacy
to be protected. The cases of systematic abuse of privacy in
unregulated markets are innumerable. Returning to the first
point, it is true that the word "privacy" does not appear in the
Constitution. The Constitution was written by people who had
never heard of corporations or computers, and so it necessarily
takes intellectual work to understand how it should be applied
to a world that has been profoundly reorganized through the use
of such novelties. Reasonable people can disagree about how
this should be done, but simply observing that a given word does
not appear in the document is not very helpful. It is not as
though the argument is unfamiliar: the Constitution is supposed
to be interpreted and applied as a coherent whole, not as a
disaggregated series of unrelated phrases, and the First, Fourth,
Fifth, and Fourteenth Amendments, among other passages, together
aim very clearly at a strong protection for individual autonomy.
Such a principle is always found at the center of any liberal
theory of society, such as that held by the framers, and the
Constitution makes no sense as a normative political theory
unless it includes such protections. Of course this principle
can conflict in particular cases with other, equally important
principles, but weighing such conflicts is what the law is for.
If legal decisions are to be made simply by observing which words
appear in the text, it would be impossible to achieve rational
and consistent outcomes -- much less outcomes that are just and
supportive of democratic values.
* "It is too costly to implement such elaborate safeguards."
This assertion is usually just false. Even when it is true,
the reason is usually that it is difficult to change systems
once they have been implemented. The system could most likely
have been designed originally with a whole variety of inexpensive
but effective privacy safeguards. Privacy concerns are not
exactly new, and hardly any systems today were designed before
these concerns were first articulated in detail. An organization
should not be absolved of its responsibility to protect privacy
just because it fell down on that responsibility in the original
design of its systems. What is more, any organization whose
information systems are so outdated that they do not incorporate
privacy safeguards could almost certainly profit from a thorough
review and reengineering of its information handling practices.
Any number of highly experienced consultants could help them
with this, and the benefits would probably go far beyond privacy
protection.
* "Technology has changed the very ontological category of the
person, who is no longer just a flesh-and-blood organism but
also a far-flung digital entity as well. In this context, when
people's identities are distributed across cyberspace, concepts
of privacy don't even make sense any more. In that sense we
should accept that we have entered the post-privacy age."
This argument depends on a simple fallacy: just because your
identity is "distributed", it doesn't follow that anybody needs
to have any access to it outside your control. Note that the
fallacy depends on the "space" part of cyberspace. Normally
we expect to have little control over objects and events that
exist far away from us in space, and so if our identities are
distributed across cyberspace, it would seem to follow that
parts of our identities are far away from us, and that therefore
we can expect to have little control over them. But the premise
is false. The whole point of cyberspace is that it collapses
distance and makes it possible to maintain relationships with
people and information across vast geographic distances in real
time. It is technically quite feasible to provide individuals
with control over the use of numerous geographically distributed
components of their electronic identity. In that way, concepts
of privacy make even *more* sense than they used to, not less.
* "I don't care about privacy."
You are not obliged to care about your own privacy. The point
is that other people have a right to care about their privacy.
Their concerns are legitimate, and it is reasonable for society
to make some provision for addressing them.
* "Those same technologies that cause privacy concerns also
provide positive social benefits."
While true as a simple assertion, interpreted as an argument this
statement is a non sequitur. Even if some particular technology
produces both benefits and privacy invasions, it is altogether
likely that some *other* technology provides the same benefits
while posing less danger to privacy. The rapid emergence of
privacy-enhancing technologies will make this even more likely
in the future.
* "All this talk of Panopticons is ridiculously overblown.
We are not living in any sort of totalitarian prison society
just because we get too many magazine subscription offers in
the mail. Let's be sensible grown-ups and weigh the costs
and benefits of the technology, rather than exaggerating with
dramatic but misleading metaphors from trendy philosophers."
Magazine subscriptions make people angry because they are
invasive and visible. The most serious threats to privacy are
the least visible, and sensible grown-ups evaluate arguments
based on the strongest case, not the weakest. It may be that
some people are misled by the metaphors, but sensible grown-ups
understand that metaphors are metaphors, and that only certain
of their implications are intended. The pervasiveness of
surveillance in industrial societies has been well documented.
* "Privacy advocates claim that Caller ID is an invasion of
privacy. The other point of view is that nuisance phone call
are an invasion of privacy, which Caller ID allows people to
take some control over."
Most privacy advocates are not opposed to Caller ID as such.
Caller ID, if it is implemented correctly, provides a mechanism
by which people can negotiate their privacy. It ought to be easy
for callers to decide whether to send their phone numbers, and it
ought to be easy for call recipients to decide whether to answer
calls for which phone numbers have not been sent. The switch
manufacturers who want to sell Caller ID services to marketing
firms, however, have fought tooth and nail to make it difficult
for callers to choose whether to send their phone numbers with
their calls. And this is what privacy advocates objected to.
* "Credit reporting agencies provide a service that people want.
Indeed, people regularly go to great lengths to cause a record
of their credit history to be created in a credit reporting
agency's database, precisely because they want to enjoy the
benefits of having a credit record."
This is all true but it is not relevant to debates about privacy.
Credit reporting serves a useful social function, and it is
possible that no other means of serving that function exists
now. That's not the issue. The issue is ensuring that consumers
are able to know and control what happens to information about
them. Among other things, they need effective rights of access
and correction (copies of their report that are easy to get,
corrections that actually get made); they need effective controls
over secondary use of their information (not just obscure opt-
outs); and they need an effective means of redress when they are
harmed by the spread of false or incomplete information.
* "If you look hard enough at who is really agitating about
privacy, you start finding a lot of tax resisters, cult
members, and other marginal characters with something to hide.
It really makes you wonder about the motives of the high-minded
people who get quoted in the newspaper issuing Chicken Little
predictions about Big Brother."
It is true that some lowlifes have been vocal about protecting
their privacy. But in a rational society, things are decided
based on whether the arguments work, not on who is making them.
And to lump the honest privacy advocates with the lowlifes is
the lowest type of smear. The fact is that ordinary citizens,
who presumably include only a small percentage of lowlifes,
consistently express high levels of privacy concern in polls
and levels of outrage when told about real information handling
procedures in focus groups, and that they consistently express
very high levels of support for specific privacy-protection
proposals that have nonetheless been rendered unthinkable by our
distorted political system.
* "The technology to create electronic healthcare networks is
here, but its spread has been slowed by court rulings on the
privacy of medical records. This is clearly an area where
Congressional action is needed. If the issues are looked
upon as providing modern healthcare rather than an invasion
of privacy, such an act will probably fly."
This argument calls for privacy issues to be simply ignored. It
is more a statement of political strategy than a real argument.
* "We provide these access tools for our customers' convenience.
When we set up cumbersome barriers between our customers and
the information they need, we get complaints."
This argument often arises in situations where organizations
make information on their customers available in some public
way, for example over the phone, without adequate security.
The complaints of people who are made to identify themselves
adequately are held out as arguments against adequate privacy
protection. But the argument is a non sequitur. Just because
some category of people dislikes the mechanisms that are
necessary to protect privacy, it does not follow that all other
categories of people should have their privacy placed at risk.
Your privacy has a higher moral status than my convenience.
* "Organized crime poses a more serious threat to society than do
government and corporate snooping. Privacy protection disables
a key weapon that law enforcement presently uses to keep
organized crime under control."
This argument routinely arises in contexts where law enforcement
is asking for extremely broad powers that have little rational
connection to organized crime, or whose likely application is
vastly greater than just organized crime. The argument should
not be accepted in its abstract form, but only concretely, in
application to specific proposals.
* "Epidemiologists need broad access to medical records in order
to detect patterns of disease. Without these patterns, the
disease might go uncured, even undiagnosed."
Epidemiologists rarely need to know the individuals' identities.
For almost all purposes, they can work just fine with anonymized
databases. Yes, occasionally epidemiologists do need access to
specific identified individuals. But these powers can easily
be abused, and they should not be granted in a general way.
Individual identities should only be disclosed to epidemiologists
on a case-by-case basis when a very high standard of necessity is
established and appropriate due process protections are observed.
* "When people talk about the need to protect privacy, it usually
turns out that they are only talking about individual privacy.
But we need to balance individual privacy with organizational
privacy."
Organizations do not have privacy rights. The argument that
they do always depends, so far as I am aware, on an overly broad
application of the legal idea that corporations resemble persons.
The ascription of human status to corporations has always been
limited. It is useful to distinguish two senses of the word
"rights". Human individuals have natural rights. Individuals
and other entities also have rights that are created by statute.
There exist expedient political and economic reasons for society
to recognize other kinds of organizational interests, but these
are not matters of natural right. They have a strictly lower
moral status than the rights of natural individuals, and their
exact scope will vary historically as technological and economic
conditions change. It does sometimes happen that individuals'
privacy rights conflict in specific cases with the legitimate
interests of other entities, and it may sometimes happen that
particular privacy rights are outweighed by particular interests
of organizations. But this is not because the organizations
possess rights that outweigh those of individuals, but because
the existence of certain organizational interests serves certain
societal values that happen, in particular cases, to outweigh
certain personal privacy rights. These conflicts are real, but
they can be discussed rationally without being misrepresented as
a clash of conflicting privacy rights.
--------------------------------------------------------------------
Phil Agre, editor pagre@ucla.edu
Department of Information Studies
University of California, Los Angeles +1 (310) 825-7154
Los Angeles, California 90095-1520 FAX 206-4460
USA
--------------------------------------------------------------------
Copyright 1996 by the editor. You may forward this issue of The
Network Observer electronically to anyone for any non-commercial
purpose. Comments and suggestions are always appreciated.
--------------------------------------------------------------------
