Tag: privacy

Privacy as the Default Setting

Before I can write a blog post, I must lift my hands to type.

I say so because the default setting in life is privacy. Staying in bed maintains privacy pretty well.

Clay Shirky gives privacy a contrary treatment on the New York TimesRoom for Debate blog. We are both discussants there of the question whether the government should intervene to solve privacy issues with Facebook.

Shirky, a teacher in the Interactive Telecommunications Program at N.Y.U., writes:

There are two principal effects of the Internet on privacy. The first is to shrink personal expression to a dichotomy: public or private. Prior to the rise of digital social life, much of what we said and did was in a public environment — on the street, in a park, at a party — but was not actually public, in the sense of being widely broadcast or persistently available.

This enormous swath of personal life, as we used to call it, existed on a spectrum between public and private, and the sheer inconvenience of collecting and collating theoretically observable but practically unobserved actions was enough to keep those actions out of the public sphere.

That spectrum has now collapsed — data is either public or private, and the idea of personal utterances being observable but unobserved is becoming as quaint as an ice cream social.

“[I]t is keeping things private that requires effort,” he writes.

I think Shirky has inadvertently overstated the effects of the Internet on privacy. The dynamics he describes are definitely in play, but they exist almost exclusively in digital social life. For the rest of life, it’s still the other way around. Privacy is easy. You can just stay in bed. Pursuing publicity takes effort.

When you go out into the world, making effort to give publicity to yourself in pursuit of your wants and needs, you must trade some personal information for interaction, yes. That’s physics: photons and sound waves doing what they do. Nobody considers this a privacy problem because of our long experience with it and acculturation to it.

The online environment has similar information demands—when you go online, giving publicity to yourself in pursuit of your wants and needs, you must trade some personal information for interaction—but it has different properties: information is easier to record. Again, though, the rise of the Internet didn’t change privacy on the street, in parks, and at parties, except in the still rare instance when someone is recording and uploading information.

If we were to conduct all of life online, maybe it would be fair to say that protecting privacy takes effort. But even as a digital denizen, the majority of my experience—certainly the most important and valuable of it—is offline, face-to-face interactions with friends and loved ones or time alone.

Here, privacy is the default. Nobody knows my thoughts unless I tell them. Almost never is anyone capturing the conversation in a digital format. Rarely is anyone uploading images. Facebook isn’t hoovering up the information. Doing these things would take effort that nobody is expending.

The Internet didn’t foreclose the use of real space for the conduct of life as Shirky implies by talking about offline living in the past tense. It expanded our freedom by giving us another space—a new option to use as we see fit. Declining to use that space is as normal, natural, and necessary as eating breakfast (which is impossible to do online, by the way). Maybe some of the digerati conduct their love-lives online, but this should be a disqualification for discussing the social impact of the medium for failure to understand how it fits into most people’s lives.

Privacy debates premised on the omnipresence of digital media are interesting and fun, but I don’t think they’re grounded in people’s actual experience of the world (exception!), and they tend to overstate the significance of online privacy problems.

The Most Powerful Privacy Setting

Amid the hullaballoo about Facebook and privacy, it’s easy to forget the most powerful privacy setting.

In my 2004 Policy Analysis, “Understanding Privacy—and the Real Threats to It,” I wrote about the “privacy-protecting decisions that millions of consumers make in billions of daily actions, inactions, transactions, and refusals.”

Inactions and refusals. Declining to engage in activities that emit personal information protects privacy. Not broadcasting oneself on Facebook protects privacy. Not going online protects privacy.

The horror, some may think, of not having access to the wonders of the online world. Actually, many people live full and complete lives without it, enjoying the perfect online privacy default. The irony is a little too rich when avid users of Facebook—which is little more than a publicity tool—complain about its privacy problems.

Facebook does have some work to do on rationalizing and communicating the privacy protections its offers its publicity-seeking users. But people will always have the privacy protecting option of not using Facebook.

Not so for government-sponsored incursions on privacy, like the national ID system proposed by Senator Chuck Schumer (D-NY). Inaction and refusal of his national ID system would not be a practical option if Senator Schumer has his way. The irony isn’t just rich, it’s curdled and reeking when Senator Schumer leads the attack on Facebook for its privacy practices.

Not Enough Power … Additional Measures Needed

The Wall Street Journal reports that the federal government has insufficient power:

The attempted Times Square bombing has underscored the challenge of managing security threats from citizens with clean records, but U.S. authorities are limited in the tools they can employ to legally monitor travel and other behavior of Americans who haven’t otherwise aroused suspicion.

That’s rich.

The City That Never Blinks?

A few points about closed circuit surveillance cameras, since their relative uselessness in the camera-festooned Times Square doesn’t seem to have stemmed the call for yet more cameras as an anti-terror measure.

First, I think it’s helpful to be clear just what we’re talking about when we say “urban surveillance cameras.” Lots of private businesses and apartment buildings have their own cameras trained at least in part on public spaces.  And at this point, most of us are carrying around miniature cameras in our pockets 24/7 as well. I’ve read reports suggesting that the most promising video police obtained  of the suspected bomber came not from the many CCTV cameras the city has in place there, but from a tourist who’d been taping in Times Square. These provide many of the same advantages as official surveillance networks—after a crime occurs, police can obtain and collate footage from the scene from the various owners—without creating a centrally controlled surveillance architecture. For the remainder of the post, I’ll assume “cameras” means just such a citywide network of government controlled cameras, of the sort famously deployed in the U.K. and planned for New York—but it’s worth noting that a city without these kinds of cameras is not necessarily a city without video evidence of crimes.

Second, while there will of course be the odd case one can find where cameras were instrumental in solving a crime, the research that’s been done on public CCTV networks shows tha they’re of stunningly little evidentiary or deterrent value. There are a few specific types of locations where the presence of cameras does seem to reduce, crime, or at least push it elsewhere. They seem to be fairly effective in parking lots. But on the whole, at the city level, they just don’t work very well. In Britain, famously festooned with CCTV cameras, they’re only rarely useful in apprehending street criminals, and the boroughs with more cameras don’t seem to be any better at catching crooks than those with few.  Anecdotal evidence can be beguiling here, because once you’ve created such a system of course the history of a few memorable apprehensions will involve the use of that system.  If we gave cops lassos instead of guns and tasers, they’d end up lassoing a few crooks sooner or later too, but that hardly goes to show lassos are the right tool for the job.

Third, if citywide surveillance cameras are merely ineffective as a response to street crime, they’re ludicrous as a response to the threat of terror. The point is, I think, well illustrated by New York Mayor Michael Bloomberg’s invocation of the 7/7 bombings in London as an argument for installing an elaborate network of CCTV cams in New York: “You don’t want to wait until 52 people are killed here and then say, ‘Oh, now it’s time to do it.’ The trick is to learn by experiences, but it’s other people’s experience you’d like to learn by.” What Bloomberg did not learn from the British experience, alas, is that 52 people were still killed. The billions spent on CCTV did nothing to deter the bombers, nor to disrupt their plan in action.  The Times Square bomber, far from being deterred, chose one of the most recorded locations in the city as his target—and ultimately failed because of his own incompetence, not because of any of the dozens of cameras trained on the Square.

This kind of scenario, incidentally, presents the strongest case for surveillance cameras: A failed attack where you actually have a perpetrator to try and track down after the fact.  London’s cameras did indeed help out on that score after the second, failed attempt at a bomb attack on the transit system: Since they had intended to die with their victims, the terrorists hadn’t bothered with countermeasures like disguises, something that might conceivably occur to a non-suicidal terrorist plotter in the future.  Of course, those failed attackers were also seen by dozens of their intended victims, so there’s little reason to think it would have been impossible to track them down but for the cameras. 

Stipulating that the cameras did add some value in that rather unusual case, though, we need to step back and ask:  Is this really the best security use we can make of a few hundred million dollars per year? An elaborate camera network that doesn’t reduce crime, but might be of marginal benefit in tracking down perps after failed terror attacks by inept bombers?  If we’ve gotten this disconnected from any rational cost/benefit analysis once the word “terrorism” is uttered, let’s just start building enormous mousetraps made of gold and bait them with South Park DVDs; maybe we’ll catch a few jihadis that way.

Finally, there’s the question of privacy, which I leave for last because I don’t actually think you can reject citywide camera networks on security grounds alone. Still, it’s worth pushing back on the notion that there are no privacy concerns worth speaking of because, after all, the cameras are only trained on “public” places.  Lying in the background of that argument is a rather crabbed notion of privacy that Daniel Solove has called the
“secrecy paradigm,” and it assumes that privacy just means limiting the exposure of information that had otherwise been completely secret. But in practice, much of our privacy is not a function of the secrecy of information, but of its searchability and aggregability. There is a world of difference between knowing that any of your public behavior can be observed by others, and knowing that all of it is—that, indeed, a complete record of your public movements and actions can be automatically reconstructed from a central digital archive. Most of us probably don’t mind shopping at “public” pharmacies full of indifferent strangers, but most of us would also be upset if a permanent record of our purchases were posted on the Internet with our names attached. And there’s a difference, again, between merely being recorded and knowing that an automated behavioral analysis algorithm is apt to send up a red flag if any of your actions trigger a program’s definition of “suspicious behavior.”

To the extent that popular privacy discourse is saturated in the secrecy paradigm, it might be better to do away with “privacy” talk altogether, because the exercise of categorizing various kinds of information in a binary public/private schema may help while away the hours on a rainy Sunday, but it’s not ultimately that interesting.  The question we ought to be asking is whether and to what extent monitoring technologies facilitate social control. Sometimes that will be a price worth paying for security, but here, the case is quite weak.

Your Year in Wiretaps

The 2009 Wiretap Report has just been released by the Administrative Office of the U.S. Courts. The headline findings: 2,376 wiretaps were authorized for criminal investigations last year, of which 663 were federal and 1,713 were issued at the state level. (NB: These numbers don’t include Foreign Intelligence Surveillance Act wiretaps, “pen register” requests for communications metadata, or orders to acquire stored e-mails sitting on a server.)  The vast majority of wiretaps—86 percent—were part of the drug war, with the average wiretap bill running about $52,200.

In line with recent years, only about 19 percent of intercepted communications contained anything incriminating. As you can see by eyeballing the chart, the 2009 numbers reflect a sharp 70 percent increase in federal taps over the previous year, but only because 2008 was a decade low-point. Though the number is still relatively high, criminal federal wiretap warrants were long ago eclipsed by broader and more secretive intelligence wiretaps under FISA—of which there were 2,082 in 2008.

Since drug dealers seldom have fixed offices, it probably won’t come as any surprise that 96 percent of the orders targeted mobile devices. Since a full wiretap order also permits the acquisition of the highly detailed GPS information phones can provide, it would be nice to know how many of these orders involve the use of a cell phone as a mobile tracking device.  There’s a campaign underway to update our grossly outdated surveillance laws, and better reporting on this relatively novel form of surveillance should be part of a larger geotracking reform providing a single process and a single clear standard for seeking such information, rather than the patchwork of warrants and other sorts of court orders currently employed.

As another data point for the need to reform federal surveillance law, only four of last year’s orders involved any kind of “electronic communication,” as opposed to traditional voice communications.  Does that mean law enforcement agencies are just ignoring the Internet?  Of course not. But current law, perversely, establishes a much higher standard for the interception of “live” communications in transit over the network than for e-mails that have landed on a user’s server. As soon as you open that e-mail, the level of protection it’s afforded by statute is radically diminished, and the constitutional protections given to stored emails are still embarrassingly unclear, at least as far as the courts are concerned.

The irony here is that the outdated federal surveillance laws actually leave us hard pressed to accurately gauge how badly they’re outdated. The primary problem is that the crazy-quilt of statutes and standards doesn’t map the way people actually communicate today, or line up with their real-world expectations of privacy in those communications. But the secondary problem is that the reporting requirements don’t line up either.  I’m probably a little abnormal here, but I communicate via e-mail, Twitter, or IM vastly more than I talk on the telephone. I send dozens of e-mails on an average day (many from a GPS-enabled phone), but I doubt I average more than one actual voice phone call per week. There are, of course, many reasons to expect criminals to prefer the ephemeral nature of voice communication, but the disconnect still ought to be worrying.  The numbers in the Wiretap Report make us feel as though we have a handle on the scope of government surveillance, when in fact we probably don’t have a very clear picture at all.