It is not just Hollywood celebrities whose lives are an open book. Everyone is now being watched, monitored, and analyzed more closely than ever before - and for all sorts of reasons, good and bad. Highway cameras keep track of who is speeding, corporate computers collect information on what we buy, and all sorts of surveillance tools help governments find out what their citizens are saying. Computer technology has become so intrusive, some experts argue, that the traditional notion of privacy has largely been gutted. But others insist that the use of data can be regulated and that a balance can be struck that protects privacy while still permitting the collection of appropriate kinds of information.
There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live – did live, from habit that became instinct – in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.-- “Nineteen Eighty-Four,” George Orwell
People are now being watched, monitored, and analyzed more closely than ever. We may not be living in George Orwell’s dystopia, but computer technology keeps making it easier for companies to keep an eye on their customers and for governments to keep an eye on their constituents.
Much of this information is collected with the best of intentions, and in many ways, we seem to have gained more than we have lost in a world where it is easier and easier to keep up with customers and constituents as well as friends. But some human rights advocates warn that all this additional scrutiny is creating demand for a new set of tools that could ultimately serve to dramatically reduce our civil liberties.
“I don’t believe in the idea that ‘we have no privacy – get used to it.’ But at the same time, the reality is that we have very little privacy – get used to it,” says Matthias Klang, a senior lecturer in technology and digital rights at the University of Gothenburg in Sweden.
On the positive side, close electronic scrutiny enables companies to better provide goods and services that fit the precise needs of their customers. Tesco, for instance, has grown into the United Kingdom’s largest grocer largely because the data it collects on every customer enables it to stock products and design stores in ways that reflect the needs of particular neighborhoods, including the ability to create private-label brands that match exactly what its customers want.
Surveillance can also help governments protect their citizens. That Tesco customer, for instance, is more likely to get home in one piece because the 10,000 cameras that now monitor British motorways discourage him from speeding, by tracking and recording the movements of 10 million to 14 million license plates every day, noting when and where a car gets on the road and when it gets off, and sending out a ticket automatically if it couldn’t have done the trip legally in the time elapsed.
Of course, the collection of data can enable companies to hurt their customers as well, or make it easy for governments to repress their citizens. Occasionally, it can even do both at once. In September 2003, for example, Chinese authorities sentenced Wang Xiaoning to ten years in prison for “incitement to subvert state power.” The evidence: anonymous articles posted online favoring democratic reform and an end to single-party rule, which authorities traced back to Wang thanks to his Yahoo e-mail account – and to the cooperation of the U.S. Internet giant.
Some pundits have argued that changes in technology mean privacy as we knew it is more or less finished, and that we must get used to living in a global village in the sense that from here on out, everyone knows everyone else’s business. In this view, the balance of power rests not with legislation but counter-espionage or “sous-veillance” (spying from below). The government may be spying more on you, the theory goes, but it’s also easier for you to spy on your government, by posting videos of official brutality in Tehran or Los Angeles, or exposing government secrets through such sites as Wikileaks.
Others believe that the use of data can be formally regulated, and a balance struck that preserves the convenience those watchful computers create without giving up personal privacy.
Regulation on the Commercial Side
On the commercial side, regulators in many countries have worked over the past 30 years to create rules around the use of personal information.
One of the principal difficulties in this area, however, is that contracts between online service providers and users are often one-sided, says Andrea Matwyshyn, a professor of legal studies and business ethics at the Wharton School in Philadelphia who has written extensively on data privacy issues.
Matwyshyn says that much of the problem goes back to a traditional issue in contract law: how do you write a fair contract between parties when one party is much more knowledgeable and more powerful than the other?
The lawyers for a large company may have had weeks to spend working out a contract while the customer sees only a lot of gray text on a page. “Consumers are not capable at this juncture of truly understanding and reading end-user license agreements” relating to the use of personal data, says Matwyshyn.
Now, she says, regulators and legal scholars are trying to work out alternatives. One of the most promising approaches: handling this imbalance of power through general codes of conduct for companies, rather than relying on the company to make sure it is treating the consumer fairly.
What’s at stake, she says, is faith in the market. “This isn’t about economics,” she says. “This is about a system of trusted exchange.” If people no longer trust a site to handle their data, maybe they’ll go elsewhere – or opt out altogether.
Legislators are also putting limits on how closely government agents or agent-bots can watch their citizens, and judges in some places have extended old restrictions on surveillance to this new era.
However, in spite of those rules, agencies in some countries seem to be increasing their level of surveillance. The Washington Post estimates that every day, computers at the U.S. National Security Agency “intercept and store 1.7 billion e-mails, phone calls, and other types of communications.” Nor is the United States alone in its enthusiasm for surveillance: even liberal Sweden now monitors its cross-border communications.
A new challenge is emerging as well in the adoption of biometric identification, which some digital-privacy experts argue could be much more dangerous. One of those critics, Marie Georges, formerly with France’s independent Commission nationale de l’informatique et des libertés (CNIL) and for several years with the European Union, says that while data-privacy laws are now fairly advanced in many countries, those rules are insufficient to regulate what she describes as the more invasive biometric technologies.
Since the late Nineties, huge industrial interests have lobbied governments to adopt biometrics, she says, and the efforts accelerated after 9/11. The particular technology being pushed varies by country– some are backing iris scans, while many others want full fingerprint scanning or other unique markers – depending on the particular source of industrial pressure.
The ostensible purpose of the technology varies. The United States, after having succeeded to impose biometrics passport at international level (the picture of the holder), now requires foreign visitors to submit ten fingerprint scans. So too do European countries, which require them for visa and asylum applications. EU citizen passports also include two fingerprints in addition to the image of the face, although some EU States currently keep 8 or 10 fingerprint records. A number of Asian countries are adopting biometrics as well. In India, they are being proposed for a national identification system, and in Africa, for preventing electoral fraud.
However, the potential for political misuse frightens Georges. Proponents will argue that biometrics is the ultimate way to protect the individual’s identity, she says, but she argues that with biometrics as with video surveillance, the technology could also enable the state to track nonstop citizens who have committed no crime.
“I am very much upset by biometrics,” she says. “I can’t imagine a world where individuals are tied, physically linked, to their states in case of invasion or even in cases of a dictatorship slowly coming in, a world made of all kinds of walls which can’t be removed without physical identification, leaving them unable to access houses, buses, or work by things of their body that they can’t remove.
Georges is not alone in her fears. The Electronic Frontier Foundation, a privacy group, argues that “perfect surveillance, even without any deliberate abuse, would have an extraordinary chilling effect on artistic and scientific inventiveness and on political expression.” And not just by the state: the same technology could also enable corporations to track troublesome opponents as well, such as regulators or union organizers, the EFF warns.
Although heartened by a recent decision of the European Court of Human Right against the United Kingdom in two cases where the police retained the DNA and fingerprints of non-guilty persons, she is worried.
“This is really terrible,” says Georges, who has worked on data-privacy issues for 35 years. “I think there is a need for reflection from everyone, individually and collectively, about the world we want.”
The Cultural Issue
Others see the challenge of preserving the private life in the digital age as less of a legal issue than a cultural one, which will be met not with resignation but creativity, “an area for invention, not just regulation,” says Daniel Kaplan, CEO of the Foundation Internet Nouvelle Génération.
Kaplan says surveys his group conducted found that contrary to expectation, people aren’t naïve about what they put online. Far from being passive victims, people are fairly deliberate regarding the information they show. “Staging oneself is very, very different from publishing any kind of information without thinking about it,” Kaplan says. “It’s actually thinking about it hard.”
In other words, people aren’t turning their back to the camera, like Orwell’s Winston Smith, but instead, flaunt particular aspects of themselves online, self-consciously creating a persona that both conceals and reveals.
This use of a persona suggested to Kaplan and his group that what consumers need is not so much new legal protections, but rather guidance that takes their staging tendency into account. Teachers could advise teenagers who use Facebook, for example, on how to operate better on the site, rather than simply warn them about the dangers of predators.
It might also become possible to build long-lasting heteronyms – a pseudonym, but with a character attached to the name – that can live separate lives online, without exposing their creator’s identity, somewhat similarly to the way some anonymous bloggers do now.
But Gothenburg’s Klang argues that the effort to build up a new identity takes so much work, even in something like an online multiplayer game, that the sense of freedom could be lost very quickly. Whether it’s a real name or an assumed name, a reputation takes time to build.
Instead, Klang believes that what’s more likely to happen is a rise in self-censorship as people realize that everything they write or say or do could end up online – and come back to haunt them. “If we get a realization of how little privacy we have and the large amount of information we can retrieve, we will have more self-censorship,” he says.
People may become increasingly afraid to voice unpopular opinions, he says, for fear of some kind of reprisal, such as finding themselves passed over for a promotion because of something they said in a blog. Already, he says, he finds that some of his academic colleagues stop blogging and log off Facebook once they reach a certain level of professional stature.