First of all, when talking about privacy, we can’t just focus on government vs. the individual. This is the old paradigm and it is changing. The tools of surveillance are rapidly being democratized. This might seem to be a strange point of view given the massive mountains of data currently controlled by just a few gatekeepers such as Google, Facebook, and yes, the US government. But any description of right now is inherently fleeting given the rapid pace of technological change. And data is multiplying so rapidly that we will all soon be sitting on massive mountains of data. We will all be sensing, recording, and storing everything we come into contact with. For this reason, we need to focus on the implications of individuals spying on other individuals. Ideally we should strive to have one privacy policy that applies to everyone equally, whether that person is a member of the government or not. And we should expect (and hope) that individuals will aggressively spy on their own government officials. After all, government secrecy is just the flip-side of individual privacy, and both are threatened by new technologies.
First of all, when talking about privacy, we can’t just focus on government vs. the individual. This is the old paradigm and it is changing. The tools of surveillance are rapidly being democratized. This might seem to be a strange point of view given the massive mountains of data currently controlled by just a few gatekeepers such as Google, Facebook, and yes, the US government. But any description of right now is inherently fleeting given the rapid pace of technological change. And data is multiplying so rapidly that we will all soon be sitting on massive mountains of data. We will all be sensing, recording, and storing everything we come into contact with. For this reason, we need to focus on the implications of individuals spying on other individuals. Ideally we should strive to have one privacy policy that applies to everyone equally, whether that person is a member of the government or not. And we should expect (and hope) that individuals will aggressively spy on their own government officials. After all, government secrecy is just the flip-side of individual privacy, and both are threatened by new technologies.Second, privacy as an abstract concept is best represented by the image of a wall. Privacy is boundaries, borders, and lines of demarcation that say you can’t look here, listen here, or go here. Privacy tells us what we can’t do. Privacy is in many ways the opposite of freedom. As the tools of surveillance get democratized, one response that we might have is to institute what Ann Cavoukian calls “privacy by design.” This implies embedding privacy controls into the information infrastructure itself. This means presumably, including lots of rules about what individuals are not allowed to do. To me, such a program represents a potential threat to freedom.
Because the question one has to ask is, who writes these rules and enforces them? Who therefore reserves the power to evade them? The likely answer to all of these questions is: the large tech companies who build the privacy controls, and the governments that coerce those companies into cooperating. Thus “privacy by design” is the surest way to preserve the status quo. Today we already have a large asymmetry when it comes to surveillance technologies. If we want to further institutionalize this asymmetry, then by all means we should get to work on centralized privacy controls. However if we want a maximally free and equal society, we may need to abandon the idea of privacy controls entirely and push for a “sousveillance” scenario where everyone has equal ability to surveil everyone else.
Let’s make this more concrete with an example. Consider your face. Your face is a dead giveaway as to who you are. You carry it with you everywhere you go. If you are a fan of privacy, you probably don’t want people to know all of the places you go. But if you go anywhere where there are other people, it is quite possible that those people will record your face. Now here’s the question. It’s your face. Do other people have a right to record it, copy it, and share it without your permission? By default, they certainly have that ability. But maybe they shouldn’t. Maybe we all should have special veto power over those who might record our faces. Maybe we all should be able to go into a special preferences window and set “facial privacy” to “on” and thereby automatically scramble any recordings taken of us by other people. Maybe this would be a nice example of “privacy by design.”
But how on earth would one enforce such a scheme? How does another person’s camera recognize the privacy settings you’ve chosen for your own face? We would need the other person’s camera and your face to somehow communicate with each other. Which means we need some kind of unified privacy standard. But that’s not good enough, because what if the other person doesn’t want to adopt that standard?
Well then we have to make him adopt that standard. Essentially we’d have to mandate that all devices honor certain privacy features. And as a corollary, we’d have to make it illegal to alter your own device’s factory settings, since we can’t have people using hacks to get around the privacy controls. Protecting privacy rapidly introduces all the same thorny issues that we run into in the intellectual property debates. And at the end of it all, what have we accomplished? Sure, we’ve made it a bit easier for one person to hide his face. But what about the other person’s rights? What about the right to record what you see with your own eyes in an unscrambled fashion? And what about the fact that governments and hackers are just going to breeze right past these controls anyway? We haven’t really protected anyone’s privacy, so much as just made it a bit more bureaucratic and complicated to take a picture of someone else.
Now I’m not saying we necessarily have to completely abandon all privacy. But we do have to realize that protecting privacy is a balancing act. Every privacy control we enact is a new wall we’ve built. And when it comes to the information infrastructure, we should build walls with great care.