Privacy and the City
Edward Glaeser wrote on just this topic in his excellent book, Triumph of the City: How our Greatest Invention Makes Us Richer, Smarter, Greener, Healthier and Happier . The book describes how cities have historically been the engines of innovation as they bring people together to collaborate and create.
“There is little that you own or use or know that wasn’t created by someone else. Humans are an intensely social species that excels, like ants or gibbons, in producing things together. Just as ant colonies do things that are far beyond the abilities of isolated insects, cities achieve much more than isolated humans. Cities enable collaboration, especially the joint production of knowledge that is mankind’s most important creation.” (P.249)
When encouraged with productive policy decisions, cities can be environmentally efficient economic and innovation engines. Productive policy decisions are important in cities, because the more people come together in limited physical space, the more important it is to proactively manage the negative consequences of human interaction—disease, crime, free riding and reductions in privacy. While Glaeser points to several negative policy decisions which reduce the effectiveness of cities, such as limiting the heights of buildings, he also advocates that regulation is necessary. Glaeser’s model is instructive as we continue to look for the most productive ways to regulate our online environments where we socialize and collaborate.
“The enduring strength of cities reflects the profoundly social nature of humanity. Our ability to connect with one another is the defining characteristic of our species. We grew as a species because we hunted in packs and shared our kills. Psychologist Steven Pinker argues that group living, the primitive version of city life, “set the stage for the evolution of humanlike intelligence.” We built civilizations and culture together, constantly learning from one another and from the past. New technologies from the book to Google have failed to change our fundamentally social nature. They’ve made it easier to learn some things without meeting face-to-face, but that hasn’t eliminated the extra edge that comes from interacting in person. Indeed, since new technologies have increased the returns from new ideas, they have also increased the returns from face-to-face collaboration.” (P.269)
Glaeser’s point on the significance of face-to-face contact strikes me as true. Our online interactions create connections, inform us and preserve relationships, but it is in-person contact that fosters lasting bonds and best sparks innovation and new ideas. Technology companies, like Intel, which have researchers dispersed all over the world, still value and invest in opportunities to interact face-to-face. A recent conversation with Duke University’s Director of the Center for Learning Healthcare Dr. Amy Abernethy reinforced this point. Dr. Abernethy shared that healthcare data analytics provide substantial guidance to a physician but they improve, instead of replace, the value of the physical connection of the in-person meeting between a doctor and a patient.
Given the close connection between our online and physical interactions, there is much we can learn about encouraging successful online collaboration and innovation from the policies that have supported growth of the world’s great cities. Among Glaeser’s observations, are four specific policy insights for thriving cities:
- Provide clean water.
- Reduce crime (create visibility to crime so people can help in policing).
- Increase tolls on the use of roads (decrease free riding).
- Remove restrictions on building heights (reduce artificial restrictions on people interacting).
There are four direct online analogies to these policy recommendations:
- Decrease malware (purify the stream of data, so that people may drink from it).
- Reduce cybercrime (specifically by creating a functioning identity system that preserves privacy).
- Provide modernized privacy laws, and give individuals technology to increase control over how their data is used (decrease free riding on the sale of personal data).
- Remove unnecessary administrative burdens and restraints on international data transfer.
The Internet creates myriad “virtual cities” where individuals work, socialize, enjoy entertainment, learn and innovate. As with physical cities, individuals have considerable concern with crime and whether they are at risk. Improving cybersecurity through decreasing the ability of malware to cause harm, and investigating and prosecuting cyber-criminals, is a critical need for better-functioning virtual cities.
Similarly, individuals report significant concerns about online privacy. To help address these concerns, we need improved privacy laws and better privacy technologies.
Governments have traditionally placed the burden of protecting privacy on the individual by presuming individuals read privacy notices. These privacy notices have never been a complete solution, and the framework is becoming less useful. The complexity of how online services collect, use, store and protect personal data has greatly increased. Website privacy notices are either long and complicated legal documents, or short and vague statements. Neither works well in the mobile applications computing environment. Individuals are voting with their eyeballs and are choosing to skip past the policies entirely. While not particularly useful for individuals, detailed privacy policies can provide important information for regulators and advocates. We need to separate the notions of transparency and notice. We should require complete and thorough transparency for regulators and advocates, while allowing context-based notices of the information individuals most importantly need to make decisions—such as the requests to allow mobile applications to collect location information.
Along with separating transparency and notice, individuals need accountability-based privacy laws. These laws should implement the Fair Information Practice Principles while recognizing individual consent is less useful these days. In many situations we need to look to other principles such as accountability, reasonable access/deletion, robust security and appropriate use restrictions. The implementation of these principles should move away from bureaucratic solutions like country-specific restrictions on international data transfer or database registration/notification. The laws should instead look to new methods for regulators to measure whether an organization has accountable processes—such as, co-regulatory privacy seal programs—and methods to increase access—such as, aggregated obscurity centers.
Improved laws can then provide a backstop of protection, while innovators work to provide mechanisms for individuals to take more control of their data. A useful resource for discussion of these privacy innovations is www.wethedata.org.
Just as millions of poor rural people are moving to urban areas, we also see increased global use of the Internet. If we can modernize our online policy regulation, then we will encourage improved collaboration and interaction, which will deepen face-to-face connections. Fostering safety and trust in our virtual cities will then encourage the innovation and economic growth to enrich the physical lives of every person on earth.
About the Author
David Hoffman, CIPP/US, is Director of Security Policy and Global Privacy Officer at Intel Corporation, in which capacity he oversees Intel’s privacy compliance activities, legal support for privacy and security and all external privacy and security policy engagements. Hoffman was a member of the U.S. Federal Trade Commission’s Online Access and Security Committee. In 2005, Hoffman was appointed to the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee. He also serves on the Center for Strategic and International Studies Cyber Security Commission.
Hoffman has a JD from The Duke University School of Law, where he was a Member of the Duke Law Journal and has received an AB from Hamilton College.