Point - Counterpoint
Privacy in a World of Persistent Surveillance
Note from the Editor:
This is the first post in a point/counterpoint between Center for Democracy & Technology Consumer Privacy Director Justin Brookman and Mercatus Center Senior Research Fellow Adam Thierer. Look for Thierer 's response tomorrow and for more point/counterpoint posts from contributors in the future.
Much of the privacy discussion over the past couple of weeks has focused on the NSA and the potentially large amounts of data they’re collecting on American citizens not suspected of crimes. As we consider the ramifications of these revelations, keep in mind that the NSA is not collecting that information itself from its clandestine headquarters in suburban Maryland—it’s demanding the data from companies who have collected the data while delivering services to their users. In light of the NSA controversy, perhaps it’s time to take stock of the ever-increasing capacity of companies to collect and maintain extensive stores of data about individuals.
Two recent government consultations are illustrative of the expanding scope of commercial data collection. Earlier this month, the Federal Trade Commission solicited guidance for a November workshop on the “Internet of Things”—smart appliances, cars and medical devices that can communicate with each other and the outside world. And in April, the Federal Aviation Administration solicited comment on its plan to allow commercial drones to operate in American airspace starting in 2015.
Without question, smart devices and private drones both have the potential to dramatically improve the lives of consumers. Everyday objects that can process information and communicate with other devices and infrastructure will lead to more efficient energy consumption, fewer car crashes and life-saving medical advancements. Domestic drones can be used for any number of beneficial purposes, including improving traffic flows, inspecting power lines, detecting environmental crimes and increasing security.
On the other hand, the proliferation of sensors along with the decreased cost of data storage and analysis means that increasingly, everything that we do is observable and recordable by private entities. In our homes, we typically expect some degree of privacy; in public, we typically expect some degree of anonymity. However, the rapid advancement of data collection and the analytical technologies used to make sense from these data increasingly mean we have fewer and fewer opportunities to exist without being monitored.
The Supreme Court has started to consider the issue of persistent surveillance in the governmental privacy context, with some encouraging guidance. In Florida v. Jardines, which examined whether police need a warrant for a drug-sniffing dog to examine the outside of a house, Justice Scalia wrote for a majority that the Fourth Amendment is predicated on a need for people to be able to retreat into their own house to escape unreasonable governmental intrusion.
Even in public, a majority of Justices have found that citizens have reasonable expectations that they won’t be observed all the time. In last year’s United States v. Jones, the court held that the government’s monitoring of a suspected drug dealer’s car in public spaces for a month violated his reasonable expectation of privacy.
There are, of course, important distinctions to be drawn between government access to personal information and corporate collection. Nevertheless, consumers still have a fundamental interest in preserving some personal spaces where both private and government entities cannot monitor, evaluate and log their activities. And as we have seen over the past week, corporate data collection and government surveillance are deeply intertwined: Governments lack the capacity to monitor us entirely on their own and are increasingly reliant upon commercial databases to be able to monitor us.
When all behavior is technologically observable, we must rely upon policy solutions to preserve that zone of private space that we need to thrive and experiment with new and potentially controversial ideas.
This is what innovation and invention are all about: People pushing the envelope on their own terms, making breakthroughs and novel uses of existing materials, ideas and technology. Even though drones and the Internet of Things are new technologies, the fundamental privacy values implicated are unchanged.
Fortunately, we already have a framework for preserving these values that has stood the test of time: the Fair Information Practice Principles.
As these new technologies emerge, the cross-cutting notion of privacy by design dictates that basic principles of transparency, security, individual control and data minimization should be baked into these products as they develop—in contrast to industries such as online behavioral advertising, where industry and policymakers have struggled to retrofit privacy protections onto ossified business models.
Smart devices inside our homes—and new surveillance capabilities outside them, via drones or other promising technologies—cannot be allowed to extinguish every reasonable expectation of privacy that consumers might have. These technologies can actively develop in ways that allow for innovation in functionality, while also adhering to reasonable limitations on, perhaps, data storage, secondary usage and correlation to personally identifiable information. However, emerging technologies must be developed and deployed with the need for privacy in mind, and not merely as an afterthought to be considered once it’s too late.
About the Author
Justin Brookman is the Director of Consumer Privacy at the Center for Democracy & Technology (CDT). Prior to joining the CDT in January 2010, Brookman was chief of the Internet Bureau of the New York Attorney General's Office. Under his leadership, the Internet Bureau was one of the most active and aggressive law enforcement groups working on Internet issues, and Brookman brought several groundbreaking cases to protect the rights of online consumers. Brookman previously worked as a litigation associate for six years at Fried, Frank, Harris, Shriver & Jacobson LLP in both its New York and Washington offices.