Home/red-rock-eater/TNO July 1996

TNO July 1996writing

paperauto-imported
32 min read · Edit on Pyrite

Source

Automatically imported from: https://pages.gseis.ucla.edu/faculty/agre/tno/july-1996.html

Content

``` --------------------------------------------------------------------

T H E N E T W O R K O B S E R V E R

VOLUME 3, NUMBER 7 JULY 1996

--------------------------------------------------------------------

"You have to organize, organize, organize, and build and build, and train and train, so that there is a permanent, vibrant structure of which people can be part."

-- Ralph Reed, Christian Coalition

--------------------------------------------------------------------

This month: Responding to arguments against privacy

--------------------------------------------------------------------

Welcome to TNO 3(7).

This issue of TNO was delayed as I finished my book. The book, whose title is "Computation and Human Experience" (Cambridge University Press), should be out in late spring 1997, and I'll send a notice when it appears. Meanwhile, this issue of TNO is devoted to another collection, hopefully the last, of arguments against privacy protection. The previous collections appeared in TNO 1(10) and TNO 3(2), and I have also rebutted single arguments against privacy in TNO 1(6) and TNO 2(8). I'm hoping to collect all of these arguments and rebuttals into a single document in both paper and Web form, and I'll send out a separate notice when that's ready. If I'm counting correctly, I've responded to 55 arguments in total, two thirds of them in this issue of TNO. Perhaps new arguments will spring up once these arguments lose their effectiveness. In that case, I guess we'll just have to bite the bullet and organize another collection of rebuttals.

--------------------------------------------------------------------

Even more bad privacy arguments.

This is the third and (I hope) last installment in my collection of bad arguments against privacy. I have been collecting these arguments and writing rebuttals against them for two reasons. The first, obvious reason is that I want to help people who are working to protect privacy. The second, not-so-obvious reason derives from my personal theory of political debate in the public sphere. The standard theories of the public sphere are basically individualistic; they presuppose that people have opinions and arguments, and they ask about the conditions under which those opinions and arguments get included or excluded in the decision- making processes of society. But this theory does not correspond to my experience, which is that every issue movement -- whether organized by an industry association, an activist organization, a social movement, a political party, or whatever -- needs channels through which it can distribute arguments to its supporters. An issue movement is effective only when these channels exist and operate effectively, reaching the movement's supporters in a timely way with arguments that are likely to sway the people that the movement needs in its coalition.

This fact is usually suppressed because everybody has an interest in maintaining the individualistic myth. Everybody will say something like: "our opponents certainly distribute propaganda to their sheep-like supporters, but our supporters think perfectly well for themselves and don't just need anyone feeding them a predigested party line". Both halves of this opposition, however, are nonsense. Of course people think for themselves. The problem, rather, is cognitive: nobody in the world has infinite rhetorical capacities. Just because someone supports a given position (protecting the environment, increasing the status of women in society, returning to traditional moral values, etc), it doesn't follow that they can spontaneously invent suitable counterarguments to all of the arguments of their opponents. Everyone, therefore, needs a source of arguments that support their position. When an argument is offered, individuals can determine whether they agree with it or not, and they can just ignore the arguments that don't make sense. Having filed away the arguments that do make sense, they no longer have to be caught flat-footed when one of their opponents says something that sounds false but whose underlying fallacy is not obvious right away.

This collection of responses to bad arguments against privacy, then, exemplifies a method of using the Internet to support democratic values. This method has two parts: first, broadcast a call to the supporters of a position asking for arguments that they have encountered against that position; then, assemble those arguments and suitable responses and broadcast those as well. Lobbyists and other professional advocates have always done this sort of thing. With the Internet, everyone can do it.

I would like to express sincere thanks to the numerous Internet users who submitted arguments for this project. I have used almost all of them, collapsing some variants and omitting a few that seemed too weak to bother with. Some of the arguments originated in public discussions that I have conducted with others on privacy issues, for example in the question periods of talks, and if anybody recognizes themselves in this list, I hope they aren't offended. My point is not that the people who offer these arguments are doing so in bad faith, much less that they would agree with any of the other arguments. I do disagree with these arguments, but in most cases I respect and learn from the people who make them.

Also, note that the arguments that I've put in quotation marks are usually composites and paraphrases, not direct quotations. Someone might suggest that another phrasing of these arguments might be stronger than the ones I've provided. That is indeed possible. If anyone has actual examples in mind, they are most welcome to tell me about them.

Here, then, are the arguments and responses:

* "If you have nothing to hide then you should have no concern for your privacy."

The word "hide" presupposes that nobody can have a good motive for wishing to protect information about their lives. This is obviously false. People have a legitimate interest in avoiding disclosure of a wide variety of personal circumstances that are none of anyone's business. If you are raped, will you want the full details published in the newspapers the next day? I don't think so. People also have a broader (though obviously not unbounded) interest in regulating how they are represented in public. If someone doesn't like you, they will dredge up all sorts of facts and portray them in a bad light. If only for this reason, it is reasonable to avoid giving everyone unlimited access to your life.

* "Privacy advocates oppose national ID cards, but they don't talk about the benefits of such cards. In a country with a foolproof, unambiguous means of determining identity, nobody has to suffer cases of mistaken identity, for example from arrest warrants issued for people with similar names and dates of birth."

When someone points to a benefit of a privacy-invasive policy, the first question to ask is whether other policies could provide the same benefit. Cases of mistaken identity, including identity theft, could be greatly reduced by cleaning up the information- handling practices of a remarkably small number of organizations, particularly departments of motor vehicles. National ID cards carry definite risks, not the least of which is the proliferation of privacy-invasive technologies that will occur as it becomes easier to identify and track individuals in a wide variety of contexts.

* "Privacy must be balanced with many other considerations."

Privacy rights are not absolute. In particular concrete cases, privacy interests will naturally be found to conflict with other interests. For example, I personally have no problem with compulsive sex criminals being sentenced to long-term use of electronic tracking mechanisms. But many arguments against privacy are bad because they weigh down the scales, exaggerating the case aginst privacy rights, and we should be alert for these arguments.

* "Attempts to prevent companies from distributing personal information are censorship, and that sort of censorship is no more likely to succeed than any other sort in the new world of the Internet."

If laws regulating the sale of personal information constitute censorship, then so do copyright, trademark, and trade secret laws, to name a few. Selling someone's personal information without their permission is stealing, and decent societies still try their best to outlaw stealing, even when technology makes it difficult. Besides, companies that sell information are unlikely to put that information on the Internet until they feel certain that others cannot take that information without paying for it. Companies that traffic in personal information therefore cannot reasonably complain about being censored, given their need to "censor" others who would grab their own illicit copies of the information.

* "We hear a lot of hoopla against companies that place existing databases of personal information on the Internet or publish them on CD-ROM's. But all those companies are doing is making access to information available to everybody, not just to the powerful. This is a force for equality and democracy, and it's ironic to hear supposed civil liberties advocates opposing it."

Civil liberties advocates do not favor a world in which the powerful get illicit access to personal information and the common people do not. They favor a world in which nobody gets illicit access to personal information. If someone takes a previously expensive database of personal information and publishes it on a cheap CD-ROM, an existing harm is multiplied, and that multiplies the argument for getting that data off the market altogether. And if it is politically impractical to force the powerful to cease their misbehavior, that is no argument for allowing the lowly to misbehave in the same way.

* "People who collect welfare and other government benefits have no grounds for complaint about fingerprinting and other measures intended to suppress fraud. They need to learn that rights come with responsibilities, and in particular the right to free handouts comes with the responsibility to cooperate with fraud prevention. Surely it's not too much to ask that people should identify themselves before getting free money."

People who are experiencing hard times deserve the same dignity that everyone else enjoys. The whole process of getting welfare has already been designed to be as difficult and demeaning as possible, and it's really not reasonable to kick these people gratuitously while they are down. Of course it is reasonable to identify people who want to receive welfare payments. But the welfare system should be analyzed in the same way as any other organizational system to determine which technology enables people to be identified with the least indignity while reducing fraud and other identification-related problems to reasonably low levels. Objective evidence that fingerprinting significantly reduces fraud is very hard to come by, and we shouldn't let stereotypes of welfare recipients get in the way of rational analysis.

* "Privacy prevents the marketplace from functioning efficiently. When a company knows more about you, it can tailor its offerings more specifically to your needs."

This is a non sequitur. Few proposals for privacy protection involve preventing people from voluntarily handing information about themselves to companies with which they wish to do business. The problem arises when information is transferred without the individual's knowledge, and in ways that might well cause upset and alarm if they became known.

* "We don't need more laws about privacy. Our operations are already governed by dozens and dozens of laws, each creating its own layer of red tape."

This argument works by shifting attention away from the specific issues of right and wrong to the abstract category of "laws". In most industrial sectors in the United States anyway, it is totally misleading to suggest that privacy is regulated by numerous laws. In most cases it is not regulated by anything beyond the notoriously weak privacy torts. Some industries, such as credit reporting, are government by weak laws that basically legitimize the practices of the largest players while protecting them against competition from smaller firms who do not have the resources necessary to comply with the laws. Indeed, part of the problem is that, whereas most of the industrial world has a coherent and unified system of data protection regulation, the United States has a ragged patchwork of laws, all of which could be repealed or rewritten in a more rational fashion if the United States conformed to the system employed everywhere else.

* "The constant insistence on privacy encourages incivility".

This argument is commonly heard from people with an interest in defending bothersome invasions of privacy such as spam, junk phone calls, and the like. These people often encounter irate objections from the individuals they bother, and naturally the least civil of these objections stick in their minds. Thus, when privacy advocates agitate for privacy protection, it sounds to these people like advocacy of incivility, vigilantism, and other bad things. But the argument is a non sequitur. It's like saying that opposition to any other form of obnoxious behavior encourages incivility. People sometimes shoot burglars, but that doesn't make burglary okay. Likewise, even if some people get irate when their privacy is invaded, that doesn't make it okay to invade anyone's privacy. It is equally arguable that what causes incivility is obnoxious behavior that has not yet been outlawed. Lacking formal recourse, someone who has been wronged by an invader of privacy can only choose between complaining and remaining silent. Most, in fact, remain silent, and the illogical nature of the argument is proven when other invaders of privacy turn around and say that this preponderance of silence proves that people don't really mind having their privacy invaded, and that the complaints represent only a small faction of hysterics.

* "The closing of voter registration lists, drivers' license records, and the like in the name of privacy is part of a dangerous trend away from our tradition of openness, toward making it more difficult for the public to access public information."

This is an example of a common, insidious PR tactic. The tactic has two steps: classifying an obnoxious practice under a broad, vague, positive-sounding category, then painting opponents of the practice as opponents of that broader category. The category here is "openness": those who oppose the sale of drivers' license records are made into enemies of that broader value. It is like arguing that someone who opposes bullfighting is against sports, or that someone who opposes abortion is against medicine. Those who support a "tradition of openness" should not feel obliged to make common cause with people who abuse it. The purpose of open government is to permit citizens to participate in the processes of a democracy, and to know whether the government is doing what the people want it to do. Reselling voter registration lists and drivers' license records do nothing to promote the effective workings of a democratic government. Reasonable, civic-minded people have a right to be offended when self-interested parties attempt to drain the meaning from a word like "openness", given the significant role that word plays in civic discourse.

* "The information is already public because it concerns things that happened in a public place."

This argument is commonly used to suggest that people do not have a privacy interest in information about things they have done in public places, for example their use of public roads and sidewalks. It depends on two fallacies. The first fallacy concerns the word "information". If someone happens to see me walking down Main Street on Sunday, I should not be able to prevent that person from telling others what they have seen. That's "information" in one sense of the term -- someone's personal knowledge about me. But if someone creates a database of information about where various people have been walking, then they have created "information" in a different sense -- data that is stored on a computer. That data may represent something that happened in a public space, but it does not automatically follow that the resulting data should be regarded as "public". If that were really true then anybody at all would have a right of access to such databases -- they would be "public data". Nor does it follow that I -- as a person whose activities are represented in the database -- have no moral interest in that data. The second fallacy is the automatic conclusion that people have no privacy interest in things that happen in a public place. If two people have a whispered conversation on a park bench, having looked around to make sure that nobody is close enough to overhear them by accident, then most people will probably agree that they have a reasonable expectation of privacy, and that it would be wrong to set up a sophisticated recording device to pick up their conversation at a distance, or to install a hidden microphone on the park bench. The question, then, is precisely what privacy interests people do have in activities that occur in public places. Consider the case of a database that records my travels over several months, using data collected from sensors that have been installed along highways in several states. Even if we agree that each individual observation constitutes public information -- we could hardly prevent someone from standing along a roadway and happening to notice me driving along -- it does not follow that it is acceptable behavior to set out deliberately to gather such information systematically, much less to use the information in ways that affect individuals' lives. The word "public" needs to be treated with more respect.

* "We are just selling access to information from public sources. If we can gather this information, so can anybody else."

Just because certain information is available from a public source, it doesn't follow that it's right for that information to be available in that way. Nor does it follow that it is okay to further propagate the information in any particular way. Maybe it is right, but that conclusion requires a separate argument beyond simply saying that the information came from a public source.

* "The right to privacy is an elitist concept because it provides an excuse for the powerful to keep their secrets while they go ahead and invade the rest of our lives."

If the law protects people unequally, it does not follow that it should not protect anyone. If the elites are invading the rest of our lives, then they should be stopped. Furthermore, even if it is impractical to prevent the elites from invading our lives, it does not follow that the concept of privacy is elitist. The concept might be perfectly egalitarian, even if the structures of society prevent it from being implemented in an egalitarian way.

* "If you think you're being persecuted then you're probably just flattering yourself. Big organizations don't really care about you as an individual, just about their own narrow goals."

It is true that some people with privacy concerns are paranoid schizophrenics with delusions of reference -- people who interpret every rustling leaf as a sign of a vast conspiracy aimed specifically at them. But most people with privacy concerns do not understand them in that way. Most of the harm done to personal privacy by big organizations does not depend on them singling anybody out. Quite the contrary, it depends on the organizations' capacity to gather, process, and act on personal information on a mass-manufacturing basis. The danger derives precisely from the organization's focus on its own narrow goals, to the exclusion of the goals, rights, and interests of everyone else. At the same time, big organizations do in fact sometimes persecute individuals. Whistle-blowers, for example, have often been subjected to investigation and smear campaigns. Perhaps the classic case was General Motors' campaign against Ralph Nader, which resulted in one of few civil actions for private surveillance that have led to significant damages in the United States. The United States government, for its part, has run huge, well-documented campaigns of surveillance and sabotage against nonviolent dissidents for most of this century, and there is little reason to believe that it has stopped.

* "New technologies will make it possible to protect privacy."

This doesn't sound like an argument against privacy protection on the surface, and often it is not. It is sometimes used that way, however. The context is usually that someone is proposing a new technical arrangement that seems to invade privacy; when you object to the privacy invasion, they will observe that new technologies will make it possible to protect privacy, leaving it unclear whether they actually plan to use those technologies. An analogy would be the use of double-hulled oil tankers. When it was first proposed to open Alaska to oil-drilling, people concerned about the environment objected that a giant oil spill could easily happen as a tanker hits a rock in the complex waters near the Alaskan coast. Not to worry, the lobbyists said, double-hulled oil tankers will make it unlikely that much oil would be spilled in an accident. But no laws were passed requiring that double-hulled tankers be used, and they were in fact used rarely if at all. Never let anybody get away with presenting any technological advance as inevitable -- particularly when it would not be in their interest to use it.

* "You're right, we do have privacy problems. People are understandably upset when they assume that they have certain privacy rights and then later find out that they do not. We must communicate with people so that they understand the actual situation in advance."

This is a something that managers often say. On a policy level, the problem is that it pretends that notification of information handling procedures constitutes an adequate privacy policy all by itself. On a rhetorical level, it attempts to redefine the nature of "privacy problems". For most of us, the phrase "privacy problems" refers to invasions of privacy. For people with a manipulative orientation, however, "privacy problems" refers to situations where people object to having their privacy invaded. These people would prefer to make those situations go away by making complaints illegitimate ahead of time. Note the pretense of empathy for the distressing experience of having your privacy violated without having been told ahead of time that your privacy would be violated. What's missing is any empathy for the distressing experience of having your privacy violated period.

* "If you ask people in a poll whether they're concerned about privacy then of course they'll say yes. But if people really cared about their privacy then we would see them flocking to debit cards, which are much more similar to cash than credit cards. The fact is that they get a benefit from credit cards, namely the float on their money, and they are evidently willing to surrender some control over their personal information in exchange for that benefit."

This is a fairly sophisticated argument, but it doesn't work. The basic idea is that privacy can be understood as a commodity that is bought and sold in the market. Just as people who want cheese on their hamburger pay more for it, likewise people who want privacy with their business transactions should expect to pay more for it. Some people will object that it is simply immoral to turn rights into commodities. But even if that premise is accepted, the argument only works if privacy markets operate correctly. One can demonstrate that a market in privacy protection exists, but that is not the same as demonstrating that this market does what markets are supposed to do: allocate scarce goods according to the relative values that various people put on them. Markets in privacy protection are in fact quite seriously dysfunctional, not least because in most cases it is just about impossible for any normal consumer to assess the value of a given increment of privacy protection. It is possible in principle that such markets can be made to function halfways correctly, but a substantial burden of proof should be placed on the promoters of such strange market mechanisms to demonstrate how. In the particular case of debit cards, the contrast is greater than just a matter of float. Many people in the United States do not use debit cards because their liability is unlimited when the card is stolen.

* "We have to weigh the interests of the individual against the interests of society as a whole."

This is one of those arguments that proceeds by constructing huge abstractions and positing a conflict between them. When framed in such an abstract way, this argument sure does seem to caution us against letting privacy rights get out of control. But when actual specific issues are raised, this sort of argument is most often meaningless or irrelevant. Once the actually available options are rationally assessed, it almost invariably turns out that privacy protection does not have to conflict with much of anything. And when conflicts do occur, they can be weighed and judged on much more concrete grounds, without being reduced to huge abstractions.

* "Fear of extensive merger of databases is misplaced because in actually practice it is extremely difficult to merge databases. Two databases that arose in different organizations, or for different purposes, will probably be incompatible in many ways, for example through the different meanings they assign to data fields that sound superficially the same. Organizations that maintain personal data have their hands full just maintaining the accuracy of the databases they have, without trying to create the one gigantic Big Brother hyperdatabase that privacy advocates are always warning us against."

This argument asks us to doubt the power of technical progress. Merging databases is a huge research topic right now, not least because of the significant business opportunities that would arise if the problem were to be solved. Markets have always grown through standardization, and standardization of data is no different -- a hard problem but no harder than a thousand others that have gone before. In many industries, merged databases may arise through industry standard data models, for example the standard categorizations being developed in medicine. If the databases are created in a standardized way in the first place, then merging them will be easy. Also, it is true that companies that own large databases of personal information must invest large sums in maintaining them. But these companies are hardly zero-sum deals. Investment capital flows easily to wherever it can turn the best profit, and if extra profit can be gained by both maintaining existing databases and merging them with other databases, the necessary funds will be available to do both.

* "Privacy advocates are crying wolf. We have been hearing these predictions of some kind of privacy disaster scenario for 20+ years and its hasn't happened yet."

This argument gets its force from the stereotype of Big Brother. Our society does not yet resemble George Orwell's dystopia, the argument goes, so the warnings are all hype. Big Brother is a convenient metaphorical handle, but like all metaphors it is only intended to apply in certain aspects. Also, the word "disaster" suggests that nothing really bad is happening unless there occurs some single, well-defined, horrible event by analogy to a nuclear power plant meltdown. But few problems work like this, and it is more accurate to see privacy as being eroded from a thousand directions at a steady pace. Privacy has been very significantly eroded over those 20 years. Privacy advocates have, if anything, underestimated the number and variety of threats to privacy, for the simple reason that privacy advocates are few in number and the threats are much more numerous than those few individuals can keep track of.

* "AVI toll-collection systems don't really identify the person who is driving the car, just the car itself. It's not clear what weight that kind of circumstantial evidence would have in court, and if it's no good in court then it's not clear to me what we're supposed to be worrying about."

Note the transition from "it's not clear" to "it's no good", from raising doubt about a problem to asserting that the problem does not exist. Circumstantial evidence carries weight in court all the time. And if you live alone and have no obvious reason to be lending your car, any rational jury will regard your car being spotted somewhere as strong evidence that you were there.

* "Attacks on direct mail under the guise of privacy concerns are really attacks on free speech. Mail is a democratic medium, available to all. When newspapers and television stations publicize attacks on mail from the tiny handful of self-styled privacy activists, their real agenda is to suppress competition to their centralized control of communication in our society."

This is an actual argument; I am not making it up. It employs a standard PR move, redefining attacks on unsolicited commercial mail as attacks on mail as such. When attention is focused on the specific category of unsolicited commercial mail, this argument only carries weight in the context of mail that is demonstrated to have political value for a democratic society. That is surely a small proportion of the total. Given the increasingly common practice of mailing negative attack ads to voters on the eve of an election, making it impossible for an opponent to reply, the proportion of defensible mail is even smaller. But forget all that. Nobody is proposing to outlaw unsolicited commercial mail, not least because of the free speech issue. The problem is not unsolicited commercial mail as such; it is the use of personal information to generate commercial mail without the permission of the person targeted. No reasonable person has a problem with direct mail that is solicited by its recipient.

* "These issues about computers and privacy aren't really new and aren't really about computers. Everything you can do with a computer could be done before with paper files."

This is false. With paper files, it is literally impossible to perform data mining with terabyte databases. Now, mathematicians recognize various abstract senses of words according to which things are possible even though it would take millions of years to do them. But in normal language, things like data mining are only possible if large organizations can do them in a lifetime. Besides, the argument turns on a more elementary fallacy. Every problem can be portrayed as "not new" if it is characterized in a vague enough way. And problems frequently become qualitatively worse with a large enough quantitative increase in one or more of their contributing factors. This is a simple point.

* "Computer technology isn't bringing us into some scary new era that we can't understand. Quite the contrary, it is returning us to the old-time village where everybody knew everybody else's business. That's the normal state of people's lives -- the state that was lost as modern society and technology caused us all to be separated into cubicles. Privacy is thus a distinctly modern obsession, and an unhealthy one too."

Large organizations knowing everybody's business is not the same as "everybody" knowing everybody's business. The village metaphor suggests a degree of equality and reciprocity that does not describe individuals' relationships to the organizations that maintain databases of personal information about them. Now, some people imagine science fiction worlds in which ordinary people know as much about Equifax as Equifax knows about them. I'm not placing my bets on the emergence of such a world. And even if it existed, it would differ from an old-time village in ways too numerous to count.

* "The problem isn't privacy per se. The problem is the invention of a fictional "right to privacy" by American courts. This supposed "right", found nowhere in the Constitution, has been running amok, providing the courts with excuses for inventing artificial rights, such as the right to abortion, and interfering in people's lives in other ways, for example by restricting the questions that employers can ask potential employees in interviews. Ironic but true, the real agenda behind this supposed "right to be let alone" is actually a power-grab by which courts extend their control over society. The best guarantee of privacy is freedom -- the freedom of people to negotiate their relationships among themselves by themselves, without government interference."

Starting with the last point, if the efficacy of regulation is understood as an empirical issue and not a matter of dogma, then it is empirically false that lack of regulation causes privacy to be protected. The cases of systematic abuse of privacy in unregulated markets are innumerable. Returning to the first point, it is true that the word "privacy" does not appear in the Constitution. The Constitution was written by people who had never heard of corporations or computers, and so it necessarily takes intellectual work to understand how it should be applied to a world that has been profoundly reorganized through the use of such novelties. Reasonable people can disagree about how this should be done, but simply observing that a given word does not appear in the document is not very helpful. It is not as though the argument is unfamiliar: the Constitution is supposed to be interpreted and applied as a coherent whole, not as a disaggregated series of unrelated phrases, and the First, Fourth, Fifth, and Fourteenth Amendments, among other passages, together aim very clearly at a strong protection for individual autonomy. Such a principle is always found at the center of any liberal theory of society, such as that held by the framers, and the Constitution makes no sense as a normative political theory unless it includes such protections. Of course this principle can conflict in particular cases with other, equally important principles, but weighing such conflicts is what the law is for. If legal decisions are to be made simply by observing which words appear in the text, it would be impossible to achieve rational and consistent outcomes -- much less outcomes that are just and supportive of democratic values.

* "It is too costly to implement such elaborate safeguards."

This assertion is usually just false. Even when it is true, the reason is usually that it is difficult to change systems once they have been implemented. The system could most likely have been designed originally with a whole variety of inexpensive but effective privacy safeguards. Privacy concerns are not exactly new, and hardly any systems today were designed before these concerns were first articulated in detail. An organization should not be absolved of its responsibility to protect privacy just because it fell down on that responsibility in the original design of its systems. What is more, any organization whose information systems are so outdated that they do not incorporate privacy safeguards could almost certainly profit from a thorough review and reengineering of its information handling practices. Any number of highly experienced consultants could help them with this, and the benefits would probably go far beyond privacy protection.

* "Technology has changed the very ontological category of the person, who is no longer just a flesh-and-blood organism but also a far-flung digital entity as well. In this context, when people's identities are distributed across cyberspace, concepts of privacy don't even make sense any more. In that sense we should accept that we have entered the post-privacy age." This argument depends on a simple fallacy: just because your identity is "distributed", it doesn't follow that anybody needs to have any access to it outside your control. Note that the fallacy depends on the "space" part of cyberspace. Normally we expect to have little control over objects and events that exist far away from us in space, and so if our identities are distributed across cyberspace, it would seem to follow that parts of our identities are far away from us, and that therefore we can expect to have little control over them. But the premise is false. The whole point of cyberspace is that it collapses distance and makes it possible to maintain relationships with people and information across vast geographic distances in real time. It is technically quite feasible to provide individuals with control over the use of numerous geographically distributed components of their electronic identity. In that way, concepts of privacy make even more sense than they used to, not less.

* "I don't care about privacy."

You are not obliged to care about your own privacy. The point is that other people have a right to care about their privacy. Their concerns are legitimate, and it is reasonable for society to make some provision for addressing them.

* "Those same technologies that cause privacy concerns also provide positive social benefits."

While true as a simple assertion, interpreted as an argument this statement is a non sequitur. Even if some particular technology produces both benefits and privacy invasions, it is altogether likely that some other technology provides the same benefits while posing less danger to privacy. The rapid emergence of privacy-enhancing technologies will make this even more likely in the future.

* "All this talk of Panopticons is ridiculously overblown. We are not living in any sort of totalitarian prison society just because we get too many magazine subscription offers in the mail. Let's be sensible grown-ups and weigh the costs and benefits of the technology, rather than exaggerating with dramatic but misleading metaphors from trendy philosophers."

Magazine subscriptions make people angry because they are invasive and visible. The most serious threats to privacy are the least visible, and sensible grown-ups evaluate arguments based on the strongest case, not the weakest. It may be that some people are misled by the metaphors, but sensible grown-ups understand that metaphors are metaphors, and that only certain of their implications are intended. The pervasiveness of surveillance in industrial societies has been well documented.

* "Privacy advocates claim that Caller ID is an invasion of privacy. The other point of view is that nuisance phone call are an invasion of privacy, which Caller ID allows people to take some control over."

Most privacy advocates are not opposed to Caller ID as such. Caller ID, if it is implemented correctly, provides a mechanism by which people can negotiate their privacy. It ought to be easy for callers to decide whether to send their phone numbers, and it ought to be easy for call recipients to decide whether to answer calls for which phone numbers have not been sent. The switch manufacturers who want to sell Caller ID services to marketing firms, however, have fought tooth and nail to make it difficult for callers to choose whether to send their phone numbers with their calls. And this is what privacy advocates objected to.

* "Credit reporting agencies provide a service that people want. Indeed, people regularly go to great lengths to cause a record of their credit history to be created in a credit reporting agency's database, precisely because they want to enjoy the benefits of having a credit record."

This is all true but it is not relevant to debates about privacy. Credit reporting serves a useful social function, and it is possible that no other means of serving that function exists now. That's not the issue. The issue is ensuring that consumers are able to know and control what happens to information about them. Among other things, they need effective rights of access and correction (copies of their report that are easy to get, corrections that actually get made); they need effective controls over secondary use of their information (not just obscure opt- outs); and they need an effective means of redress when they are harmed by the spread of false or incomplete information.

* "If you look hard enough at who is really agitating about privacy, you start finding a lot of tax resisters, cult members, and other marginal characters with something to hide. It really makes you wonder about the motives of the high-minded people who get quoted in the newspaper issuing Chicken Little predictions about Big Brother."

It is true that some lowlifes have been vocal about protecting their privacy. But in a rational society, things are decided based on whether the arguments work, not on who is making them. And to lump the honest privacy advocates with the lowlifes is the lowest type of smear. The fact is that ordinary citizens, who presumably include only a small percentage of lowlifes, consistently express high levels of privacy concern in polls and levels of outrage when told about real information handling procedures in focus groups, and that they consistently express very high levels of support for specific privacy-protection proposals that have nonetheless been rendered unthinkable by our distorted political system.

* "The technology to create electronic healthcare networks is here, but its spread has been slowed by court rulings on the privacy of medical records. This is clearly an area where Congressional action is needed. If the issues are looked upon as providing modern healthcare rather than an invasion of privacy, such an act will probably fly."

This argument calls for privacy issues to be simply ignored. It is more a statement of political strategy than a real argument.

* "We provide these access tools for our customers' convenience. When we set up cumbersome barriers between our customers and the information they need, we get complaints."

This argument often arises in situations where organizations make information on their customers available in some public way, for example over the phone, without adequate security. The complaints of people who are made to identify themselves adequately are held out as arguments against adequate privacy protection. But the argument is a non sequitur. Just because some category of people dislikes the mechanisms that are necessary to protect privacy, it does not follow that all other categories of people should have their privacy placed at risk. Your privacy has a higher moral status than my convenience.

* "Organized crime poses a more serious threat to society than do government and corporate snooping. Privacy protection disables a key weapon that law enforcement presently uses to keep organized crime under control."

This argument routinely arises in contexts where law enforcement is asking for extremely broad powers that have little rational connection to organized crime, or whose likely application is vastly greater than just organized crime. The argument should not be accepted in its abstract form, but only concretely, in application to specific proposals.

* "Epidemiologists need broad access to medical records in order to detect patterns of disease. Without these patterns, the disease might go uncured, even undiagnosed."

Epidemiologists rarely need to know the individuals' identities. For almost all purposes, they can work just fine with anonymized databases. Yes, occasionally epidemiologists do need access to specific identified individuals. But these powers can easily be abused, and they should not be granted in a general way. Individual identities should only be disclosed to epidemiologists on a case-by-case basis when a very high standard of necessity is established and appropriate due process protections are observed.

* "When people talk about the need to protect privacy, it usually turns out that they are only talking about individual privacy. But we need to balance individual privacy with organizational privacy."

Organizations do not have privacy rights. The argument that they do always depends, so far as I am aware, on an overly broad application of the legal idea that corporations resemble persons. The ascription of human status to corporations has always been limited. It is useful to distinguish two senses of the word "rights". Human individuals have natural rights. Individuals and other entities also have rights that are created by statute. There exist expedient political and economic reasons for society to recognize other kinds of organizational interests, but these are not matters of natural right. They have a strictly lower moral status than the rights of natural individuals, and their exact scope will vary historically as technological and economic conditions change. It does sometimes happen that individuals' privacy rights conflict in specific cases with the legitimate interests of other entities, and it may sometimes happen that particular privacy rights are outweighed by particular interests of organizations. But this is not because the organizations possess rights that outweigh those of individuals, but because the existence of certain organizational interests serves certain societal values that happen, in particular cases, to outweigh certain personal privacy rights. These conflicts are real, but they can be discussed rationally without being misrepresented as a clash of conflicting privacy rights.

-------------------------------------------------------------------- Phil Agre, editor pagre@ucla.edu Department of Information Studies University of California, Los Angeles +1 (310) 825-7154 Los Angeles, California 90095-1520 FAX 206-4460 USA -------------------------------------------------------------------- Copyright 1996 by the editor. You may forward this issue of The Network Observer electronically to anyone for any non-commercial purpose. Comments and suggestions are always appreciated. -------------------------------------------------------------------- ```

Go back to the top of the file