|
||
 |
||
| For more than 100 years, individuals have had the legal right to be left alone. But what happens in the Information Age, when, it seems, anyone can find out just about anything on anybody? Until recently, only celebrities worried much about privacy issues. But, thanks to ever-widening Internet connections and ever-more-sophisticated databases, a new potential for abuse looms very large. All of us may have to worry about some sort of version of the National Enquirer headline that trumpets, “Dwight Gooden Back in Detox!” Concern about privacy appears to be one of the few things still holding people back from buying things on-line, so Context turned to two outspoken experts for help in sorting through the issue. The debate that follows mainly focuses on whether details about our personal lives can, or should, be protected from hackers, snoops, bankers, insurance companies, or even bosses. The two experts also offer some suggestions on how long it will take for privacy issues to fade, so they stop generating such fear and passion. Jason Catlett, head of an organization called Junkbusters, advocates strong new laws to support privacy, which he views as a fundamental human right. He also wants to beef up the regulations that have governed credit reporting for the past quarter century. David Brin, on the other hand, believes it’s futile to attempt to protect ourselves by regulating what other people can know. The author of The Transparent Society and The Postman (which was turned into a movie involving actor Kevin Costner) says we would need something like George Orwell’s “thought police” to enforce the regulations on privacy. And, he says, crooks would still create an underground market that would provide detailed information about individuals. Brin says the only real answer is the cyberspace equivalent of a two-way camera. In other words, if you get to time the bathroom breaks of your employees, they get to peer into your office and time yours. If you can gather information on your customers, then they can gather data on you, personally. An intriguing, but disturbing, idea. The sometimes heated dialogue begins with Catlett and Brin laying out their opposing views on whether too little privacy, or too much regulation, will harm civilization more.
DAVID BRIN: For five years, I’ve asked privacy fundamentalists to show me the evidence that privacy is intrinsic to human nature, or is a basic right. I know that’s provocative to say, but think about it. A basic right is one that either manifests itself in every culture, or one that, if watered down, would cause the benefits of our civilization to vanish. A good example is freedom of speech, which has to be nearly absolute, or else it fails. On the other hand, privacy is far murkier to define. It’s a wonderful and desirable byproduct of freedom. But freedom comes first. A free people can argue and choose a level of privacy that suits them, then change their minds later. In fact, we currently have far more privacy than our ancestors did, for one reason: We’ve created a civilization that holds the mighty accountable. No other society managed that. To protect our privacy, we must protect the freedom of individual citizens, even those we disagree with. And that does not mean rushing to blind them. In essence, the strong-privacy movement says we can protect ourselves by regulating what other people know. That will never work. CATLETT: I disagree that privacy means regulating what other people know, any more than copyright law regulates what people can know. It simply means restraining, by law, what other people can do with data about you. Let’s take an irritating example: telemarketing. Do telemarketers have the right to phone me at 3 a.m. and try to sell me a newspaper? BRIN: No, they don’t, because that telemarketer is impinging on your personal sovereignty. He is violating the fundamental definition of privacy worked out in the U.S. courts in the 19th century—the right to be left alone. I agree with you on that example. But the strong-privacy movement goes much further. Adherents believe you own all information about you and have a right to tell other people they may not know it. CATLETT: The right to be left alone is an important part of privacy. But in the computer age it has to be extended so that individuals can determine for themselves what information is divulged about them, and under what terms. BRIN: But what are you going to do about the nature of information? Unlike any other form of property, it can be duplicated at zero cost and without limit. It can hop from mind to mind. Once it’s out, you can never contain it again without draconian measures straight out of George Orwell. CATLETT: The measures I’m talking about are not draconian and are far milder than recent copyright law such as the Digital Millennium Copyright Act. They’ve been in force for 25 years; look at the Fair Credit Reporting Act. It requires companies that sell information about consumers’ credit to abide by certain fair information practices. This is exactly what most privacy advocates mean by privacy. For example, these companies are required to show to the person concerned the information that’s being sold about them. They are also required to destroy it when it’s no longer relevant. BRIN: Wait a second. There’s a big distinction between those two requirements. Let’s say you go up to some institution and say, “You’ve collected data about me. I want to see it and correct any errors.” That’s enforceable, and it’s proven. It works. But now go up to somebody and say, “Forget what I told you about that other person.” How in the world are you going to enforce that? CATLETT: Nevertheless, for 25 years, credit-reporting companies have been destroying out-of-date information. BRIN: Maybe. Here and there. When they don’t simply hide it instead. Which they do when there’s advantage to it. Today, offshore data havens are being created in the same places where banking havens were set up to avoid regulation. Any bank officer can now dump information about bankruptcies more than seven years old into these havens, then shout, “My database is clean!” It may be against the law to know this information. But that just means the information becomes contraband and flees to wherever it can be laundered and stored safely. CATLETT: But, major credit-reporting agencies cannot make money by selling such data. If they do, the Federal Trade Commission will sue them. BRIN: A shell company can safely be set up offshore to sell the information. A bank officer can use his home computer, get access to an Antigua-based Web site, and see if a loan applicant had a bankruptcy nine years ago. CATLETT: Your argument seems to be that, because data-protection laws can be broken, we shouldn’t have them. That’s like saying we shouldn’t have taxation laws because companies can move funds offshore to avoid tax. BRIN: No. That’s different. Tax laws can be upheld by getting information. Taxation becomes fairer in direct proportion to increased openness. You are trying to forbid and erase information, which is infinitely duplicable and concealable. If you make information contraband, you will only create an underground information economy that will make the drug war look like nothing. CATLETT: Well, I don’t wish to comment on the drug war. But, plainly, many countries function very happily with requirements that information be timely and relevant, and that it be destroyed after a reasonable period. BRIN: But they don’t bother taking any sort of measures to see whether or not the laws are working, do they? If you make laws that try to restrict human knowledge, the elite will simply say, No way! They’ll pay whatever it takes to get the information. And the rest of us, who abide by the laws, will be left in the dark. CATLETT: England, Sweden, Germany have data-inspection agencies that routinely investigate cases of information being used unfairly. Those systems work effectively. BRIN: The people I know who have reported from those countries would laugh at your assertion. Contraband information is so much easier to smuggle and hide than drugs. It doesn’t have to be stuffed in condoms and swallowed by poor people who might be X-rayed as they cross international borders. We’re talking about electrons. Look at the ingenuity that has been used to smuggle drugs, and all the money that has been spent. Then think of the universal attractiveness of knowing things, which is far more powerful than drugs. Besides, who wants to trust a bureaucracy with the kind of power it would need to enforce laws on the flow of information? CATLETT: Let’s look at what we’re trying to do in this country with the Fair Credit Reporting Act. We’re trying to ensure that companies treat information fairly. Now, certainly an adversary that has sufficient motivation and resources could evade legal provisions. But we’re trying to give the majority of people a decent level of protection. BRIN: Let me shift the “focus,” so to speak. Every year, new cameras appear that are half the size, double the acuity, and much more mobile than their predecessors. Also being developed are little teeny scanners and robots that can be moved from place to place via remote control. No one is contending that laws will be able to stop the proliferation of these eyes, are they? If so, may I ask how you’ll enforce the laws? Someday, it’s entirely possible that people will be able to walk down the street with their eyeglasses tuned to the Internet. The history of every person they pass could be looked up in some great database. Can you imagine it? Each person you pass will have a caption giving his or her name, a brief bio, and his or her reputation. Now, does that sound scary? It certainly will be if only elites have that power. But if everyone has it, and the humble can look at the mighty, it will return us to the condition we had in the old village, when everyone knew everyone else’s name and reputation. If it’s reciprocal, you at least get to know what you need, to prevent others from harming you. CATLETT: That sounds awful. BRIN: Which raises two questions: How are you going to stop it? And, have you considered that maybe there might be a way to get rid of the awful part and keep the good part? CATLETT: The view—sometimes called “technological determinism”—that it’s useless to resist the march of technology is simply wrong, both morally and practically. I certainly don’t agree that we’re going to have video cameras every five feet—simply because of economic barriers, if for no other reason. And, for all of technology’s snooping capabilities, I still don’t agree with your claim that it’s useless to have laws to restrict the use of data about people. There is extensive precedent. When the telephone came into widespread use in the early 20th century, the courts came to grips with the fact that the data about who called whom, and the content of those conversations, require legal protection. Very strong privacy laws have been in effect for decades protecting the information about whom you call. Time and again, new laws have been necessary to protect people’s privacy. For example, the Telephone Consumer Protection Act of 1991, which restricts the making of telephone solicitations. BRIN: Let me make something clear: I have nothing against short-term palliative measures to protect the citizens’ privacy. I just believe that an erroneous philosophical consensus has coalesced with tremendous rapidity around the notion that you can use secrecy to protect both freedom and privacy. In the short term, measures to promote secrecy can sometimes do some good. But for four years I have been defying people in the strong-privacy movement to come up with a single historical example in which a human civilization’s general happiness, freedom, and prosperity were enhanced by a general increase in secrecy. CATLETT: Well, for one, Sweden has had basically a data-protection law since 1766. BRIN: And in Sweden you can go down to a Stockholm office and look up not only things you can look up in this country—such as property-tax records—but also the income-tax records of any citizen. CATLETT: Correct. BRIN: The capability helps Swedes have the accountability of transparency. They can, among other things, keep track of whether public officials are being bribed, which is much more difficult in this country. We need court orders and such. So the Swedish experience actually buttresses both of our points of view. But perhaps mine a bit more, because it shows how openness fosters accountability. I think we need experiments similar to this to figure out what to do. What we do not need is an instant calcification of our response, which we will have if we decide to make this or that kind of knowledge illegal. CATLETT: Let’s not equate the rights of the individual with the role of government here. I’m certainly all for transparency in government functions. Where we need protection of information is with respect to information about individuals. Nor is it necessary to have a vast government bureaucracy. In American law, an individual, if wronged by, say, an illegal marketing call, can simply walk down to the small claims court and sue the company for $500. BRIN: I, too, favor such simple torts as a way for individuals to gain justice against larger entities. But why not extend the idea? Instead of huge government agencies and controls, why not address the issue of spying in the workplace with a simple solution? Pass a tort law that says: If any corporation is spying on its workers, those workers have the right to spy back on the top 100 officers of the company. If the company is timing worker bathroom breaks, then workers get to time the executives. If the company is looking at workers with a camera, they get to look back. CATLETT: That may have some merit in making workers feel better. But what we’re talking about is really whether a company should be able to sell information about your lifestyle and personal habits without asking you. BRIN: And I say that, in the short term, bring on your regulations. But, in the long term, anyone who relies on them is a bloody fool. You are not going to stop the tide by railing at it. CATLETT: You can stop it by defeating the economic basis. BRIN: By blowing up the moon? CATLETT: By keeping companies from making money by overtly advertising that they have the kind of information we’re talking about. BRIN: You want to bet? In five minutes I could come up with a business plan by which such information can be collated in Antigua and provided to any client who wants to find out whether you buy Pampers. CATLETT: The basic fact is that this kind of personal information can be gathered by companies in a fair and consensual way without terribly much more difficulty than if they do so unfairly. BRIN: Now you’re saying that the great defense against the unfair use will be for people to be open. Is that what you’re saying? CATLETT: I’m saying that data-protection laws will be effective because companies that abide by them will serve the market best. BRIN: Okay, I can see that. If you make it attractive to individuals to sell their personal information to a discreet and honorable marketer who will give them a couple of pennies every time the information is passed on, that might be a very good way of driving the illicit marketers out of business. Note, though, that this approach involves adjusting the flow, not trying to stop it, or railing against the tide. CATLETT: I don’t accept that privacy advocates are railing against the tide. It’s inevitable that in a few years we’ll see some kind of legislation in this country to treat information fairly. This will mean telling people what information is being collected, showing them the information about them if they wish to see it, not using it for other than the purpose for which it was collected, destroying it after it’s no longer needed. These are not terribly difficult things to do, and companies should start preparing now for the day that they have to do these things. BRIN: Note that privacy is not the chief concern of experienced folks, who have already done e-commerce. But I think you’re perfectly right in your prediction. The lemming-like rush toward these kinds of solutions is quite unstoppable at this point. It’s very much like the period when people rushed into enacting drug laws. I think you’re predicting the near-term future tragically well. CATLETT: I don’t accept the lemming and drug-war analogies. I think what’s going on is more like the environmental movement, which developed in the ’60s because companies had polluted with little regulatory impediment and caused a great deal of damage to the environment. BRIN: The difference is that those companies that were the most criminal and antisocial saw advantage in resisting the environmental laws, which eventually hemmed them in. But, in the Information Age, those companies that have the most criminal intent will see advantage in the passing of the very laws you recommend. Because those laws will create a contraband economy, and, as happened with gambling and drugs, companies that possess illegal information will have extremely high profit margins. CATLETT: I find it highly unlikely that the existing players in the direct-marketing industry will find it attractive to move operations to Antigua. I go back to the environmental-regulation analogy. By stopping a small number of selfish players from polluting the waterways, the laws enabled a far healthier environment. Data-protection laws can do the same. All the surveys show that the No. 1 concern of people who haven’t yet participated in e-commerce is protection of their privacy. Requiring that all companies respect a minimum level of privacy will boost consumer confidence and encourage many, many more people to participate.
|
