Privacy as you know it is dead–but you can bring it back

By Martin Bosworth

I have little to say about the Kabuki theater that is Elliot Spitzer’s fall from grace, so aptly summed up is the situation by my man Motherwell over here. But it does tie in to a larger point–if a former Attorney General and current Governor ofarchitect.jpg one of the most powerful states in the country can be brought down by a wiretap this easily, what chance does anyone have in this, the modern surveillance state?

Because that’s what this is, folks. We’re living in a surveillance society now, our every move tracked, our emails catalogued, our phone calls traced, our Web sites marked for future reference. It doesn’t matter if you’re good or bad, they know when you’re sleeping and awake. And they know who your friends are, who you speak to, where you go, what you buy, and what you do with all of it.

The National Security Agency has rebuilt the dreaded “Total Information Awareness” mandate, culling data from dozens of disparate databases and hundreds of sources and using targeted leads to build a mosaic pattern of information on a particular “person of interest.” Like a concentric circle (a target?) radiating outward, each ring grows to expand more and more of that person’s social network–their friends, their coworkers, their relatives, their family, and so on. Even if you accede to the idea that immediate surveillance of a target is useful, how much useful data can really be gleaned with this big a trawl? It’s like those awful fishing nets that rope in dolphins as they rake the seas, capturing the unneeded and the wanted alike in their wake.

And the idea that we could trust even the most upstanding and ethically spotless iteration of our government with this kind of unchecked, unmonitored, and uncontrolled “data dumpster diving” is weak, but when you fathom the idea of trusting it to the Bush administration–where lawbreaking is Job #1–it’s almost laughable. Yet this is exactly what our so-called “legislative branch” has been doing, and all our efforts to preserve the rule of law and stymie these spy programs are meeting with baby-steps on the Hill at best.

It’s far from the government that’s engaging in this type of profiling. Your every search, query, and Web site is tracked by the big players in the game–creating massive troves of data detailing what you want to visit and how long you stay there, all in the hopes of devising ever-more targeted advertising to hit you with. That the majority of online advertising we see is barely relevant to the site in question at best is a cold comfort, as it speaks more to the weakness of the execution rather than the failure of intent. At least AOL is doing the smart thing and breaking out the cute penguins to explain how its ad-tracking system works, but who still uses AOL?

A common response to the sheer helplessness one can feel at being part of the surveillance society is to create a “transparent society,” wherein everyone has data and dirt on everyone else, and we can use the power of the information at our hands to balance the scales. There’s a lot of truth to this–many a random news item has blossomed into a major scandal with lasting consequences due to the hard work of ordinary citizens trawling through endless documents, Web pages, and transcripts to make sense of seemingly unconnected bits of information. Just ask the wonderful folks at POGO, or the Sunlight Foundation, or TPM Muckraker.

But this philosophy doesn’t fully account for what security wizard Bruce Schneier has analysed as asymmetric power relationships–where the control is high and the liberty is low. When the cop, or the Federal agent, or the lawyer, has all the documents and you in a locked room, where is the ability to fight back?

And even if we exercise incredible naivete and claim that all of this surveillance is useful and necessary, what safeguards do we have in place when employees–humans, the eternal weak link–misuse their access to this information for petty purposes? All it takes is one disgruntled employee and you’ve got a data breach, security leak, or other information catastrophe on your hands.

We need to exercise more control over the everyday use of our data. We need to delete our cookies from any Web browser we use, shred unwanted junk mail, and freeze access to our credit unless we need it. We need stronger oversight of any company, agency, or entity that is in the information trade, whether it’s a data reseller like ChoicePoint or a social network like Facebook. We need stronger laws governing data breaches and harsher penalties for any entity that doesn’t secure access to data. We need greater transparency of every surveillance operation taking place in the United States that enables us to know what’s going on without compromising the ability to gather intelligence. Most of all, we need an end to unchecked, uncontrolled data mining and warrantless wiretapping that makes a mockery of our country’s founding principles and reduces us all to potential criminals–or worse, “data shadows,” entities defined solely as amalgamations of information that can be collected, sold, resold, and bartered as a potential terrorist threat or shopping goldmine.

When all you are becomes defined as the amount of information traceable to you, what are we then? What have we become, in a world where there is no separation, no door, no filter beyond which we can say, “No. This is my personal space. Not yours. Here I am alone with my thoughts and free of any outside influence or control. This, you cannot have.”

I don’t know, but I don’t want to find out.

3 replies »

  1. Pingback:
  2. What we need is a Constitutional amendment that makes explicit the individual’s right to privacy – a barrier against unwarranted government AND corporate intrusion.

    If I were a Congressweasel, gods forbid, I’d get to work on that on Day 1.

  3. Martin – a couple of things to consider:

    a) The banking transactions of all politicians are monitored closely as a matter of course by banks, as required by federal law. This is a law-enforcement tool to catch corrupt politicians, and so it’s questionable if it qualifies as a wiretap or even an invasion of privacy. And even if it does, the question you have to ask yourself is whether a public figure like a Governor deserves the same right to privacy as a private citizen. IMO, no, although they should have more right to privacy than they do at present.

    b) The federal IRS wiretap you talk about could very easily have been granted by a standard, good-old-fashioned federal judge, just like any judge will grant a warrant when there’s evidence of a possible crime being committed. In this case, Spitzer’s bank records gave the banking transaction monitoring software pause, and it was sent up to the IRS, which decided that there was ample enough evidence of illegal activities for a wiretap.

    I realize that the Spitzer situation was just your jumping off point for the rest of your post, but I wanted to make sure that you, and all our readers, understand that the situation with Spitzer is somewhat more nuanced than you implied.