Database Nation: Privacy now!

Article 12
'No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks'. - Universal Declaration of Human Rights, United Nations, G.A. res. 217A (III), U.N. Doc A/810 at 71 (1948).

The campaign against liberty, identity and autonomy in the twenty-first century is being carried out around the world, but nowhere are the attacks more evident than in the United States. It's a campaign that is being pursued, hand in hand, by government, businesses, and ordinary citizens. We are all guilty. Privacy is suffering the death of a thousand cuts.

Free societies turn their backs on privacy at their own risk, for privacy is one of the fundamental rights from which all other human rights are derived.

Our right to have private thoughts or conversations is threatened by governments, marketers, and the relentless instrumentation of our planet. Our personal histories are being laid open by insurance companies. Our thoughts may one day be stimulated, or at least stolen, by advanced computers. It is difficult to look at any segment of the economy and not find new, aggressive violations of individual privacy.

I met an undergraduate from the Massachusetts Institute of Technology at a conference once. He told me, in all sincerity, that technology is 'privacy neutral'. "Technology can be used to invade privacy, or it can be used to protect privacy," he said.

The MIT undergraduate reminded me a lot of myself: I had said much the same thing when I was an undergraduate at the Institute. This "technology is neutral" argument is a very comforting idea for people who are being trained to work with the world's most advanced technology. "Technology isn't a problem," we like to think. "It's the way people use technology that's a problem!"

"Technology is neutral," is a comforting idea, but it's wrong. History is replete with the dehumanising effects of technology. Although it's possible to use technology to protect or enhance privacy, the tendency of technological advances is to do the reverse. It is harder, and frequently more expensive, to build devices and construct services that protect people's privacy than to destroy it.

Legislation and regulation may be one of the best techniques for protecting privacy in the twenty-first century, just as laws and regulations proved to be the only effective way to protect the environment in the twentieth century. Without government protection for the privacy rights of individuals, it is simply too easy and too profitable for business to act in a manner that's counter to our interests.

Governments can make a very positive difference on the privacy front. At the very least, governments can alter the development of technology that affects privacy. They have done so in Europe. Consider this: a growing number of businesses in Europe are offering free telephone calls - provided that the caller first listens to a brief advertisement. The services save consumers money, even if it does expose them to a subtle form of brainwashing. But not all of these services are equal. In Sweden, both the caller and the person being called are forced to listen to the advertisement, and new advertisements are played during the phone cal itself. But in Italy, that country's privacy ombudsman ruled only that the caller, and not the person being called, could be forced to listen to the ads.

Consent is the bedrock of modern law. To give consent, a person must be of sufficient age and mentally sound; a person who is drunk or otherwise incapacitated, for example, cannot give legal consent. Perhaps most importantly, a person needs to be properly informed as to what they are giving consent about.

Consent has been turned into a cruel joke. Medical providers and insurance companies require patients to sign consent forms that basically say, "I give my consent for you to do whatever you want with my information, and do it forever." These forms are often signed under duress - for example, in an emergency room. In the supermarket, shoppers sign consent forms to participate in discount programs, without a full understanding of what the store is doing with the record of their purchases.

Consent is a great idea, in practice, but the laws that govern consent needs to be rewritten to limit what kinds of agreements can be made with customers. Consent should be more of a two-way street, with the organizations that are demanding consent making the terms and conditions exceedingly clear. Blanket, perpetual consent should be outlawed.

Privacy is indeed at a crossroads. Today, it is all too easy to imagine a world in which our digital autonomy has been stripped away, a world where our actions are monitored, our secrets known, and our choices are therefore circumscribed. It is a world in which I do not want to live. But the only way that we can avoid the dystopian future is by acting today and tomorrow to bring about a different future.

Instead of creating a database nation, we must change out thinking, our laws, and our society. We must create a future of freedom that honours personal autonomy and respects personal privacy. And we must start now.

** Database Nation by Simson Garfinkel is available in bookshops now, or from http://www.oreilly.com .