The Internet of Us (14 page)

Following what he took as the main point of Warren and Brandeis, Bloustein grounded the right of informational privacy on the intrinsic value of human individuality. The connection was what he called “personal freedom”:

The fundamental fact is that our Western culture defines individuality as including the right to be free from certain types of intrusions. This measure of personal isolation and personal control over the doctrines of its abandonment is
of the very essence of personal freedom and dignity, is part of what our culture means by these concepts.
¹¹

Let's unpack this thought. Philosophers have traditionally distinguished freedom of choice or action from what we might call the autonomy of decision. To see the difference, think about impulse buying. You may “freely” click on the Buy button in the heat of the moment—indeed, corporations count on it—without that decision reflecting what really matters to you in the long run. Decisions like that might be “free” but they are not fully autonomous. Someone who makes a fully autonomous decision, in contrast, is committed to that decision; she owns it. Were she to reflect on the matter, she would endorse the decision as reflecting her deepest values.

Totally autonomous decisions are no doubt extremely rare; indeed, philosophers have long questioned whether they are possible at all. But it is clear that we value autonomy of decision, even if we can only approximate the ideal. That's because autonomy of decision is part of what it is to be a fully mature person. And that, I believe, tells us something about why privacy matters. It matters, at least in part, because information privacy is linked to autonomy, and thereby an important feature of personhood itself.

There are two ways to infringe on a person's autonomy of decision. The most obvious way is by
overruling
the decision, either by direct compulsion (I point a gun at your head) or by indirectly controlling your values and commitments (I brainwash you). A subtler way of infringing on your autonomy is to
undermine
it. Suppose a doctor makes the decision to give you a
drug without asking your permission. Nobody has made you decide to do something. But your autonomy has been undermined nonetheless, and for an obvious reason: your decision has been foreclosed. You are not in a position to make the decision. It has been made for you.

Apply this to privacy. One mark of information privacy is control; that is, you have at least some
control over how and to whom you share those aspects of your self
. So consider a limit case. If you have a condition that compels you to say out loud every thought that comes into your head—whether you like it or not—your autonomy of decision has been overruled. You are at the mercy of your condition.

But privacy invasions generally don't harm autonomy in this way. They don't overrule privacy. They undermine it. Suppose, to take a more old-fashioned example, that I break into your house and read your diary over and over again, every day. Suppose further that I make copies for my friends. Even if, again, you never learn of this, I am harming you in a new way—by undermining your capacity to control your private information. Whether you know it or not, that capacity is diminished. You may
think
you have the autonomy to decide whether to share your diary or not. But in fact, you are not in a
position
to make the decision; I've made that decision for you. Your autonomy of decision has been undermined.

As noted above, part of what makes your individual mind
your
mind is that you have a degree of privileged access to your mental states. And that includes, crucially, the ability to control access to the content of those thoughts and feelings—to choose whether and when you share this information with others. Part
of the reason we value having this control is because it is a necessary condition for being in a position to make autonomous decisions, for our ability to determine who and what we are as persons.

It is here we see the danger inherent in systematic and sweeping collection by the government of the private information of citizens who have neither been charged with nor
suspected of a crime. Such intrusions on information privacy—
whether or not that information is acted upon or whether the
intrusion is known—undermine not only dignity but, depending on how systematic the intrusions turn out to be, your actual capacity to control how and what information you share with others. The harm to your autonomy of decision becomes more global.

The systemic nature of the invasion therefore matters. Again, this point can be made starkly by looking back at our telepathic case, where I read your mind without your consent. Suppose it happens only once. Obviously, if I act on this knowledge in order to manipulate and control you, then I may directly harm your autonomy. And the risk of this happening may be great enough to prevent me from being tempted to use my power. Moreover, as I've been emphasizing, it shows a lack of respect for your status as a person, an autonomous being. But if I only read your mind—or your diary—once (and do nothing with the data), then presumably your autonomy itself is not affected. You don't become less in control of your self or face a diminished capacity of any sort.

Now let's suppose this happens again and again over time, in an organized way. From my perspective—the perspective of the knower—your existence as a distinct person will begin to shrink.
Our relationship will be so lopsided that I may well cease to regard you as a full subject, as a master of your own destiny. As I learn what reactions you have to stimuli, why you do what you do, you may become like any other object to be manipulated
even if I do not, in fact, manipulate you.
You may be, as we say, dehumanized in my eyes. The connection between a loss of privacy and dehumanization is a well-known and ancient fact, and one which we don't need to appeal to science fiction to illustrate. It is employed the world over in every prison and detention camp. It is at the root of interrogation techniques that begin by stripping people literally and figuratively of everything they own.

The connection between autonomy and privacy may sound surprising to some. After all, one could say: we are in fact willing to trade away our privacy as never before, precisely for the purpose of
increasing
autonomy. Our willingness—the thought goes—to trade privacy for security is just one example of this phenomenon. Another is our near total passivity when it comes to the trading of our data for profit by private corporations. We want more autonomy and they are providing it, by giving us convenience. Indeed, that's precisely the business model of corporations like Facebook or Amazon—to maximize convenience and anticipate our needs. Thus, one might say, it is not surprising that we click past all the privacy policies on the Web because we want the choices, the convenience—the autonomy—that only the playground of the infosphere can bring. Privacy suffers, but autonomy increases.

This argument, however, gets things the wrong way around. When we systematically collect private data about someone, we implicitly adopt what the philosopher Peter Strawson called
the “objective” or detached attitude toward her.
¹²
We see her as something to be manipulated or controlled—even if, in fact, we never get around to the actual manipulating or controlling. Where privacy is limited in the detention camp or prison, the adoption of this attitude toward the inmate is of course explicit. It is an intrinsic feature of the enterprise and it is intuitively felt as such by those detained. Crucially, however, it remains implicit in more subtle invasions of privacy. In some cases, this is unsurprising. When a business sells or otherwise profits from your private information—your Web searches, for example, or email address—it intentionally treats you as an object: an object of profit. Indeed, the nominal idea behind the privacy policies none of us read is to inform us of how our information will be used. They are a nod to our status as autonomous beings.

In truth, however, the Internet of Us is making privacy policies moot. When almost every object we interact with is wired, it becomes useless to assume that we consent to the mining of the data trail attached to our use of that object. That's because we simply have no way of being able to anticipate how the data being extracted from our refrigerators, for example, might be used in the future—by a company or by a government. Once the data is out there, it is out there. Any illusion we might have had about controlling or owning it gradually disappears. As Sue Halpern, an astute observer of the digital age, remarks: “The Internet of Things creates the perfect conditions to bolster and expand the surveillance state. In the world of the Internet of Things, your car, your heating system, your refrigerator, your fitness apps, your credit card, your television set, your window
shades, your scale, your medications, your camera, your heart rate monitor, your electric toothbrush, and your washing machine—to say nothing of your phone—generate a continuous stream of data that resides largely out of reach of the individual but not of those willing to pay for it or in other ways commandeer it.”
¹³

Earlier I noted there are two marks to information privacy: control and protection. Control over our information may be increasingly under threat by the Internet of Things. But that only makes concentrating on restricting and regulating information flow all the more important. The Internet of Things is enlarging the pool of data and information available for future use; that's why we need more fencing. We need the fences of regulations not only because they help prevent abuses, but because the pool threatens our autonomy.

There is another point here as well. Surveillance treats us as means, not as ends. And that is another reason the incidental collection of our data should worry us. A government that sees its citizens' private information as subject to tracking and collection has implicitly adopted a stance toward those citizens inconsistent with the respect due to their inherent dignity as autonomous individuals. It has begun to see them not as persons but as objects to be understood and controlled. That attitude is inconsistent with the demands of democracy itself.

Transparency and Power

Invasions of privacy aren't always wrong. If they were, we wouldn't have to spend so much time talking about the issue. My
point is that they are always
pro tanto
wrong, as the legal scholars say. They are wrong—but wrong other things being equal.

Invasions of privacy can therefore be justified in the overall context. Searches of people's homes are judged “warranted” (that is, justified) for all sorts of reasons by the courts, as are surveillance operations of criminal suspects. Or consider the case of metal detectors and full body scanners at airports. The latter were (and still are) controversial on privacy grounds; moreover, more than one person argued that the scanner violated their dignity. But while scans like this can make you uncomfortable, this sort of directed, publicly known invasion of one's privacy is not equivalent to the systematic program of incidental collection and meta-analysis of phone call data practiced by the NSA. That's because full body scans are given to commercial airplane passengers for a very specific reason: to detect whether they have a concealed weapon or explosives. This reason is well understood—or should be—by those given the scans. It is, in fact, a classic case of trading privacy for more security. It is a trade that may be justified, all things considered. Airport body scans are not stored indefinitely and open to the scrutiny of security agencies. They are made, examined, and eliminated. And they aren't being done secretly either. A better analogy would be this: secret scanners are set up so scans are taken of every person in his or her home. No one is told about the scans. They are stored indefinitely, and a wide range of agencies can examine them without a warrant. Still think that would be justified?

The possible negative consequences of losses of privacy in the digital age suggest that we must prepare for the worst even as we hope for the best. Think again of the swimming pool example.
We need fences around our digital pools of information too. That's why, for example, some of the steps recently proposed by the Obama administration—to strengthen the FISA court's powers, and to limit some of the NSA's surveillance programs—are at least steps in the right direction.
¹⁴

No one denies that governments naturally diminish our autonomy in all sorts of ways. Just participating in a government, as Hobbes stressed, is a trade-off. But the point I've been making in this chapter is that there is something different in the case of
systematic, unknown
invasions of privacy. By invading our privacy without our knowledge, governments are making invisible decisions for the citizenry as a whole. That's not the same as restricting autonomy by asking people to go through a scanner at the airport. That's power visible to all, applied to all. Nor is it like wiretapping a particular citizen whom the courts have decided is a potential danger. Rather, these systematic, unknown invasions of privacy treat the citizenry as a whole in an unhealthy way. We are being regarded as unworthy of making up our own minds, whether we know it or not. That is an attitude that is corrosive of democracy, one made all the more corrosive by not being visible.

These reflections also give the lie to the idea that privacy of information is a modern creation. It is not. The source of privacy's value is deeper, lying at the intersection of autonomy and personhood itself. That is why privacy still matters. We are wise not to forget that, even as we trade it away.

Knowledge may be transparent, but power rarely is.

6