Law in the Internet Society

Is the current status of Privacy an ecological disaster?

-- By LiranNacker - 15 Dec 2016

Introduction

Privacy is typically viewed as a transactional good with a transactional nature. Whether this practice in which people contract away their personal information is viewed as welcome or inherently dysfunctional, there can be little doubt that we are complicit in allowing it to occur. Viewing Privacy through “ecological glasses” might put the problem into greater focus and provide a far more useful perspective in which to examine it.

Is Privacy a Public Resource?

Professor Moglen argues in a 2014 article in The Guardian, that we have misunderstood the nature of privacy, stressing that private surveillance that came into existence through the forces of the free market, has turned into an “ecological disaster”. He further argues that “privacy is about our social environment, not about isolated transactions we individually make with others”. Under this framing, as he further demonstrates, when individuals make a “personal decision” to contract away their privacy, they are also contracting away the privacy of others that they correspond and interact with – and therefore derogate from the right as a whole.

In keeping with this view, if we have misunderstood the nature of Privacy, if we have mistakenly viewed Privacy as a transactional good between two parties rather than a “public resource” in the sense that the choice of the individual affects the right of many – then really what we have here is a crisis that is not being dealt with in the proper manner or with the proper tools, or in other words: an ecological disaster without an EPA.

Disaster management

In keeping with our view of Privacy as being transactional, we have been focusing on regulating the transaction – that is, on the kind of consent required for collection of data, on what constitutes informed consent and on how the collecting company may use the data. Consequently, in some territories the party contracting away his or her privacy is required to opt-in before information can be collected; in others, full disclosure by companies in their Terms of Service of how data is collected and shared is required, and users must have the option to opt-out. In the US, Laws have been carefully crafted to protect certain kinds of data such as HIPAA for health privacy; FCRA and GLBA for financial data; FERPA for academic records; and consumer data is protected from deceptive and unfair practices through Section 5 of the FTC Act. The user in the EU has a “right to be forgotten”, and EU data protection requirements limits the transferring of personal data outside the EU. But what is the relevance of this progress in the frame of Privacy as an ecological issue? What does it mean in the context of the claim that some personal information should not and cannot be contracted away?

If Privacy is an ecological matter then, from the outset, it requires some form of paternalism regarding dos and don'ts, agreed upon standards of liability and perhaps global uniformity on several matters. If we are applying standards for protection of environmental resources to Privacy, this approach empowers legislators to hold “polluters” accountable for their actions, and encourages legislators to take a more paternalistic approach on certain matters. For example, based on the model of environmental legislation, it would be easier to regulate the input of health metrics or (irreplaceable) biometric identifiers, such as fingerprints, retina and facial prints to the Net – identifiers that appear to play a critical role in strengthening security of digital payments in the move towards “going-cash-less”.

Why time is of the essence

If Privacy is a public resource, then it is resource at immediate risk of massive pollution. It is only a matter of time before we have succeeded in connecting the rest of the world to the Net, and surrounding mankind with mobile and wearable tech, IoT? devices and drones. Despite the obvious benefits, these achievements are “mass polluters” that raise fateful questions about our politics with respect to privacy: information we are allowed to contract away vs what not; fair value of the information contracted; rules of accountability; and corporate use and sharing of the information collected.

Too MUCH too late?

It may be too late for a change of heart. For years, both companies and consumers have benefited from the approach to Privacy as a transactional good. Companies operating in the free market within the boundaries of the law, have provided consumers with free services, in exchange for collecting online behavior and subjecting consumers to ads. Consumers, most of whom are totally incapable of understanding the potential consequences of their actions, have conveniently bought into the thinking that what they get in return for their information is far more valuable than any information that they provided. However, if Privacy is a “social environment”, then the legal framework of environmental laws must apply here as well. In the same way that we have gradually succeeded in fighting climate change, air pollution by factories and even intervened in the sale of tobacco and cigarettes and restricted their use in public spaces – online users can be educated to better understand the importance of their Privacy; companies can benefit from business models that are consistent around the world, as well as from growing trust by their users; and both players could benefit from a world in which aspects of privacy are commercialized according to their real market value.

Conclusion

If privacy is really a matter of “social environment”, as Professor Moglen argues, then its current status is a disaster of an “ecological” kind – requiring legislators to rethink the way we view and protect the right to privacy. If we have misunderstood the nature of privacy all along, we owe it to the next generation, who will be born into the consequences of this untreated ecological disaster, to open a serious debate, at this critical technological turning point, on the transactional nature of privacy and establish a set of clear ethical and legal standards for regulating it.

Rather than piling up "ifs," an improved draft could just begin from the assumption of ecological rather than transactional analysis. Then the elements posed here as conclusions (social standards of care, damages rules based on broader harms, state power to abate dangerous and acute nuisances) would be jumping-off points rather than tentative conclusions. A real effort to design environmental systems of legislation---with their effort to require impact assessment before conducting development and reviewable decision-making in the development and use of common resources---with respect to social information flows and behavior collection, could then occupy the bulk of the space in that draft, which might be immensely productive.

Navigation

Webs Webs

r2 - 12 Feb 2017 - 21:21:17 - EbenMoglen
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM