Paper Says Public Doesn't Know How To Keep Score In Privacy Discussion While Glossing Over Government Surveillance

from the noting-the-obvious-while-ignoring-the-elephant-bugging-the-room dept

Lawfare — a blog primarily devoted defending the practices of spy agencies — has released a paper authored by Benjamin Wittes and Jodie Liu that theorizes that the public’s concern over privacy encroachments are — if not overblown — then failing to properly factor in the privacy “gains” they’ve obtained over the past several years.

The theory is solid, but the paper fails to differentiate between what sort of privacy losses people find acceptable and which ones they don’t — mainly by leaving privacy invasions by government entities almost completely undiscussed. It opens by quoting a scene from an old Woody Allen film in which the protagonist attempts to “hide” his purchase of porn at a magazine stand by purchasing several unrelated (and presumably uninteresting) magazines at the same time. This leads to the conclusion that people’s ability to enjoy porn in private has risen with the advent of the internet, while simultaneously opening them up to data harvesters and internet companies less interested in personal privacy than selling users to advertisers.

True enough, but there’s a big difference between exposing that information to the Googles of the world, rather than the surveillance agencies of the world. On one hand, Google and its competitors provide something in exchange for the privacy loss — tailored ads, relevant search results, email, document creation platforms, etc. And there are still those — a steadily-growing minority — that realize Google’s privacy invasions are often inseparable from the government’s privacy invasions (via court orders, subpoenas and NSLs) and work hard to keep their personal information away from both. What the government offers in exchange for access to much of the same info is intangible: “security.” While one might recognize the value of the first exchange, it’s harder to sell the latter tradeoff, especially since intelligence agencies are much, much better at scooping up information than they are at disseminating it.

A huge amount of technological development follows this basic pattern. Google and Microsoft and Yahoo! enable you to search for information privately—with data collection by the companies and possible retrieval by other actors as a consequence. Amazon lets you buy all sorts of products with nobody the wiser—but with your purchase history stored and mined for patterns.

Your smartphone lets you put all this capability in your pocket and take it with you— and thus also lets you use it more and record your location along the way. That information too is then subject to retrieval. Facebook allows you to identify discrete groups of people with whom you want to share material—yet it stores your actions for processing and retrieval as you go. In our mental tabulation of gain and loss, we tend to count only one side of the ledger, pocketing what we have won as though it were of no privacy value while bemoaning what we have given up.

Even more mischievously, when we do acknowledge the gains, we tend to redefine them as gains in something other than privacy. We define them, most commonly, as mere convenience or efficiency gains—a dismissive description that implies we have won something inconsequential or time-saving while giving up something profound. But the construction leaves us with a distorted and altogether-too-bleak outlook on technology’s impact on our lives. Yes, technology involves gains in convenience and efficiency, but those are not the only gains.

To reiterate, we do not argue here that technology is necessarily privacy-enhancing in the aggregate, or that technology does not erode privacy. Rather, our general point is that the interaction between technology and privacy is less clear-cut than the debate commonly acknowledges, that we don’t keep score well, and that the actual privacy scorecard is a murky one.

The paper does make the solid argument that technology has resulted in greater individual privacy — provided it’s measured on the scale the paper’s authors present. In one example, the authors point to a teen’s desire to discuss a sexual or health issue as being more “private” because of access to medical websites and forums where information can be obtained with relative anonymity — something a doctor’s office can’t completely provide.

But medical records are private information, governed by a specific set of laws. If anything, the online search is less private because these websites are not subject to patient privacy laws. Someone inquiring about a teen’s visit to a health clinic would be frozen out, but any number of entities can access web-related information without facing similar statutory roadblocks.

While there are some good points made, the paper is undermined by the authors’ insistence that Americans just don’t know how to properly balance their privacy concerns. The implication — given author Benjamin Wittes’ frequent defense of government surveillance — is that if the public can’t weigh privacy gains and losses correctly in the context of private corporations, it certainly can’t be expected to make informed decisions when it comes to government surveillance. And it’s true that most citizens aren’t likely to rigorously examine their fears of privacy erosion.

The paper does very little to compare privacy “violations” by internet entities to government surveillance programs, choosing instead to focus almost entirely on the tradeoffs made by people who hand over a certain amount of personal info for the privilege of watching porn or googling STD symptoms without having to involve another living, breathing person. It’s presented as being in favor of a “more rigorous balance sheet” when it comes to personal privacy, but then fails to closely examine government surveillance concerns. There’s another tradeoff being performed here — without the input of those surveilled and who receive almost nothing tangible in exchange for the privacy erosion. Because of this, there’s little comparison between the Googles and the NSAs of the world.

You don’t hand a government the tools of totalitarianism and a long leash and simply assume it will end well. Google, et al may be similarly close-fisted when it comes to producing specifics on the use of personal data, but they also don’t bear the same obligation to the American public that the US government does. Even if Google is more intrusive than the NSA, it still is only one of many platform providers and there are options (admittedly not many and not easily achieved) for avoiding its data-gathering efforts. The government provides no such options, other than forgoing the use of phones, the internet, etc.

I think the paper does add to the discussion of privacy gains and losses, but the authors’ unwillingness to honestly approach government surveillance efforts in the same context blunts its impact. It quotes privacy advocates like the ACLU and EFF on the subject of data harvesting by private companies, but doesn’t address the similar concerns they’ve raised about the erosion of privacy by government actions.

There’s an attempt being made here to paint the government as no worse (and possibly even better) than private companies’ data harvesting efforts, albeit by way of omission rather than by comparison. It’s disingenuous to depict the public as ignorant of their privacy “gains” against the domestic surveillance backdrop, while omitting any mention of similar privacy erosions at the hand government intelligence agencies. Wittes opens his post on the paper by claiming American and European privacy debates “keep score very badly” and then points to a paper that leaves key parties in the privacy debate almost wholly unmentioned. I’m all for an open discussion about privacy gains and losses, but a paper that focuses solely on interactions with private companies — while claiming the public can’t keep score — isn’t much of an addition to the debate.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Paper Says Public Doesn't Know How To Keep Score In Privacy Discussion While Glossing Over Government Surveillance”

Subscribe: RSS Leave a comment
That One Guy (profile) says:

Tiny little difference

There’s an attempt being made here to paint the government as no worse (and possibly even better) than private companies’ data harvesting efforts, albeit by way of omission rather than by comparison.

Notably omitted by any that try and spin government data harvesting as no different than corporate data harvesting: Corporations can’t jail or kill you based upon the data they gather, nor can they add you to lists capable of seriously screwing with your life in various ways.

If a company like Amazon draws the wrong conclusions based upon your buying and/or browsing history, the most you’re likely to deal with is some ads for stuff you have no interest in. If the government draws the wrong conclusion from the data they grab, you’re likely to be looking at much worse repercussions as a result.

beltorak (profile) says:

Re: The Snowden-Hayden Gap

In the words of Edward Snowden: Twitter doesn’t put warheads on foreheads. In the words of Michael Hayden: We kill people based on metadata.

It’s monumentally stupid, disingenuous, or both, to compare or contrast corporate surveillance and government surveillance without acknowledging this very important point.

Once you acknowledge it, you have to contend with the fact that the government has the power (even if it doesn’t have the right) to bridge the Snowden-Hayden Gap, coopting corporate surveillance for its own ends.

Anonymous Coward says:

Re: Tiny little difference

“Corporations can’t jail or kill you based upon the data they gather, nor can they add you to lists capable of seriously screwing with your life in various ways. “

They do it anyway, and there are those who would make it legal.

B3Z5R says:

‘…people’s ability to enjoy porn in private has risen with the advent of the internet,’

Only if you ignore the fingerprinting and time stamping and commercial distribution (and government theft) of every minute detail of it. What they are talking about is only the most superficial illusion of privacy.

‘…the interaction between technology and privacy is less clear-cut than the debate commonly acknowledges, that we don’t keep score well, and that the actual privacy scorecard is a murky one.’

Insofar as it is murky it is because “our” government and their private sector funders/partners are committed to concealing every aspect of their illegal and/or illegitimate spying from us. How can informed consent to data collection exist when there is no requirement for explication of what they are doing? Reading “we use cookies” does not form a basis for informed consent.

The problem is that corruption is so normalized, and government deceit so universal, that no one even feels motivated to talk about the obvious link between Google political “donations” and the failure of government to pass privacy and security enhancing laws. It just seems pointless. Washington is already owned by someone else. It is a lost cause.

Anonymous Coward says:

(government) as no worse (than commercial surveillance)

I would tend to agree with that, EXCEPT in the case of FISC, which is corrosive to the separation of powers.

One must account for the cumulative effect on individual sovereignty, AND on state sovereignty, not just the amount or nature of the data collected, or the number of law enforcement actions.

It is not so much government surveillance that’s a problem as the notion that it should be legal. They WILL do it, however the courts are obliged to preserve the rule of law even WHEN they do it.

It isn’t important that FISC exists. It is important that all the other courts have been weakened by failing to denounce the jurisdiction FISC presumes itself to have. The rule of law itself is what is threatened, and that has many ancillary effects.

Certainly commercial surveillance is just as (and likely more) corrosive to the general welfare, but in fewer ways corrosive to the law.

There a range of influence that spans from just making somebody aware of something, to systematic brainwashing. Traditionally the view has been that physical coercion was the distinguishing point between ethically acceptable influence and ethically unacceptable influence.

The amount of psychological leverage in the commercial sector currently being applied, draws into question where that line is today.

Anonymous Coward says:

It's not about "Security"

I’m constantly amused by the effort to which their defenders will go to avoid discussion of domestic mass surveillance in any other context than “security.” They use a propaganda technique called “framing” in a flailing attempt to control the narrative. Despite any compelling evidence to support their claims of enhanced security, they fearmonger onward, uninhibited by a conflicting reality, fully expecting that we wet ourselves and beg them to “protect” us no matter the cost to our democracy/civil liberties.

So let’s pretend for a moment that they will use domestic mass surveillance to protect us. Okay fine. But where’s their discussion as to what else they could use it for? Here’s some very probable democracy crushing uses that come to mind:

~ Political Blackmail
~ Disrupting Positive Social Change/Activists
~ Corporate Espionage
~ …and/or to be used against anyone who’s interests (e.g., political, financial, legal, personal) are in opposition to those who are in control of all our data.

I’m infinitely more concerned with those inevitable abuses than “security” from any drug-dealer/terrorist/pedophile/FUD-de-jour.

Propaganda Tool #4 – Framing:
In the public arena – particularly in current events and politics – Framing essentially means that through repetition, officials communicate talking points designed to enforce contextual boarders of discussion of a particular topic or event in an attempt to influence public perception – or even which topics/events the public perceive to exist at all.

Mason Wheeler (profile) says:

Re: Re: Re:

Even from a “helpful to consumers” perspective, tailored ads still fail. In my experience, tailored ads tend to show up in my browser one of two ways:

1) It’s something I was looking at recently, but decided not to buy. Bombarding me with advertisement about something I decided not to buy going to annoy me, which is not a good way to make me decide to buy it. Or…

2) It’s something I did buy recently. In this case, I already bought it, so why are you advertising it at me?!? Most of the time it’s not something I’ll need another one of anytime soon, if ever.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...