As Congress debates whether to expand the executive branch's eavesdropping powers and immunize the telecom industry for illegally sharing customer information with the government, a senior Bush administration official, Donald Kerr, says that we need a new definition of privacy.
He says the old definition revolved around a right to anonymity, and that in our increasingly wired world anonymity is becoming increasingly difficult. Therefore, he said, we should accept a new definition of privacy in which we just accept that "government and businesses" have access to private data on us, and we focus on holding those institutions accountable for not misusing it. But as my colleague Jim Harper points out privacy has never meant anonymity.
Rather, privacy is about having control over what information you divulge, and to whom. It's true, as Kerr notes, that Google and Facebook have a lot of private information about us. But the important point is that they only have the information that we have voluntarily chosen to give them. If those companies violate our trust, we can switch to Yahoo, MySpace, or numerous other search engines and social networking sites that will be more respectful of our data. Or we can prevent our information from being collected in the first place, for example by using software to block Google's web cookies or by not signing up for Facebook at all. The government is different. You don't know when you're being spied on, what information is being collected, and what's being done with it, and you certainly
don't have the option to opt out if it makes you uncomfortable. That's why there needs to be much stricter regulation of government data-collection than information collected by the private sector.
Kerr argues that it's sufficient that government officials are subject to stiff fines and even jail time for misusing peoples' private information. Yet this is the same administration pushing to exempt AT&T and Verizon from liability for violating the privacy laws already on the books. And this spring, the Inspector General found that the FBI had issued hundreds of "improper" (read: "illegal") letters demanding private customer data without a warrant. As far as I know, no one at the FBI has been indicted for these breaches of the law. So if the administration is breaking the laws already on the books without facing any penalties, what reason is there to think that the threat of criminal penalties will be sufficient to make future administrations behave themselves? Moreover, as Julian pointed out last week, if the eavesdropping program is kept secret from its targets, and if telecom companies are also given immunity, there will be no one to object if the government starts misusing your data. The only way to ensure the law is followed is by requiring that an impartial judge review each wiretapping request before it begins.