The Privacy Paradox

Paradox_HeaderEver since the Edward Snowden revelations began last spring, the problem of privacy has become big business, possibly eclipsing Big Data for space in the technology feeds.  Almost daily, one or more articles opining on the issue crosses my inbox.  Some of these are thoughtful and relevant while others are irrational and useless.  The point is that Privacy is on everyone’s mind these days.  The concern is global and may well become the top moral and ethical question of this century.

Part of the problem of privacy is the definition of the word. Let us consult my trusty unabridged English dictionary (Copyright © 1987 by Random House, Inc.).  Privacy: noun 1. the state of being private.  2. the state of being free from intrusions or disturbance in one’s private life or affairs.  This does not help much, does it?  Even as a public understanding of the word, the meaning is pretty vague.  (NOTE:  See Dialectic for my definitions of public and guild meanings.) Looking up the base word adds little.  Private:  adjective 1. belonging to some particular person 2. pertaining to or affecting a particular person or a small group of persons 3. confined to or intended only for the persons immediately concerned 4. personal and not publically expressed 5. not holding public office or employment 6. not of an official or public character 7. removed from or out of public view or knowledge 8. etc.  Even the derivation is unhelpful.  L privatus private.

But even though the official definition of the English word is fraught with vagueness, we all have some shared understanding and belief about what it means.  For purposes of this essay, I will take the following definition as our axiom.

Axiom1I cobbled this definition together from ideas in several recent articles on the topic.  However, in order to be able to use it as an axiom, we should first examine some of the key assumptions it contains.  These include:

  • Generally understood:  This assumes that most cultures recognize some form of human rights for all people.  This definition does not stand where such is not the case.
  • Some data:  This assumes that there are data about us that we cannot reasonably expect to be private by this definition.
  • Data:  By data I mean raw facts without context, as well as contextualized facts (information).
  • Personal lives:  It is not reasonable to assume that any aspect of our lives outside of our immediate sphere of influence (essentially, anything that touches another human being directly) can be totally private.
  • Accessed forcibly:  We can realistically expect these data not to be forcibly accessed in a reasonably free and/or democratic society.
  • Or surreptitiously:  In theory this should be the same as the last point, right?
  • Just cause:  This depends on the laws, customs, and social mores of the specific society involved.

As you can see, in highlighting a few assumptions, we have taken a definition with indistinct edges and blurred them further just by looking more closely. If we were to poke at the word “surreptitiously” a bit further, things would go even more out of focus.  It is a slippery word in and of itself, and how businesses and governments collect information about us without our tangible awareness (and explicit consent) is almost infinite in its variation.

So given that we are working with an unclear and nearly indefinable concept from the start, how does one go about proposing reasonable public policy to govern privacy in the age of electronic information? My thesis is that we cannot, at least in the short term.  For purposes of this essay, let us consider this question purely from the standpoint of the United States of America since it was revelations of that country’s espionage that reshaped this debate.  Surprisingly, using the Constitution of the United States as a starting point is little help.  It is challenging not only because all relevant language in both that document and the twenty-seven amendments was written before the inception of the Internet, but also because the language is contradictory.  The Constitution specifically makes provision to provide for the common defense in the form of “calling forth the Militia to execute the Laws of the Union, suppress Insurrections and repel Invasions.” These are words written more than two hundred years ago and consequently bring us back to creating contemporary definitions of words such as Militia and Invasions.

In direct conflict with this provision stands the Fourth Amendment.  This states:  The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.  Again, the language is archaic and does not address electronic information directly.  Clearly, though, the US Government (through the NSA) believes that its present-day interpretation of the common defense provision trumps the Fourth Amendment, and has surreptitiously equipped itself to support that position (e.g., the United States Foreign Intelligence Surveillance Court, established by the Foreign Intelligence Surveillance Act of 1978 or FISA).

Therein lies the paradox of privacy.  In order for the U.S. Government to protect its citizens from the forces that putatively would take away those rights to privacy, it must itself violate those rights – or so it would seem.  On the surface, that violation is reasonably benign insofar as the information being collected is considered meta data (data about data) rather than content.  Or is it?  First of all, the government justifies its right to collect telephone metadata with impunity because of a controversial 1979 Supreme Court ruling (Smith v. Maryland) invoking the “third party doctrine,” meaning that when we dial the telephone, we are willingly giving up these data to the phone company which, in effect, revokes any reasonable right to privacy.  The ruling implies that the Fourth Amendment protects only the content of the phone call.  But because the Federal Government has collected the call metadata in bulk, call patterns can reveal scenarios that may or may not be what they seem.

Bear in mind, though, that the same principal (and paradox) applies to Internet service providers and online retailers.  We willingly allow them to store metadata about our browsing habits, shopping habits, and social networking habits.  And it is abundantly clear that these businesses are using them to enhance the efficiency of their sales and advertising revenues as much as to enhance our Internet or online shopping experiences.  In fact, the average U.S. citizen has given up much more personal information to these online businesses than the Government has collected thus far.  Nevertheless, we are truly in the infancy of this world and we have no idea yet where this will lead us.  Can we trust these online concerns to be guardians of our data?  What happens when these data are stolen (e.g., Target during December 2013)?  What happens when the Government subpoenas these data?  Is personal privacy dead?

These are not questions that I can answer here, nor are they likely to be answered anytime soon.  I do not think that there will ever be a nice, crisp syllogism capable of logically expressing a solution to the privacy paradox.  It is the natural dissonance between the individual and society that has in one form or another always existed, but that has now been exacerbated by our wired existence.  The good news is that as human beings, most of us are able to reason beyond paradoxes.  This is often accomplished by changing the semantic concept of a statement or situation.  In the case of a linguistic paradox, that is fairly simple.  For instance, the statement “Everything I say is a lie” is clearly a linguistic construct and easy to diffuse.  A real world paradox such as the dissonance between “the common defense” and “the right of the people to be secure in their persons, houses, papers, and effects…” is more difficult but not impossible to manage.  I think it requires a combination of individual and societal integrity.

  • Question everything.  Individuals and societies alike must continue to ask and re-ask these fundamental questions about privacy in the electronic information age.
  • Act with savvy.  In the age of electronic information, there is no excuse for ignorance about the medium.  The Internet is the most self-instructive institution in human history.  Consequently, it is the responsibility of every person engaged in using the Internet to understand it as well as the consequences of divulging personal information to a third party.  As soon as you hit Enter, it is no longer within your control.
  • Demand integrity.  Never have so many people known so much about each other.  Individuals as well as companies and governments have access to troves of data about each other not even thinkable a mere thirty years ago.  We have an obligation to act with integrity and to demand the same integrity of the individuals and institutions with which we share our data.

I am convinced that personal privacy will be the defining issue of the 21st Century.  Most of our notions of privacy have changed forever.  Our easy electronic access to information, content, goods and services comes with a price.  That price is that a significant portion of our personal information is now a commodity to be used, abused, or exploited by people and organizations outside our knowledge or control.  During the course of the next ninety years, I expect this dissonance between the individual and organizations to come to a point of crisis.  The genie has been out of the bottle for some time; Edward Snowden has merely pointed a light on the abandoned bottle along with some footprints in the sand.  I do not have the answer, but I know that the solution to the privacy paradox will require more than public policy.

Do you agree that personal privacy is one of the defining issues of the age?  Short of eschewing our online lives, what can we do to protect our personal data?

Here are some links to interesting and important articles on the topic.

8 thoughts on “The Privacy Paradox

  1. Kevin Lommen says:

    It’s already too late. The personal or private information that has already been released is unretractable. Our only hope of avoiding misuse of the information by scofflaws is to counter by releasing MISinformation and not to give up any more new information. Anything can eventually be hacked or compromised. I’m sure you’ve heard of the national initiative to get everyone’s medical history recorded electronically in a format that is easily accessed and shared by all medical practitioners nationwide. While I applaud the spirit and intent of this program for the lives and pain it might save, it also saddens me to think that someone will eventually hack into it. Thanks for sharing.

    • bimuse says:

      Yes, Kevin, that really is part of the paradox. It is the cost of this “new life.” There are ways, of course, of maintaining some anonymity online (e.g., Tor, search engines such as Duck Duck Go) but the bad guys use those too. The reality is that other than the basic necessities, which I can purchase locally every week, 90% of what I otherwise need is ONLY available online (or at the expense of a very long drive). And while I enjoy handing out misleading MISinformation, in the end I still have to tell Amazon where to deliver my package and to which charge card to bill it. I’m standing pat on question everything, act with savvy, and demand integrity. This is going to get much nastier before it gets any better. And I’m the inveterate optimist. 😃 Thanks for weighing in.

  2. Michael Mixon says:

    Hi Steve. This is definitely an interesting topic, and one that is definitely only going to get more relevant and complicated. Like you, I don’t have any answers, since there are so many different scenarios and trade-offs to consider. There are already so many benefits to belonging to this growing connected community (e.g. accessing my data in the cloud anywhere and on any device, only being advertised to for things I might actually want, being able to stay virtually connected to friends I can’t see in person, finding like-minded people in other corners of the globe, etc. etc., etc.), and those conveniences and perks are only going to multiply and become cooler as our networks mature and become more nimble. But yes, the price we pay for this connectivity is a permanent digital footprint. For most of us, I suspect this digital footprint will never be used for nefarious purposes. But it can be. And as we’ve witnessed all too often, no digital locker appears to be impenetrable. So just because someone (a company or a government) says our data is safe, it probably isn’t. I’m intrigued by services like Mega (, which appear to offer additional layers of security, but even that would only protect some of your content. You still have to interact with the world, and every move we make is tracked, stored and analyzed.

    While I sometimes like the idea of being invisible, achieving that would probably be very difficult, and would I want to be that way all of the time? Probably not. So to your point, I think we’re all going to have to educate ourselves on how we can minimize our digital footprint, apply additional protections to the footprint we have to leave, and how to respond if that footprint is compromised. Making those options more transparent and understandable would be a great service, but it would ultimately rest on us to take the necessary steps. And many of us are too busy social networking and online shopping to put in that time. 🙂

    On a totally unrelated note, we’re going to be state-mates soon. We’ll have to continue this conversation at one of the many coffee shops up there.

    • bimuse says:

      Thank you for expressing your thoughts so well and thereby extending the conversation. Oh, and welcome to Notingshaw!! 😃 [See? Even when I disguise the personal data it will only take one clever wag to crack it in seconds.]

  3. cavegirlmba says:

    You’re right, it is definitely one of the big hot topics – and here to stay.
    On the one hand we are concerned about supermarkets collecting data which type of yoghurt we buy, but on the other hand we have no problem showing the same yoghurt to the world via Facebook, Instagramm, and other channels.

    • bimuse says:

      CaveGirl, I think you have hit a very important point. When you share your yoghurt on Facebook, you are doing so freely and you are providing your own context which your friends and friends of friends may or may not reinterpret themselves. Your supermarket takes the yoghurt purchase out of context and contextualizes it by looking at everything you buy and looking for patterns. They form conclusions about these patterns that may or may not be correct. “Oh look. The shopper Steve always buys nylons when it buys yoghurt. We conclude that the shopper Steve is a female health nut.” Who knows where that will go, all because both items are routinely on the Saturday shopping list. I am over simplifying, but this is one of the areas where I can see things getting pretty ugly some day. Thank you for the insight.

      • cavegirlmba says:

        What is Steve doing with the nylons and the yoghurt… strange 😉
        But in all honesty, I find it odd that the same people who post tons of photos voluntarily have a problem with data otherwise.

Leave a Reply to cavegirlmba Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s