Privacy is a hot topic. It's even the chief source of anxiety for a vast majority of people. Why? One reason is the impact of the popular use of information technologies: with the huge mass of personal data being transmitted on-line, questions about security arise. We've all heard the horror stories about hackers making public the intimate details of our lives. But there's another reason: people today expect to be left alone. This "right" was first introduced a century ago and was recently the focus of our collective reflections after Princess Diana's fatal accident. But celebrities aren't the only ones who risk exposure. The use of close-circuit television to monitor our cities suggests there are fewer places to seek refuge from prying eyes and ears. Of course, worries about data security and being watched are separate problems. Nonetheless, they reflect the fact that Western culture takes privacy for granted.
Reg Whitaker's The End of Privacy and Colin Bennett and Rebecca Grant's Visions of Privacy are two books that account for and address the popular worries about the erosion of privacy. Both focus on the rapid growth of information exchange that comes with the use of increasingly sophisticated information technologies in both public and private sectors. The volumes, however, are vastly different in tone and aim, as reflected in their respective subtitles: "How Total Surveillance is Becoming a Reality" and "Policy Choices for the Digital Age".
Whitaker is interested in the power relations operating in today's information society. In his view, the top-down model of power has been displaced by a diffused one. Individuals are subjects in multi-directional circuits of power. As information flows, so does demand for more details about people, their behaviour, their possessions, and just about everything else. Whitaker, however, is not interested in policy issues on safeguarding privacy; rather, he wants to sound alarm bells, to raise public consciousness of the challenges posed to privacy by the growing use of new information technologies.
Whitaker's book is a captivating read. It is full of facts. Some are old news. For example, in just over fifty years, computers went from being huge machines using vacuum tubes, to clunky desktops using floppy drives, to handy laptops using microchips, and beyond. Others are arresting. In 1996, the state of Maryland allowed marketing firms to access its Motor Vehicle Administration database for a fee of just under $13 million. That little nugget made me sit up and take notice: information is a commodity; it can be bartered. How much are our medical records worth?
Whitaker's account is primarily about how we arrived at the present situation, and his discussion brings together such topics as espionage, the panopticon, cyberspace, and Big Brother. His vision is particularly dark. For Whitaker, the information society might just as well be called the "society of total surveillance". Every manner of gathering information-from the use of closed-circuit televison to filling out census forms-contributes to total surveillance. The leitmotif here is the panopticon, a term which has gained a certain popularity since Michel Foucault's Discipline and Punish. The term, however, originates with Jeremy Bentham, who invented it for his prison-reform schemes: prisoners are housed in a circular building where they could be under constant surveillance, which would make them alter their behavior and render them docile. For Foucault, the panopticon is a metaphor for the shift in the exercise of power in modern societies: from punishment (usually a public spectacle to emphasize the power being wielded) to discipline (where individuals monitor their own behavior). He argues that power is most effectively exercised when it is internalized, when we are our own inspectors. That's the moral Foucault draws. While Whitaker is aware of Foucault's take, the important lesson he draws from the panopticon is total surveillance: we may be watched at all times.
The notion of total surveillance captures the imagination. But how accurate is the suggestion? My on-line OED says that surveillance means "watch or guard kept over a person, etc., esp. over a suspected person, a prisoner, or the like; often, spying, supervision; less commonly, supervision for the purpose of direction or control, superintendence". The use of closed-circuit television would certainly fit. But what is the connection between being watched and the "information society"? Computers. Technology is now available that can track a user every time the person logs on or off a network or the web.
But many people do not have access to a computer, let alone the internet. So how is the gathering of personal details linked with being watched? In Whitaker's view, we voluntarily give out information about ourselves at every turn--from filling out a driver's license application to signing up for a special mailing list. These details are stored in, and transferred between, public and private sector databases. Apparently $13 million will let you do that.
But what is the connection between data migration and surveillance? For Whitaker, it is digitization: information in digital form can be put into databases. Notice how weak that link is, though. If the only connection between information gathering and total surveillance is digitization, then we might as well say that making a Spice Girls CD is linked to total surveillance. The notion of surveillance begins to lose its grip here.
Perhaps Whitaker's point is that information about individuals is compiled into dossiers, which are traded and circulated. Having these dossiers float around in cyberspace is tantamount to being "watched", because we can be tracked at all times. The problem here, it seems to me, is data migration and not surveillance per se.
The worries about data security are very different from the worries about panoptic monitoring of public spaces. A solution for one need not be adequate for the other. Nonetheless, the notion of total surveillance is a powerful way to draw attention to the issue of security of personal information--even if it is at the cost of a certain paranoid "feel" to the book.
Consciousness-raising is necessary, and Whitaker's book is important for doing that. But what steps can be adopted to address the challenges to privacy? Here, analysis of policies is called for, and the Bennett and Grant volume, Visions of Privacy, delivers in spades.
Many of the book's papers examine and offer measures that can be taken in data protection to address threats to privacy posed by the use of new information technologies. Their volume is based on a 1996 conference held at the University of Victoria called Visions for Privacy in the 21st Century: A Search for Solutions; the papers reflect its mission. The book is a less gripping read than Whitaker's, but it has enough details to keep it interesting. For example, David Flaherty, the present Privacy Commissioner for British Columbia, points out in his contribution that there is no legal or constitutional protection of privacy per se in either the Canadian Charter of Rights and Freedoms or the U.S. constitution. That doesn't mean privacy isn't protected. In Canada and the U.S., there is a patchwork quilt of statutory and common-law protections available to cover different aspects of privacy. One problem, however, is the inevitable gaps.
For the most part, the authors present a balanced account of what the new technologies can offer, as well as the problems they pose. Some contributors, however, do get carried away. For instance, Janlori Goldman verges on Panglossia in her appraisal of the possibilities offered by the new information technologies: rather than take a cautious position, she urges us to move the debate forward by "embracing" the idea that new information technologies have the capacity to give people meaningful choices. In her view, we should demand that "technology be designed to empower individuals." Everyone would presumably agree with that. The trick is how we go about making that vision a reality.
The position adopted by the other contributors can be described as pragmatic. The new information technologies are here to stay, as evidenced by the recent $33-million commitment by the federal government to develop e-commerce software. They argue that policies can be designed based on the principles of "Fair Information Practices" first developed in 1973, and implemented to offer protection for personal information. Spoken like a true believer, David Flaherty tells us that he has "never met a privacy issue that could not be satisfactorily addressed by the application of fair information practices." Gary Marx takes a wider view: he argues that although fair information practices are important, they need to be situated in a wider framework which would include the practices used by the information gatherers.
Pragmatism calls for a balance between the imperative to use such technology and the demands of privacy. Charles Rabbe, however, argues that we should think beyond merely balancing competing claims and interrogate and, if necessary, reshape that technological imperative itself to maximize privacy. Rabbe's recommendations on this point are frustratingly vague. But perhaps that's the way it should be, as we are repairing the ship while out at sea.
So, why is privacy important? Whitaker does not deal directly with this question, preferring to emphasize some of the nasty consequences of its erosion. Bennett and Grant take a stab at it. They distinguish two concerns: (1) privacy as an intrinsic value ("the restriction of personal information as an end-in-itself"); and (2) privacy as an instrumental or "strategic" value, with the aim of ensuring that the "right data are used by the right people for the right purposes." Bennett and Grant's distinction highlights a tension in current discussions about privacy-namely, as a consumer, a person might want easy flow of information (strategic value); as a private person, an individual might want very restricted access to personal details (intrinsic value). Respecting the privacy of others is fundamental to recognizing them as persons who formulate and act upon their projects. The unjustified violation of the privacy of others is to treat them as mere instruments for one's own goals, and not as persons in their own right. The irony here is that, although the concept of privacy may be inherently linked to our concept of "person", some people actually give very little value to their own privacy. Perhaps "privacy" is an essentially contested term, as Bennett and Grant suggest.
The End of Privacy and Visions of Privacy are valuable in that they provide us with more conceptual tools with which to examine the present situation, and to explore alternatives.
James Wong is an Assistant Professor in the Communications Studies Program at Wilfrid Laurier University.