Balkinization: The Many Deaths of Privacy

The Many Deaths of Privacy

Frank Pasquale

As they follow the fascinating and heartening "Twitter Revolution" in Tehran, commentators worry that "the regime is prepared to detain dissidents — reportedly using Facebook and Twitter to locate them." Yesterday also saw new reports of controversy over domestic surveillance by the US National Security Agency. Apparently the "agency routinely examined large volumes of Americans’ e-mail messages without court warrants." Commentators like Glenn Greenwald and our own Dan Solove have done a great job explaining the legal details of NSA surveillance. I just want to comment on some of broader social trends that explain the upward ratchet of surveillance around the world.

Worries about the "death of privacy" have been around for some time. We increasingly lack control over (or even awareness of) the digital profiles kept about us by businesses and governments. Another form of privacy---that at the core of the public-private divide---has also been in decline over the past couple decades. As the essays in Freeman and Minow's book Government by Contract show, "privatization" is often less an arm's length transaction between government and business than a veritable marriage of institutions. The recent explosion of public-private partnerships in the finance and auto industries further erodes the distinction between government and business. As William J. Novak's essay in Government by Contract observes, much of what we think of as purely private markets are creatures of state action:

Robert Lee Hale contended that the sharp theoretical separation of public and private obscured the actual proactive role of public power in structuring the so-called private bargains that had such an immense effect on the distribution of wealth and power in American society. . . . [T]he private sphere is positively constructed by law and government and is consequently always suffused with (as opposed to immune from) sovereignty, force, violence, and coercion.

This is particularly true of communications technologies, which are often of great interest to government regulators. As Michael D. Birnhack and Niva Elkin-Koren explain in their brilliant article The Invisible Handshake, new and hidden exchanges of information for power are key to government-business relations:

Law enforcement agencies seek to enhance their monitoring capacity and online businesses seek to prevent fraud and combat piracy while strengthening their ties with authorities. . . . The invisible hand [of market-based communications] turned out to be very useful for the State, and it is now being replaced with a handshake, which, likewise, is invisible. . . . The use of private parties for executing government roles may create an unholy alliance between governments that wish to exercise their power and large online players that seek to maintain and strengthen their dominant role in the market.

Birnhack and Elkin-Koren were prophetic. The kind of government-business alliances they feared have become de rigeur in the national surveillance state. Both Chris Hoofnagle and Jon D. Michaels have described the development in some detail. Michaels's story of FedEx is indicative of the larger trend:

[After FedEx's] CEO announced his company’s commitment to cooperating with the government “up to and including the line on which we would be doing a disservice to our shareholders" . . . FedEx has received a range of government perks. For instance, FedEx has been afforded special access to government security databases, presumably giving it a range of advantages over non-cooperating competitors. It has also been awarded a prized seat on the FBI’s regional terrorism task force (it is the only private company so represented) and thus has even more insider access to international security threats, again presumably well before its competitors receive such warnings. Moreover, FedEx has received an exceptional license from the State of Tennessee to develop an internal police force . . . .

Hoofnagle proposes that "the Privacy Act should apply to private sector companies that sell information to the government," not just to the government itself. It seems to me that the first step to wisdom in this area is to realize that whatever we fear from direct government collection of data, we should fear from ostensibly "private" third parties that do the same. Otherwise, the ailing "public/private" divide could cause many more "deaths" of individual privacy.

X-Posted: Concurring Opinions.

Posted 11:00 AM by Frank Pasquale [link]