Future State of Privacy -- Private by Default & Send in the Experts

So far, privacy concerns of today appear to center around the unauthorized release and unintended viewing of private, often risqué images that were never meant for the bright spotlight of the public eye. Since privacy is an ever-changing target, it pays to examine what the movers and shakers in the privacy business believe will comprise the next wave of privacy concerns.
Robert Ellis Smith, publisher of Privacy Journal (http://www.privacyjournal.net/), the oldest privacy publication, sees issues with surveillance and misuse of personal information as major privacy issues of the future, listing “camera surveillance in city streets; behavioral advertising online including the use of search engine data and social networking conversations as the source of data for target marketing and trends toward a national ID card” (personal communication, October 8, 2009). He added, “I have been impressed and disappointed that more Americans are not offended by images of the private residences on [Google] Street View. In Canada, Europe and elsewhere, citizens have been offended” (personal communication, October 8, 2009).
Smith also sees a needed adjustment in how privacy is viewed while agreeing with previous literature on the complexity of privacy:

Privacy has many dimensions, not simply protecting personal information on the Internet. Those aspects of privacy are alive and well. And in the area of behavioral advertising, Congress is moving ahead with regulatory legislation. Apparently many Americans do not think privacy is dead and that they should simply adjust to a new reality. (personal communication, October 8, 2009)

Bruce Schneier, Chief Security Technology Officer of BT, author and security technologist (http://www.schneier.com/) addressed the issues of information control and law lagging behind the technology in comments he shared:

We’ve lost the control of data on some of the computers we own, and we’ve lost control of our data in the cloud. We’re not going to stop using Facebook and Twitter just because they’re not going to delete our data when we ask them to, and we’re not going to stop using Kindles and iPhones because they may delete our data when we don’t want them to. … This loss of control … isn’t a technological problem; it’s a legal problem. The courts need to recognize that in the information age, virtual privacy and physical privacy don’t have the same boundaries. We should be able to control our own data, regardless of where it is stored.” (personal communication, September 30, 2009)

And finally, Beth Givens, founder and director of the Privacy Rights Clearinghouse, shared in an interview a pair of issues she sees becoming major privacy issues in the near future:

Well, I think there are a couple of issues that are behind the scenes right now … that people are going to find in the not too distant future that they're things they are concerned about and one is location privacy. I think most people know that their cell phones, for example ... are able to locate them in an emergency ... that [your] cell phone can be used to locate you. And of course GPS locators in cars ... it's really kind of an up and coming technology; more and more people are using these locational devices but of course there's a huge privacy issue there: who holds that data? how long do they hold on to it? could law enforcement gain access to it if you were ... considered to be part of a crime, a suspect? could the divorce attorney go for it and find out that you were where you said you weren't at 2 AM the other night? … huge privacy issues [and] we haven't even started looking at it. They always say technology goes faster than the laws that protect us ... [and] in this day and age, the laws are way back in the 1970s and 80s unfortunately and we've got new century technologies that are moving ahead at the speed of light ....
[The second is] something called tethered devices ... more and more of these devices ... I'm going to use the Kindle, Amazon's reading machine, the Kindle, is an example of something that you buy, but those books ... in a sense, you kind of rent them.
There was a good example of actually Amazon going in without the consent of the individuals who [owned] these Kindles and actually electronically removing a couple of the books that were there stored on the Kindle ... but without telling them ... they essentially zapped these Kindles, wireless, removed the books. It's a huge irony, but one of the books was George Orwell's 1984 .... So that's an example of a couple of issues ... that I think we're going to be seeing more of as big privacy issues in the very near future.” (interview, October 12, 2009)

Our consulted experts touched on a range of issues, so let’s quickly recap:

  • Camera surveillance on city streets; behavioral advertising online and the movement toward a national ID card are issues Smith has his eye on as likely privacy battles
  • Schneier is stressing the need for control over our information as well as the need for the courts to catch up with privacy in the virtual world
  • Givens feels that locational privacy and tethered devices will be hot button issues of privacy in the future

By now you have to be questioning the logic of the path we have travelled to get here. From birth control to naked pictures of teens to biometrics to locational privacy, what in the name of all things private does this have to do with the changing state of privacy? In a word – everything.
The issue of privacy is by no means an easy one to define. What is one person’s invasion of privacy is another’s opportunity for fame and fortune. Technology is lapping the current action plans (aka legal and structural/systemic privacy protections) in place to handle privacy concerns. The technological development isn’t going to slow down any time soon, and that is only going to leave loopholes, grey areas and key problems unaddressed. Uncertainty with regard to ownership of the information and who ultimately has control over it are major points that will need to be addressed as the nature of privacy shifts from keeping secrets to maintaining control.

Largely, issues of privacy are addressed in a reactive fashion (in response to a specific question) as opposed to a proactive fashion (anticipating potential questions and planning for them). The legal path to a right of privacy outlined in “Privacy Past” shows the at times glacial evolution of what we now call the “constitutional right of privacy” – a mash-up of five amendments, reading in between the lines to see the hidden privacy right. In each instance, it took a specific incident to spur action.
Furthermore, there is confusion as to what ‘privacy’ actually means -- if we don’t know what it is, how can we effectively protect it? Is it stuck in the early concept of ‘property privacy’ or is it now in the realm of bodily, personal privacy found in Griswold? Does it need to move toward the premise of control over one’s information, being able to dictate who sees what when? Is it all of the above plus something not even imagined yet?

It appears to be that the redefinition of privacy as control over your own information is gaining traction as the possible operating concept of privacy in the technological future. “In cyberspace, the greatest threat to privacy comes not from nosy employers and neighbors but from the electronic footprints that make it possible to monitor and trace nearly everything we read, write, browse, and buy” (Rosen, 2000, p. 163). It is controlling access to those electronic footprints that is the likely battleground in the future of privacy.

In a more unconventional notion, “… David Brin in The Transparent Society argues [at issue isn’t] privacy but access to personal information. Rather than trying in vain to resist a world where ubiquitous video camera mean that our lives are increasingly subject to public scrutiny, … [we] should focus instead on ensuring that all citizens have access to one another’s videotapes” (Rosen, 2000, p. 209). Instead of fighting vigorously to keep people from seeing our ‘videotape,’ privacy should be taken out of the equation all together by opening up everyone’s ‘videotape’ to everyone else. At best it’s an utopian ideal – a world where no one cared what others knew or thought about them – one that is not likely to take hold any time soon.

An online diary service based in Toronto may have hit on the answer to the future of privacy and how to handle concerns over protecting it. The service, called Penzu, is an online journaling interface that's private by default. Every entry made on the site automatically has private as the default setting. Users essentially have to opt-in to sharing their work, which they can do via e-mail or a public link to allow comments. This may wind up being the key to saving the future of privacy. Instead of trying to craft a privacy standard that covers every permutation of privacy – an impossible task given that privacy is not a unisex, one-size-fits-all issue – unilaterally shut the door from the beginning. Opt-in sharing may be the magic elixir that cures all privacy ills. Instead of users trying to put the genie back in the bottle by increasing the privacy settings and preferences, users get to control their information, control where and when the genie gets to come out and play.
Jeffrey Rosen (2000) in his book The Unwanted Gaze, frames the fate of privacy in terms of societal forces:

The future of privacy will be determined not by the inherent nature of the Internet, but by social choices about how much privacy we as a society think it is reasonable to demand. And failure to choose means that the slow erosion of protections for private papers and personal information that began at the beginning of the twentieth century will be consummated in the twenty-first century rather than stopped short. Will we be passive in the face of technological determinism, or do we have the vision to insist on rebuilding the privacy we have lost? (p. 195)

This is the dilemma that we must face if we want to ensure there is a future of privacy. Our conception of privacy needs to adapt to the changing world around us to include the notion of control over one’s personal information. Legal protections need to evolve to keep pace with the advancing technological developments, minimizing (and hopefully eliminating) the loopholes that can be exploited leading to violations of privacy. People also need to take an active role in protecting their privacy, making use of the technologies at hand to encrypt, block and limit access to their personal information. Ultimately, the argument can be made that the right of privacy is a constitutional right, a right that needs to evolve to encompass the changing nature of society, a right that we need to exercise before ‘privacy right’ becomes ‘privacy lost.’