This article is part of The Nation’s 150th Anniversary Special Issue. Download a free PDF of the issue, with articles by James Baldwin, Barbara Ehrenreich, Toni Morrison, Howard Zinn and many more, here.
Imagine a state that compelled its citizens to inform it at all times of where they are, who they are with, what they are doing, who they are talking to, how they spend their time and money, and even what they are interested in. None of us would want to live there. Human-rights groups would condemn such a state for denying the most basic elements of human dignity and freedom. We’d pity its citizens for their inability to enjoy the rights and privileges we know are essential to a liberal democracy.
In fact, this is the state in which we now live—with one minor wrinkle: the US government does not compel us directly to share any of the above intimate information with it. Instead, it relies on private companies to collect such information—and then it takes it from them at will. We “consent” to share this information with the companies that connect us to our intensely hyperlinked world. Our cellphones constantly apprise the phone company of where we are, as well as with whom we are talking or texting. When we send an e-mail, we share the address information, subject line and content with the Internet service provider. When we search the web or read something online, we reveal our interests to the company that runs our browser or search engine. And when we purchase anything with a credit card, the company that issued the card maintains a record of the transaction.
In short, we share virtually everything about our lives—much of it intensely personal—with some private company. (While some Internet companies, such as DuckDuckGo, promise not to collect personal information, most do, both to provide you their service and to capitalize on the information they thereby gather.) In theory, we can also refuse our “consent”: we can choose to live as hermits, cut off from all the forms of communication that dominate modern existence. But that’s a high price to pay for privacy. Surely we can have our smartphones and our privacy, too?
While we don’t consent to share our personal electronic profile with the government, a series of Supreme Court rulings dating back to the analog age holds that what we share with “third parties” like Google is no longer private, at least vis-à-vis the government obtaining that information from the third party. So if the FBI wants to find out whom we’ve been calling and where we’ve been, it can demand our phone and location records from the phone company. If it wants to know what websites we’ve been visiting, it can demand those records from the Internet service provider. Under the Supreme Court’s third-party disclosure rule, the government can obtain this information without any basis for suspecting us of wrongdoing, and without bothering to get a judicial warrant.
Popular
"swipe left below to view more authors"Swipe →As a result of the digital revolution and the third-party doctrine, the face of privacy has changed, and it will continue to change dramatically. Unless we respond appropriately, we are in danger of seeing privacy go the way of the eight-track player. And that has immense consequences not only for our personal lives, but for the character of our country. For privacy is not only a personal right, but a collective good—a cornerstone of democracy.
* * *
The significance of the digital revolution for surveillance cannot be overstated. Before the advent of computerized records and the Internet, much of the information that is now routinely collected about us was either unavailable or available only at prohibitive cost. If the government wanted to know where you were every moment of the day, it could assign someone to tail you 24/7. But that was expensive and almost impossible to carry off without detection. Moreover, even round-the-clock surveillance couldn’t see what you were doing behind walls. Now we all carry a smartphone with us at virtually all times, which automatically tracks us nonstop and transmits that information to the phone company.
In the old days, if the government wanted to know what you were reading or thinking about, it could search your home to see what was there—but that required probable cause of criminal activity and a warrant. And even then, it would find only those materials that you kept on hand; it would have no real way to know what you were thinking about, short of asking you directly. Now it can download your search history from Google, which knows better than you do yourself what you have been thinking about. And the computer never forgets.
Computers don’t just have perfect memory; they also have the capacity to store and analyze massive amounts of information about any one of us—or, as Edward Snowden’s 2013 disclosures on government surveillance revealed, about all of us. Snowden showed that for more than a decade, the National Security Agency has been collecting telephone metadata—whom we call and how long we talk—on virtually every American. The NSA maintains this data in a high-tech storage facility in Utah for five years and can then search it for ties to the phone numbers of suspected terrorists.
The NSA’s surveillance abroad is even more intrusive. The agency has intercepted and collected massive quantities of electronic communications—texts, phone calls, e-mails, contact lists and Internet browsing—from millions of foreign nationals, without any basis for suspecting them of wrongdoing. Dragnet surveillance that was until recently impossible is now entirely feasible.
Digital technology has exponentially expanded the government’s ability to construct intimate portraits of any particular individual by collecting all sorts of disparate data and combining and analyzing them for revealing patterns. A single phone call, credit-card transaction or location might not tell very much about someone’s private life. But if the phone call was from a married man to a single woman, and the location data showed that the two were together shortly thereafter and then purchased a morning-after pill at a local pharmacy, the implication would be clear.
Defenders of the new surveillance insist that the NSA’s domestic-surveillance program is appropriately limited because the government merely collects metadata, not the content of calls. “Metadata absolutely tells you everything about somebody’s life,” as Stewart Baker, former general counsel of the NSA, has acknowledged. “If you have enough metadata, you don’t really need content.” For example, the metadata can reveal whether a person called a rape-crisis center, a suicide or drug-treatment hotline, a bookie or a particular political organization. When I quoted Baker’s statement during a debate with the former director of the NSA, Gen. Michael Hayden, he readily concurred and even raised Baker one, bragging: “We kill people based on metadata.”
Defenders of the new surveillance also argue that as long as there are enough back-end limits on how the information can be used, we ought not be concerned about the government collecting and storing it. For example, the NSA’s phone database can be accessed only by a limited number of NSA analysts, for counterterrorism purposes, when they have reasonable suspicion that a phone number is tied to a terrorist. But the collection itself imposes privacy costs, irrespective of how the information is subsequently used. I don’t think we’d accept the NSA collecting videotape from every American’s bedroom, no matter what back-end limits were placed on the use of the results. Moreover, once a database exists, what is to stop any “mission creep” in its use? If it can be searched for terrorists today, why not for serial murderers or rapists tomorrow? Where is the limiting principle?
Defenders of the new surveillance typically argue that if you have nothing to hide, then you have nothing to fear. This familiar claim ignores the fact that privacy is valuable not just to criminals, but to all of us. We all close the doors to our bedrooms and our homes, whether or not we are engaged in criminal conduct. We all use password protection for our personal computers, regardless of whether we are doing anything wrong. Privacy serves a multitude of ends other than protecting criminals; if that weren’t the case, we wouldn’t have protected it in the first place.
* * *
Some argue that privacy is a relatively recent phenomenon, because for most of history humankind has lived in small rural settings where everyone knew everyone else’s secrets. But that claim is both overstated and beside the point. It is overstated because, while modernity has in some ways increased the opportunities to protect confidences, it has also, as Snowden’s disclosures reveal, reduced those opportunities. I suspect, moreover, that it was always the case that people sought to keep secrets—and did so. Most important, however, the question is not whether privacy is of recent vintage, but whether it is valuable. If we value it, then we should struggle to preserve it from the onslaught of new surveillance technology.
It is possible to adjust the rules to accommodate new technology. The Supreme Court has done so repeatedly in response to, for example, automobiles, telephones and even thermal-imaging devices (used to detect indoor marijuana growing). In 2012, the Court ruled that the Fourth Amendment restricts the government’s use of a GPS device to track a car’s public movements around the clock for twenty-eight days. The government had relied on an analog-era precedent holding that its agents could use a beeper hidden in a package to track an automobile trip on public roads, reasoning that what is observable in public is not private. In the GPS case, however, the Court reached the opposite conclusion, and five currently serving justices specifically acknowledged that digital technology changes the calculus and requires a new, more protective rule.
In 2014, the government again sought to rely on an analog-era precedent in a digital context—and again lost. Riley v. California involved the authority to search an individual’s cellphone upon arrest. The existing rule said the police could automatically search the arrestee and any container on his person. The government argued that a smartphone was “materially indistinguishable” from any other container and was therefore equally subject to search. The Court unanimously rejected that claim. In the words of Chief Justice John Roberts, “That is like saying a ride on horseback is materially indistinguishable from a flight to the moon.”
The Court has not yet addressed whether the third-party disclosure rule needs a digital update (although Sotomayor has suggested that it may need to). The opinions in the GPS and smartphone cases, however, suggest that it recognizes that we are indeed in a brave new world.
Congress can also enact laws to protect privacy from the threats that new technology poses. In the past, Congress has responded to Supreme Court decisions denying constitutional privacy protection by enacting laws that provide statutory protection. Thus, while the Fourth Amendment puts no limit on the government’s ability to obtain records from one’s bank or telephone company, Congress has enacted statutes that do. And while the current Congress seems incapable of doing much at all, privacy is one of the few remaining areas that can unite liberals and conservatives. In 2014, the USA Freedom Act, which would have reined in the NSA’s phone-metadata program and reformed the Foreign Intelligence Surveillance Act Court, passed the House with overwhelming bipartisan support, and in the Senate it came up only two votes short of the sixty needed to overcome a filibuster. An important statutory authority for the NSA’s domestic phone-data program expires in 2015, so the issue is by no means dead.
State courts and legislatures can also play a part. New surveillance technologies are available and used at the state as well as the federal level. About 99 percent of criminal-law enforcement is carried out by states and local agencies. While the protections under state law can’t fall below the floor established by the US Constitution, states are free to provide even greater protection—and many do.
Finally, we must also confront the threats to privacy posed by the private sector. We certainly have more to fear from the state than from Google: only the state has the power to arrest, prosecute and imprison, and governments—including our own—have a record of targeting dissenters. But the private sector also intrudes on our privacy, and we should limit what it can do with the information it gathers from and about us. In Europe, for example, data-protection laws restrict what both the private and public sectors can do with private information. In the digital age, the government is effectively outsourcing much of its surveillance to private companies, and we should impose limits on them as well.
In short, privacy has never been more vulnerable than it is today. The digital era has brought us many delightful conveniences, but it has simultaneously created previously unthinkable perils. Some have pointed to these developments to argue that privacy is already dead. That’s a dangerous overstatement: reports of privacy’s demise are, for the moment, greatly exaggerated. But it may be on life support. And unless we insist on new rules to govern and regulate the use of these new technologies, it’s not only our privacy that will be lost, but all that depends on privacy as well—including democracy itself.
This article is part of The Nation’s 150th Anniversary Special Issue. Download a free PDF of the issue, with articles by James Baldwin, Barbara Ehrenreich, Toni Morrison, Howard Zinn and many more, here.