Privacy: Difference between revisions

Privacy is the ability of an individual or group to stop information about themselves from becoming known to people other than those they choose to give the information to. Privacy is sometimes related to anonymity although it is often most highly valued by people who are publicly known. Privacy can be seen as an aspect of security—one in which trade-offs between the interests of one group and another can become particularly clear.

The right against unsanctioned intrusion of privacy by the government, corporations or individuals is part of many countries' laws, and in some cases, constitutions (see privacy laws). Almost all countries have laws which in some way limit privacy, for example taxation normally requires passing on information about earnings. In some countries individual privacy may conflict with freedom of speech laws and some laws may require public disclosure of information which would be considered private in other countries and cultures.

Privacy may be voluntarily sacrificed, normally in exchange for perceived benefits, but often with little benefit and very often with specific dangers and losses. An example of voluntary sacrifice is entering a competition; a person gives personal details (often for advertising purposes), so they have a chance of winning a prize. Another example is where information voluntarily shared is later stolen or misused such as in identity theft.

Privacy and security trade offs

Privacy is one of the areas of security with trade-offs. For the collection of taxes it is in the interests of government if your earnings and income are well known. On the other hand, that same information may be used to select you or your family as a good target for kidnapping or to identify the kidnapper so that they cannot plan any kidnappings. In these narrow terms, one group's interest is to keep the information private whilst the other group's interest is to obtain that information. In most countries this risk is reduced, but not eliminated, by limiting the number of people with access to taxation information. On the other hand, in some countries, mostly places with a low risk of kidnapping such as Finland, such information is directly accessible to anyone who wishes it. Privacy can also have free speech ramifications. In some countries privacy has been used as a tool to suppress free speech. Free speech and privacy is another area with trade-offs. In various cases the US Supreme Court has ruled that the first amendment trumps privacy. In Bartnicki v. Vopper, 532 U.S. 514 (2001) Docket Number: 99-1687, US Supreme Court ruled 6-3 that someone cannot be held liable in court for publishing or broadcasting intercepted contents of telephone calls or other electronic communications. The protection extends even when the publisher or broadcaster knows that someone else illegally intercepted the communication to obtain the information, as long as that information is of public concern.

Census data is another area where such trade-offs become apparent. Accurate data is useful for planning future services (whether commercial or public sector), on the other hand, almost all censuses are released only in a way which does not allow identification of specific individuals. Often this is done by randomly altering the data and directly reducing accuracy.

On the other hand sometimes false trade-offs are made. Identity card systems which clearly reduce privacy, are often sold as a method of increasing security. Strong arguments have been made by security experts such as Bruce Schneier, however, that these systems in fact reduce security and are a form of "security theatre".

Reasons for maintaining privacy

It has been reasoned that privacy encourages information sharing between individuals, because it creates an environment in which any perpetuated information that does not reference a source can be identified as rumor. If information is shared voluntarily, then facts can generally be approved by references to one or several identified sources, and there are less chances for the perpetuation of mistrust. The reasoning behind this is that the intention of a privacy violation does not matter for its effect to perpetuate the environment of rumors that is the root cause of intolerance. Philosophers often ask how can people chose to trust each other if they cannot hide from each other?

One may also wish to maintain privacy by withholding information from others because of stigma (as in the case of some "closeted" homosexuals), or for protection from the law (as when criminals hide information to prevent others from catching them). Privacy may include preserving modesty and preventing embarrassment by keeping others away while naked, using a toilet, or having sex.

Often, information (such as bank account numbers or, in the USA, the Social Security Number) may be used against the owner of the information, for example to commit fraud. By maintaining privacy, information owners hope to avoid this fraud or limit effects from it.

Reasons for not maintaining privacy

It has been reasoned that privacy discourages information sharing between individuals which in turn can lead to mistrust and intolerance amongst people and perpetuate false information. If information can be shared widely then facts can generally be verified through many different sources and there are less chances of inaccuracies. It has also been reasoned that Privacy can perpetuate stigma and intolerance. The reasoning behind this is that restrictions on information about people can inhibit and discourage collection and finding of data that is required for an accurate analysis and discussion on the causes and root of the stigma and intolerance. Philosophers often ask how can people learn to accept each other if they cannot know about each other? Issues have also been raised that privacy can encourage criminal activity as it makes it easier for criminals to hide their unlawful activities.

Types of privacy

Political privacy

Main article: Political privacy

People may wish to keep their political viewpoints secret for a variety of reasons - political groupings may be able to commit violence either when successful (using the powers of the state) or when defeated (using their own militias for example). This may be used to punish those who disagree with them. Many people have been tortured or killed for their political views by, for example, dictators, terrorist groups, and often forces linked to democratically elected politicians. The secret ballot, which is common in democratic elections worldwide, is designed to maintain political privacy to limit any discrimination against people who did not vote for the office-holder and to avoid revenge attacks by those who were not elected.

Outing of individuals can be done for several political reasons; either as a negative campaigning tactic designed to lower the outed person's reputation, or by others of a similar sexual orientation who seek openness over privacy.

Medical privacy

Main article: Medical privacy

Information concerning a person's health is kept confidential to the patient. In most countries, the patient must grant access before anyone other than the staff of medical institutions may view the information. The reasons for keeping medical information private may include possible discrimination against people with a certain medical condition. However, it may be illegal to fail to disclose medical information in certain cases (for example, in the United Kingdom in 2001, Stephen Kelly was found guilty of "culpable and reckless" conduct for failing to tell his girlfriend he was HIV-positive before having unprotected sex with her ^[1]). Also see remarks on the Roe v Wade abortion decision below.

Genetic privacy

The concept of “genetic discrimination” and the associated need for confidentiality of genetic information, or "genetic privacy," have only recently entered our vocabulary. But the problem is well documented. In numerous cases around the world, individuals and family members have been barred from employment or lost their health and life insurance based on an apparent or perceived genetic abnormality. Many of those who have suffered discrimination are clinically healthy and exhibit none of the symptoms of a genetic disorder. Often, genetic testing results in uncertain probabilities rather than clear-cut predictions of disease. Even in the most definitive genetic conditions, which are few in number, there remains a wide variability in the timing of onset and severity of clinical symptoms. Employers have access to medical/genetic information, which may be used to discriminate against their employees.

Privacy from corporations

Many companies exist which attempt to obtain as much information about customers as possible, through loyalty cards and other kind of customer schemes. This data is immensely valued by other companies, which may pay large amounts of money for access to this information, for marketing purposes (often telemarketing). A huge public backlash against telemarketers led to the introduction of the National Do Not Call Registry in the United States, and similar systems in other countries.

With the increasing amount of e-mail spam being sent, often advertising products for sale, solutions to prevent the loss of privacy (as the spammers use social engineering and other similar practices to keep an up-to-date list of email addresses) have been developed. See e-mail spam for more information.

Laws regulating the use of personal information by companies have diverged significantly between Europe and America with strong regulation in Europe and requirements for explicit permission before personal information can be reused being standard in the European Union whilst this area is largely unregulated in the USA. In the USA the First Amendment protects against regulating the freedom of information of individuals and corporations.

Privacy from government interference

As a human right, privacy primarily relates to government actions not private actions. Human rights guarantees do not impose broad obligations on governments to protect individuals against possible invasions of their privacy by other individuals. However Constitutional and international guarantees require that restrictions on freedom of expression, even in the interests of privacy, must meet a very high standard of legality and necessity. Governments in many countries are given powers to breach privacy. This is often due to criminal investigations, where police are permitted to seize private property from a suspect's house. Telephone tapping, where all information being transmitted over a phone line is secretly monitored, is often permissible for Law Enforcement Agencies although it sometimes requires permission from a court. This can then be used as evidence in trials where it is used to secure convictions against criminals. However, in the past, numerous cases have been overturned in the United States because the wiretap was not legally allowed. Other ways to monitor people include closed-circuit television cameras, which are placed in public.

The desirability of the government monitoring communications, whether permitted by law or not, is a common debate. Organisations such as the Electronic Frontier Foundation argue that the right to privacy from the government is an inalienable human right and that it is up to the person whether they should have to disclose information. Other groups, including government agencies like the National Security Agency, maintain that the ability to monitor all communications aids in the prevention of criminal activity and terrorism.

Effects of war upon privacy

During periods of war, identity documents and similar artifacts have been introduced to establish the identity of the holder. These were used for security purposes — individuals who did not carry the required documents were assumed to be spies and could be interrogated. In World War I identity cards were introduced in the United Kingdom, but in 1919 compulsion to carry them was removed. They were reintroduced in World War II, but after the successful prosecution of Clarence Henry Willcock for refusing to present his card to the police, the law was repealed in 1952. In this case, Lord Chief Justice Lord Goddard commented that identity cards "tend to make people resentful of the acts of the police".

Rights of the individual, including habeas corpus, often only apply in periods of peacetime. During the American Civil War in the United States, and during World War II in the United Kingdom, habeas corpus was suspended.

It is the opinion of some that the September 11, 2001 attacks and the "War on Terrorism" declared by the United States government, have "restricted" the right to privacy. Proponents of this belief cite the introduction of bills such as the Patriot Act, and new government organisations such as the United States Department of Homeland Security, and the controversial, unfunded Information Awareness Office.

In 2005, the Labour United Kingdom government have introduced a bill, the Identity Cards Bill, which would create a national identity database and introduce a national identity card. The idea was initially revived after the September 11, 2001 attacks by the then-Home Secretary, David Blunkett, and became part of Labour's manifesto for the 2005 general election.

As of 2005, the right to privacy remains an important point of political debate in the United States, the United Kingdom, and other countries.

Arguments for government monitoring

• Increased crime detection - due to the placement of CCTV cameras, the success rate of conviction is increased as criminals are more likely to be convicted due to the increased ability to prove a suspect committed an offence.
• Prevention of terrorism - terrorist activities need coordination and this is often done using electronic equipment. If communications between devices can be monitored, the activities of terrorists can be prevented before any terrorist attacks are carried out, and their networks can be disclosed by network analysis and traffic analysis.

Arguments against government monitoring

• Surveillance infringes on civil liberties - there is a lack of anonymity if facial recognition systems can be used, for example, to identify protestors in a demonstration.
• CCTV cameras displace crime, rather than eliminate it - criminals move to areas where CCTV is not in place.
• Due to the enormous manpower require to operate and monitor, many crimes (even if recorded) go unnoticed for hours, days, or even months, while costing money for upkeep and wages.
• Monitoring can be used in committing crime, for example police officers have been caught using cameras to invade the personal privacy of women walking through airports.
• Gathering data about many people in one place (the monitoring centre) provides a valuable source of data which would fuel illegal activities if the integrity of the operators were ever compromised.
• The same technology used for disclosing networks of terrorists and criminals can be used by repressive regimes for finding dissidents, and allows easy blackmailing, blacklisting or prosecuting of people for their guilt by association (see the Red Scare for a set of historical examples). Its presence itself can provide a considerable chilling effect for political dissent.

Data Democratization and the Personal Information Search Engines

Companies referring to themselves as personal information search engines began making your personal information available over the Internet near the turn of the millenium. They are empowered by federal law and accorded the status of an industry. Senator Warner (R-VA) disclosed that the U.S. government allows the industry to "regulate itself" (personal communication, 2002), prompting arguments by privacy rights advocates that cyberstalking must also be considered an industry. And now with a few clicks of the button, you can dredge anyone's current address, address history, criminal background, magazine subscriptions, and the identities of anyone with whom they ever shared a domicile (e.g. family).

All at a click of a button. All in the name of data democratization. The growth of this industry resulted in greater awareness, accessibility, and affordability of these cyberdredging tools, as these businesses promote themselves in ads and lower prices to compete for your profits.

The price tag is further mollified when distributed among gang members. A very abridged list of companies representing this industry includes US SEARCH.com Inc., Intelius, Zaba Search, Maverick Internet Ventures, Inc., and Confi-chek, Inc..

No Simple Way to Restore Privacy

Having your telephone number unlisted does not mean your telephone number is not available to the public. This is the single biggest misconception people have about having an unlisted number. Un-listing your telephone number simply keeps it out of directory assistance and white pages.

Many personal information search engines contain useful information on their Web sites, but faxing or mailing the proof of identity required to opt of out of all these services is like trying to use ten fingers to plug fifty holes (and counting) in a dam. The search engine staffers caution that the only effective means to keep yourself out of these databases is to submit a change of address form at your local post office to forward all personal correspondence and bills to a post office box.

A survey of personal information search engines revealed that only 70 percent provided, without significant arm twisting, information to people requesting procedures for opting out of the database.

A Treasure Trove of Personal Data

Moreover, information considered public (and therefore fair game for personal information search engines) includes telephone numbers, household demographics, street addresses, church and school alumni directory information, birth notices, death notices, marriage notices, social security numbers, and maiden name of maternal parent. Only medical records, employment records, tax returns, and personal financial records are protected by law.

Google, Yahoo, and The Search Engines

Privacy rights advocate Tim Johnsey recently posed an interesting question: "Have we lost our right to fuss about wiretapping and the Patriot Act if we support search engines like Google that represent a more proven and pervasive threat to the privacy of our citizenry?" Search engines like Google offer average citizens a way of spying on their neighbors by allowing not only a search of a person's name, but more importantly, of a person's e-mail addresses and computer source address (i.e. IP address).

The most effective demonstration of the damage that can be inflicted on a victim through Googling is presented in this report by a social psychologist.

And the most damaging aspect of these search engines could not have been more effectively summarized than by a cyberstalker in the unmoderated Usenet news group sci.psychology.psychotherapy: "He who controls Google, controls the world." Cyberstalkers seek to control how their targets are viewed by the world through the eyes of a search engine. A few simple procedures ensures a complete monopoly over the image of an enemy ...

Register a Domain Bearing Name of Victim

Members of the cyberstalking gangs are fond of registering domains in the name of victims. If the victim's name is Joe Farrell, they may register joefarrell.com. This web site is guaranteed to rank highly in a Google or Yahoo search of the name "Joe Farrell."

Use the Double Level Protection of Go Daddy

Privacy advocates and stalking researchers are noticing an alarming spike in the number of abusive domains registered through domain registrar Go Daddy Software Inc. and protected through the privacy services of Go Daddy subsidiary Domains by Proxy. Domains by Proxy subsititutes its own corporate name, contact, and address information for the name, contact, and address information of the domain's true owner. Certified mail to the General Manager's Office of Domains by Proxy will trigger an arbitration, and Domains by Proxy will rescind its privacy services if the owner of the abusive domain does not comply with instructions to contact the complainant by a deadline. However, the rescinding of the proxy data will almost always reveal fraudulent data underneath.

Extensive research revealed that Go Daddy Software Inc, which remains the registrar of the domain and curator of the fraudulent domain data, does not reply to complaints delievered through abuse@godaddy.com. Go Daddy customer service representatives verified that there are no telephone menu items for abuse or general correspondence (only for new sales and existing customers), and abuse@godaddy.com remains the only company-recognized mechanism for addressing issues of abuse.

Extensive research by private contractors revealed that the name of the individual listed as the owner of the domains in the screen captures below is an alias. Also noticed that shortly after a complaint, the address listed in the domain data changed from a post office box in Tampa Florida to a post office box in Grover Beach, California.

File:Bradjesnessc2.jpg

File:Bradjesnessc1.jpg

Privacy advocates admonish against phoning the number in the abusive domain data to verify accuracy. The defamed complainant in this case did just that. The cyberstalker's caller ID captured the source of the incoming call, and reality was turned on its head when the cyberstalker passed off evidence of the phone call as "cyberstalking" in messages spamming multiple news groups.

Researchers also characterized ICANN as a straw authority, reporting statements from representatives of ICANN's Security and Stability Advisory Committee (SSAC) that ICANN has no power to enforce accurate domain data despite advertising a form through which complainants can report fraudulent domain data.

Register & Cross-Link Multiple Domains

If you are stalking someone named Joe Farrell and wish to follow procedures popularized by stalking Usenetters, you may want to add joefarrell.net, joefarrell.info, and other Joe Farrell extensions to your list of purchases. These domains can act as clones of the original .COM web site, and through hyperlinking can further ensure control of the first page of results of a Google search on "Joe Farrell." In addition, you would be depriving Joe Farrell of a means by which to compete for space on Google's "Joe Farrell billboard."

Disseminate Links to Domains in Messages to Usenet

Since the Usenet news groups are available through most ISPs, Usenet messages rank highly in a Google search of any keyword found in the message's subject field. In addition, hundreds of news readers (Web sites designed to provide access to Usenet) each assign unique URLs to any given message in a Usenet news group, resulting in a multiplicative redundancy of any single message in a search engine database. A single defamatory message in a Usenet news group may appear 3, 5, or even 15 times in the results of a Google search on your name.

Search Engines

The search engines would be a single point of contact for redressing problematic messages, but search engines lack the customer service staff necessary to manage the size of their product. So they also cite federal commuications law that effectively treats them as conduits (i.e. public utilities) rather than commercial businesses, and responsibility is deflected on the authors of the messages (who remain untraceably anonymous in Usenet) and the owners of the news readers (who are often anonymized through Go Daddy and Domains by Proxy).

The following report on search engine Google provides a graphic illustration of how search engines can be used to monitor targets and manage their public image.

Hacking

A cyberstalking gang would not be complete without at least one member with the skills to hack into your e-mail account and other databases for the purposes of procuring that non-public information discussed in the previous section pertaining to Personal Information Search Engines. One Report follows a case in which a target's credit card number was illicitly procured for the purposes of "authenticating" a spurious negative review of another target's book in the customer review section of Amazon.com. The incident reminded me of a demonstration a high school peer put on for a few of his friends in which he hacked into the credit bureau database to collect information about our principal. It did not pose much of a challenge for this 17-year-old with basic intelligence.

All it takes is one demonstration of access to your e-mail account (e.g. by dropping a message in your Yahoo contacts list and rigging the functionality so the Contacts List opens upon login) to make all future declarations of "monitoring your backchannel communications" etcetera that much more menacing.

Open Source Databases

Even Wikipedia has been abused for purposes of defamation, as famously illustrated by the implication of a prominent journalist in the Kennedy assassinations. Despite the journalist's best efforts, the article remained public for 132 days. Similarly, a number of individuals have voiced displeasure over having been identified as kooks in an article about an intolerance-preaching hate group Alt.usenet.kooks.

Privacy laws

Main article: Civil liberties

The Universal Declaration of Human Rights, in article 12, states:

No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

Countries such as France protect privacy explicitly in their constitution (France's Declaration of the Rights of Man and of the Citizen), while the Supreme Court of the United States has found that the U.S. constitution contains "penumbras" that implicitly grant a right to privacy against government intrusion, for example in Griswold v. Connecticut (1965). Other countries without constitutions have laws protecting privacy, such as the United Kingdom's Data Protection Act 1984. The European Union requires all member states to legislate to ensure that citizens have a right to privacy, through directives such as Directive 95/46.

If the privacy of an individual is breached, the individual may bring a lawsuit asking for monetary damages. However, in the United Kingdom, recent cases involving celebrities such as David Beckham, however, have resulted in defeat as the information has been determined in the courts to be in the public interest^[2]. In the United States, the right of freedom of speech granted in the First Amendment have limited the effects of lawsuits for breach of privacy.

Organisations such as Privacy International, a London-based non-governmental organisation formed in 1990, exist as a watchdog on surveillance and privacy invasions by governments and corporations. On the flip side organizations such as ARTICLE 19 a UK based non-governmental organization exist as a watchdog on governments using privacy as a tool for censorship and restrictions on free speech.

See also

• Mass surveillance
• Data retention
• Civil liberties
• Data privacy
• Gramm-Leach-Bliley Act
• RFID (radio frequency identification)
• The Transparent Society, a non-fiction book by David Brin, foreseeing an erosion of the right to privacy in the future.
• Digital Fortress, a novel by Dan Brown, about governmental powers to monitor its citizens' communications.

References

1. ^ Landmark Aids case begins in Scotland, from BBC News (retrieved 26 April, 2005).
2. ^ Does Beckham judgement change rules?, from BBC News (retrieved 27 April, 2005).

Further reading

• Dennis Bailey, Open Society Paradox: Why The Twenty-first Century Calls For More Openness--not Less, Brasseys Inc (November, 2004), hardcover, 224 pages, ISBN 1574889168
• Robert O Harrow, No Place To Hide: Behind The Scenes Of Our Emerging Surveillance Society, Free Press or Simon and Schuster (January, 2005), hardcover, 304 pages, ISBN 0743254805
• K. A. Taipale, "Technology, Security and Privacy: The Fear of Frankenstein, the Mythology of Privacy, and the Lessons of King Ludd," 7 Yale J. L. & Tech. 123 ; 9 Intl. J. Comm. L. & Pol'y 8 (Dec. 2004) (arguing for incorporating privacy protecting features in the construction of information systems through value sensitive design).

External links

• Electronic Frontier Foundation digital rights NGO
• Electronic Privacy Information Center a public interest research center
• Privacy International UK-based International privacy NGO
• Privacy Spot privacy law blog
• "The Right to Privacy" (Warren and Brandeis) the seminal law review article for U.S. privacy law
• OECD Guidelines on the Protection of Privacy describe principles behind many contemporary privacy laws
• Stanford Encyclopedia of Philosophy entry
• European Privacy Protection for Wikipedia Users on the blog of Jean-Baptiste Soufron
• Data Protection in the European Union, from the Directorate-General for Justice, Freedom and Security
• Genetic privacy and the law
• The condition of privacy in Italy