Monday, July 18, 2011

Weekly World News, Weakly World Privacy

July 18, 2011, 9:35 a.m.

Murdoch's Violations Small Part of Loss of Privacy

I have often said, "the problem is not that corporations violate the laws, it is that they write the laws."

I have often been wrong -- at least partially so.

Because, of course, the problem is also that corporations corrupt or otherwise violate the laws as well as writing them. BP and Massey Coal did both, and workers died. Murdoch's worldwide media monopoly hacked cell phones, published stories based on the conversations, and hundreds of citizens and celebrities alike suffered in a variety of ways.

There's no way to minimize or justify what the editors and reporters of Murdoch's News of the World did. It's awful. From the perspective of college classrooms it's a subject for studies of journalism, technology, and law. It's a global media story, an example of how technological "advances" gnaw away at our neglige of privacy, and thereby create Rubik's-cube-like challenges of legal analysis for legislators and lawyers.

If you haven't been following the events, here is a sampling from the New York Times of the thousands of stories the worlds' media have provided: Sarah Lyall, "Scandal Shifts Britain’s Media and Political Landscape," New York Times, July 8, 2011, p. A1; John F. Burns and Alan Cowell, "Former Aide to [Prime Minister] Cameron Is Arrested in Tabloid Scandal," New York Times, July 9, 2011, p. A8; Don Van Natta Jr. and Ravi Somaiya, "British Tabloid Sought Phone Data of Investigators," New York Times, July 12, 2011, p. A1; and Sarah Lyall and Graham Bowley, "Connections to Murdoch Start to Chafe British Leader," New York Times, July 13, 2011, p. A1.

But this is more than a story about the fall of one of the world's largest media barons. It should also be a teachable moment for all of us regarding our privacy.

Consider all of today's technological and other assaults on the standards of privacy accepted and expected by our great-grandparents. From that perspective, as awful as the Murdoch invasions appear to have been, they are but a very small part of what we need fear.

Like the insight of Walt Kelly's cartoon figure, Pogo -- "We have found the enemy, and he is us" -- or Winnie the Pooh's discovery that the tracks he was following were his own, most of the assaults on our privacy are self inflicted.

(1) Much of our lost privacy we have voluntarily abandoned. Take Facebook, for example. Our names, addresses, birth dates, family members -- all identified with "tags" in their photos -- and our network of "friends," are available for the databases of Facebook, criminals or law enforcement. We may keep unencrypted passwords on a thumb drive, smart phone, or laptop, available to whoever gets our lost or stolen equipment. I recently saw a desktop in a business with a Post-It note stuck to the screen, revealing to anyone who glanced that way the username and password. Once a voice mail hacker knows that 75% of users choose "1-2-3-4" as their password it makes it a whole lot easier to listen in. Now that the FBI (and anyone else) can search our trash without a warrant, we may still think we're destroying documents with credit card numbers or other valuable data because we took them out to the curb for trash pickup, rather than shredding them.

(2) Professor Jonathan Zittrain speaks of what he calls "privacy 2.0" ("The Future of the Internet -- And How to Stop It").

As technology progresses through the decline in price that I call "the 99.9%-off sale" (not incidentally, with improved capacity and quality, and reduction in size and weight), it spreads, it becomes ubiquitous. The video recording capability that once cost tens of thousands of dollars is now merely hundreds of dollars or less.

Our actions are being recorded by the scanning video cameras in government buildings, banks, convenience stores and other private businesses. They monitor and bill those who run red lights. The Webcams in our laptops may take video of us without our knowledge.

But that's not the major problem.

Still and video camera capability is built into our smart, and even dumb, cell phones.

Couple this with the ease of uploading videos to YouTube, Facebook, or attaching them to emails. Anyone's embarrassing, or illegal, moment can suddenly go viral globally.

That's not the result of government, Big Brother snooping on us, or evil corporations. It's us; millions if not billions of us, recording and distributing information about each other -- usually for reasons somewhere between friendly and helpful, or at least benign.

(3) We gratuitously give our private information to Facebook, expecting little or nothing in return.

But we also trade off our privacy, our secrets, our personal identifying data, for perceived benefits. We give the bank our financial data, including how much cash we took out from which ATM machine, the day and time. We let the credit card company record where we went, what stores or other businesses we entered, what we bought, what we paid for it, where and when. The cell phone company tracks our every move, knows where we are, who we called, how long we talked -- and if they care to know, what we talked about. The airlines know where we flew and when; the rental car companies also.

I'm not saying these and comparable gifts of privacy to corporate America are irrational choices. It would be hard to function in today's world without, say, credit cards and phones. I'm just saying that we can't voluntarily turn over vast amounts of information about ourselves to government and merchants and then complain that they possess this information about us.

(4) This third-party possession of our most intimate information raises other problems.

The Fourth Amendment asserts a "right of the people to be secure in their persons, houses, papers, and effects" -- seemingly a kind of place-based security. So what about tapping phone lines from a place away from home? In the Supreme Court's 1967 Katz decision, involving law enforcement's recording of a conversation by means of a device attached to a public phone booth, the Court expanded the protection to include those things as to which we have (1) "an expectation of privacy" that most people would consider to be (2) "reasonable" -- the "reasonable expectation of privacy" standard.

So far so good. But in the 1976 U.S. v. Miller case the Court explained that once you've shared information with another, even though you did so in confidence and for very limited purposes, you no longer have an expectation of privacy in that information, let alone an expectation that courts will consider "reasonable." In the Miller case the defendant, Miller, attempted to claim a Fourth Amendment right of privacy in the cancelled checks and other records and documents maintained by his bank. The Court decided those were the bank's records as much, indeed more, than Miller's. Thus, he had no "reasonable expectation of privacy" and law enforcement could get access to those records from the bank, without providing Miller the protections he would have received under the Fourth Amendment had law enforcement come to his home for "papers."

So it turns out that, not only have we turned over a vast amount of information about ourselves to private corporations, we have, thereby, essentially turned it over to the government as well (in many instances) and lost the rights of privacy we have in information never shared.

(5) Once we go to work it only gets worse. Employers can listen in on their employees' phone conversations, read their email, know what Web pages they've visited, track how many keystrokes they contribute per hour or day, and install video monitors throughout the workplace. Even if the employer pledges you have personal privacy with regard to any of the above, courts may reject an employee's reliance on that assurance.

(6) Are there instances in which a hacker acquires information they had no authorization to access, or for which they exceeded their authorization? Of course. The Defense Department gets millions of such hits. There was a recent example of exceeding authority at the University Hospital. One can imagine many more driven by simple curiosity, or a desire to help a friend (such as a bank employee providing a woman contemplating divorce information about suspicious regular checks drawn on the errant husband's separate account).

The Murdoch reporters, and the editors to whom they reported, had no business getting access to the voice mail of 9/11 victims' families, or those of British soldiers killed in action, celebrities, or the murdered young girl. It's not only boorish behavior and a violation of journalistic ethics, it also happens to be a violation of the criminal law.

But if we really care about maintaining some little bit of our remaining privacy regarding our images, speech, writing, movements, actions, circle of friends, financial transactions, medical records -- among other things -- we need to look well beyond the Murdoch Empire, however vast and evil it may be.

And we need to begin with the person we see in our bathroom mirror.

# # #

No comments: