Here's a multiple-choice test on privacy for the fin de siècle:
Which theory best embodies the future of privacy in the next millennium?
A. Advances in electronic data processing, miniature surveillance cameras, and new business techniques threaten privacy. All information will inevitably become public, so the only way to manage it is with a matrix of government regulations and personal vigilance.
B. Encryption technology will protect privacy by scrambling communications and stored data with unbreakable codes. The cypherpunks see a future in which things are bought with anonymous digital money, and business transactions are conducted between cryptographic pseudonyms. Central government will essentially break down in the face of a libertarian technological onslaught.
Answer: C. None of the above
Both the theories are dangerously flawed. Although they mean well, the people who promote these views ultimately do more harm than good to the fundamental rights of privacy they are trying to protect.
The privacy-is-dead theory
These theorists' credo is that technology already threatens our age-old notions of privacy. Since the 1960s, computers have allowed businesses and governments to construct massive databanks that track our movements. Ever-shrinking video cameras, microphones, and radio transmitters make it possible to place electronic bugs virtually anywhere. Breakthroughs in genetic testing, psychology, and advanced advertising techniques make it possible to anticipate our future and influence our actions.
Such theorists have thrown up their hands and declared privacy at a dead end, with science-fiction author David Brin in the vanguard. In an article called The Transparent Society, published last year in Wired magazine, and in a forthcoming book by the same title, Brin argues that not only is privacy dead, but we will have a positively egalitarian, enlightened, more pleasurable society to live in once we are ridded of this medieval scourge.
"If Western civilization has one new trick in its repertoire, a technique more responsible than any other for its success, that trick is accountability," Brin writes. Video cameras, especially video cameras located in police stations and in the halls of justice, will make everybody - including government - accountable for their actions.
The cypherpunk theory
The cypherpunk vision is as radical as the dead-privacy lot. Cypherpunks, a staunchly libertarian group, hold that the greatest threats to individual privacy and liberty come from centralized governance. The only protection for the individual against central authority is the ownership of weapons. In a digital age, that means cryptography, which allows people to communicate, associate, and conduct business without fear of surveillance.
Unfortunately, neither of these visions do a good job of providing answers to some of the most difficult privacy issues facing our society today. I'll tell you why.
Junk mail
Although it seems petty, unsolicited mail is one of the leading privacy issues of our time. Whether delivered by the postal service, Federal Express, or the Internet, many people find junk mail an unwanted intrusion into their lives. Junk mail wastes people's time and leaves them wondering, "How did these people get my name?" The cypherpunks have an easy answer: Instead of using their real names, people should use digital pseudonyms. But what happens when these aliases start getting their own junk mail? A cypherpunk would advise using some sort of intelligent filtering to redirect the "bad" junk mail to the trash and keep the "good." But unless you want to close your electronic gates entirely and never receive mail from anyone you don't already know, there will always be a way for marketers to get through your filters. Ironically, the more effort you spend to keep out the marketers, the more valuable access to you becomes.The dead-privacy lobby has a different answer: Instead of trying to keep your name secret, this group advocates making large amounts of personal information available. The theory is that marketers won't waste their time sending you dog-food advertisements if they know you don't have a dog.
This argument fails because people's tastes and needs are not fixed in stone. Sometimes people buy dogs. People have friends who have dogs. And even if you think you will never, ever allow yourself to be manipulated by advertising - even if you kick little puppies at the shelter - there is no way for a marketer to know that you are a lost cause. It's better that they hit you with an unwelcome ad than miss a sale.
Medical records
Traditionally, medical records have been society's most tightly held personal records. The obligation to maintain patient confidentiality is widely regarded as one of the most basic responsibilities of medical professionals. But patient confidentiality is at odds with the basic way in which health care is delivered and paid for in the United States. There is wide agreement that medical records should only be used for providing patient care, says Dr. Harold Goldberg, a general internist at the University of Washington Harbor View Medical Center, and an expert on medical informatics. But medical records are frequently used for other purposes - such as determining eligibility for insurance, or even by employers to determine if a person should be hired or not."Insurance companies will sell their records to employers so that employers can know who is costing them more," says Goldberg. "Those kinds of practices should be outlawed."
The dead-privacy solution is to open everybody's medical record. The alternative, they say, is what we have today - privacy only for those who can afford it. The theory is that everybody has some sickness or genetic defect. If everyone's problems are revealed, we will all be more understanding, and no one will be discriminated against.
The blatant weakness in this argument is that everybody doesn't have the same medical history. Some people are quite frankly healthier than others. The second problem is that medical information is likely to be interpreted unfairly - especially by people who lack advanced medical training. Instead of reducing discrimination, the free flow of medical information would more likely be used as a pseudoscientific justification for pre-existing biases.
Cypherpunks suggest a technological solution to the medical-privacy problem: Encrypt everything. Everyone would carry their unique medical history on a smartcard. Store an encrypted backup safely somewhere else.
But doctors like Goldberg are worried about these kinds of technological fixes. They fear that in an emergency, it would be impossible to decode or even locate a person's medical history. The essential question becomes ...
Are you willing to die for your right to privacy?
What's really going on here is that for decades, American society has used privacy to treat the symptoms rather than the underlying social problems and their causes.
Our law-enforcement agencies have committed terrible crimes under the color of law, so new privacy protections and rights have had to be created to protect citizens' freedom. In the 1970s, divorce was seen by society as a sign of moral failing. So we passed laws and policies exempting alimony from income taxes; those measures protected divorced citizens from the shame of reporting their divorce publicly. Another example: People with AIDS have been denied insurance, lost their jobs, and had their houses burned, so the medical profession developed a system for anonymous testing.
Institutional privacy is a big, blunt tool for guaranteeing freedom. By creating systematic inefficiencies, it raises costs for all. Meanwhile, lost in the arguments of both the dead-privacy vanguard and the cryptographic privacy elite is the real purpose of privacy - to maintain dignity, autonomy, and personal freedom.
With that in mind, let's reinterpret the privacy issues we will face in the next century:
The real issue isn't that the FBI wants free reign to crack codes and bug telephones. Nor is it that civil libertarians say the FBI can't be trusted with such powers because of its history of institutional abuse. The real issue is that astonishingly lethal technologies are now widely available throughout society, and that the crazies who are turning to biological, chemical, and radiological warfare are usually unknown to police before they first strike. How can society reasonably protect itself from random acts of terrorism without putting every single person under surveillance? ### Genetic autonomy
Breakthrough advances in genetics will make it possible to predict disease, behavior, intelligence, and many other human traits - and all with differing levels of accuracy. By its very nature, the different information about different people will change how they are perceived and treated. How could it be possible to treat people fairly and equally when there is irrefutable scientific evidence that they are not equal? How can genetic information remain confidential when it is shared between families, between ethnic groups? How could our own genetic makeup be kept secret when we are constantly shedding DNA from our bodies into the environment? ### Intellectual-property management and microsurveillance
Within a few years, you might pay 2 cents to view a document on your screen, 5 cents to store it on your hard drive so you can search it at a later point in time, and 1 cent for permission to send it to a friend (who would then have to pay their own license fees as well). It might cost you 10 cents to subscribe to a newspaper if you tell the publisher your name, 50 cents if you tell them just your age and sex, and a dollar if you wish to receive it anonymously. Splitting up rights like this will lower the cost of information for almost everybody except a few heavy users - users who will likely have the means to afford higher prices. But to keep track of all these rights, and to make sure that people aren't cheating, our computers will have to be turned into surveillance machines. The future of privacy resists simple answers. Instead, it's a future in which different people will have different levels of privacy, different amounts of control over their own information and their lives. I see a future in which privacy is increasingly a commodity. For the wealthy, privacy will cost more but be a higher priority. For the poor, what little privacy they have might be surrendered in light of other needs.
Privacy could be the crowbar that finally splits the classes apart for good. We already have the financially rich and financially poor, and the information-rich and information-poor. But we may soon add the privacy-rich and the privacy-poor. And that could be the biggest threat to democracy yet.
This column also appears in HotWired's Synapse section, where technology and culture connect.
