According to professor in information science Helen Nissenbaum data protection should apply for all types of information – and not just personal information. In her book ‘Privacy In Context’, she argues that we have a dicotomatic understanding of privacy: something is either private and needs privacy protection or it is public and accessible. But such conceptualization of privacy in a digitalized and recorded society has implications on how we implement data security.
Traditionally and especially in political and law work, there has been a conception of privacy as the right to control information about ourselves with a foundation in a dichotomy of private and public. Generally, a right to privacy is associated with the private, and the right to privacy therefore only applies to a limited set of privileged information – personal information.
In the Public “Anything Goes”
A private/public distinction of information can be problematic in the light of digital information technologies, as these technologies according to professor Nissenbaum “radically alter the terms under which others – individuals and private organization as well as government – have access to us and to information about us in what are traditionally understood as private and public domains” (Nissenbaum 2009: p. 117).
The traditional approach to privacy as a public/private dichotomy implies that in the public “anything goes”, and therefore data and information which is publicly accessible are not under the protection of privacy. But according to Nissenbaum this neglects a range of situations and she formulates a right to “privacy in public”.
She defines public surveillance: as systems and practices that are outside the scope of a right to privacy defined by the private. (ibid.: p. 114).
Seen by Hundreds, Noticed by none
Earlier we could walk on the streets and be “seen by hundreds, noticed by none” – but the digital information technologies give rise to radical changes in our capacities to conduct public surveillance, and therefore Nissenbaum argues that there is a need to protect privacy even for data accessible in the public sphere (ibid.: p. 116-117, 119).
An example to illustrate: On a particular day, say Thursday May 16th 2019 a young women on a bike is observed at Langelandsgade in Aarhus by a co-cyclist, wearing a denim jacket, a pink dress, and a black backpack; by another she is observed to be buying coffee in the Nobel Park at the University; by a third, overheard a discussion with her roomie; later that day spotted at a political event for activism against surveillance; and that evening buying tickets for a show at the theater. A privacy skeptical could argue that “all these activities occur in the public eye, no single of them would be considered particularly threatening or intrusive” and therefore the collection of such data is not a violation of privacy.
No one will argue that we have a right to walk on the street and never be seen by anyone. But “before” people could count on the disinterest in details about them, and therefore there has not been a need for assigning ownership or even worrying over this kind of data. But as soon as this is documented, stored, and used in profiling the result from the calculation on public data becomes personal. From “public observed” data, the data scientists can with a great probability deduce highly personal information as sexuality and political orientation. And if we are maintaining our dichotomic understanding of information we will not overcome the potential violations of privacy.
With digital information technologies, “the observes might be coordinated: network systems of video cameras, footage and analyzed at a central point, able to recorded and conjoined with past records” (ibid: p. 118) and used to make a detailed profile of a specific individual. By doing so the collection of “public observed” information is no longer unproblematic because, with the organized data collection, individuals are becoming transparent.
Clash between FBI and Facebook
This summer FBI has solicited Facebook and other social media platforms to collect publicly available data on the users. According to an article on WSJ.com the wishlist from FBI includes the ability to “obtain the full social media profile of persons-of-interest and their affiliation to any organization or groups,” based on publicly accessible data the users themselves has shared with Facebook. But this is in conflict with Facebook’s privacy policy whom in recent years have tightened access to user data and will not allow software designed for large-scale collection and analysis of user data.
And this is where the clash occurs.
It is not necessarily problematic to manually visit and scroll a user profile on a given platform, but the scenario of FBI – an outside entity – systematically collecting public data in massive scale the information change character and contains the potential to become a privacy violation. The possibility to build detailed profiles of individuals contains echoes of the Cambridge Analytica controversy.
A controversy which has led to “a growing understanding that even information posted to a public social network can be misused when gathered in large quantities and paired with outside data sources”.
As Nissenbaum writes; unwanted access to knowledge and information about a person is not restricted to personal and private information. Due to the surveillance potential in digital information technologies, there are no clear boundaries between the private and the public. The standard for privacy has not changed, rather the threats are different (Nissenbaum: pp. 118), and our understanding of privacy can no longer rely on the private/public dichotomy.
Ida Marie Schytt Lassen is studying philosophy and computer science at the Aarhus University.