Le Devoir
le mardi 23 septembre 1997

An Attempt to Define the Five Most Important
Privacy Issues

by Michel Venne, mvenne@qbc.clic.net

With the participation of nine prominent privacy experts from around the world to the invitation of Michel Venne, journalist, Le Devoir, a Montreal based French daily newspaper, in the context of the International Conference on Privacy, held in Montreal 23-26 September 1997.

Every participant was invited by e-mail to write what he or she perceived as the five most important privacy issues that are presently confronting people or are emerging. All the answers were collected during August and September 1997 and this synthesis has been written by Michel Venne and delivered on September 22nd. Time was missing to allow to the nine experts to send back their reactions to this text. But further exchanges are still possible. Readers are invited to send their own comments to Le Devoir (www.ledevoir.com).

The nine experts who accepted to participate in this exercise are the following:

Colin J. Bennett is an associate professor of political science at the University of Victoria. He is the author of Regulating Privacy, Data protection, and Public Policy in Europe and United States (1992).

Herbert Burkert is an associate with the German National Research Centre for Computer Science.

Roger Clarke is a consultant in application of information technology and visiting fellow with the Faculty of Engineering and Information Technology at the Australian National University.

Simon Davies is a founding member and the director general of Privacy International, and he is a visiting fellow with the Computer Security Research Centre of the London School of Economics.

Cecilia Jimenez has been deputy secretary general of the Philippines Alliance of Human Rights Advocates.

Pierrot Peladeau is one of the best known privacy experts in Quebec and Canada and is now scientific coordinator of the telehealth ethics programme of the Centre for Bioethics at Clinical Research Institute of Montreal.

Marc Rotenberg is the director of the Electronic Privacy Information Centre, based in Washington DC, and is a professor at Georgetown University Law Center where he teaches the Law of Information Privacy. He is the author (with Philip E. Agre) of Technology and Privacy: The New Landscape (1997).

Andre Vitalis is a professor at the Centre d'étude des médias, Université de Bordeaux, and author of Informatique, Pouvoir, et Liberté (1988).

Alan F. Westin is one of the best know privacy expert around the world. His book, Privacy and Freedom, published in 1967, is still considered like a reference. He is a professor at the Columbia University.

Everybody has his own idea of what is an issue. Though some of our nine specialists produced a list of some of the new threats to privacy brought by technology -- DNA profiling, ID and smart cards, camera surveillance, biometric identifiers -- others put the discussion at another level and targeted some political challenges we face or personnal attitudes one should adopt if we want to protect privacy as the world is changing under the pressure of technological innovation, globalization, and downsizing of governement activities. So, it became impossible to make a list that would reflect a spontaneous consensus about what are the "five" most important privacy issues. Maybe we could achieve this goal after a longer discussion. But anyway, it doesn't matter. Despite the different approaches adopted by our select club of experts, it is still possible to identify common concerns. Moreover, we have to consider and accept the fact that the stakes are numerous and linked with other values than privacy itself.

To engage the public

The first thing that appears to be common to many members of the panel is the necessity to engage the public in a discussion or in any kind of action about or to protect privacy. As Marc Rotenberg stated it, "we will have as much or as little privacy as we, as a society, are prepared to protect". If, during the seventies, we saw around the industrialised world a collective reaction against the spectrum of Big Brother, we have to admit that the resistance to new devices that, in fact, facilitate intrusions inside one's private life, has lessened. The youngsters, would say André Vitalis, are more vulnerable. "If, starting during your childhood, you are accustomed to be designated by a number, it is difficult to imagine that, when you'll be an adult, you will believe there is a problem using this way to designate a human being", says Vitalis.

"The greatest threat to the future of privacy", would add Herbert Burkert, "will be the many good reasons for which WE are willing to give it up". What are those assumed good reasons? They have "four only too human and therefore forceful roots", says Burkert: "indolence (why should I bother showing my passport when I can just put my hand into this plam-reader); fear and yearning for security (we must keep an eye on those people who are different and therefore up to no good; it is in their genes, let us have a look); greed (I just want to have this free sample so why not filling out this questionnaire); and avarice (why should I give my hard-earned money via social security systems to other people; they should at least constantly prove to me that they are no crooks)". Cecilia Jimenez observed that "populations generally take the path of least resistance because of the alleged benefits as well as because of unperceived threats to their rights".

The redefinition process of what is privacy

Here arises one of the five main issues identified by Pierrôt Péladeau: the redefinition process of what is privacy. In fact, says Péladeau, the right to privacy, the value of privacy "no more has a commonly accepted definition" and that has some important consequences. How is it possible to build a strong constituency out of the public high concerned "without a clear and meaningful definition of the value or right to be defended", as the environmentalist movement succeeded to do?

In the sixties, Péladeau writes, "fears for individual freedoms were great enough to call for some informational self-dermination of the citizens. This call was so successful that today in (too) many western circles "privacy" is now equated only to the application of personal data protection principles and law, if not only to confidentiality. (...) Meanwhile, many of integrist or authoritarian persuasions as well as many technocrats are more and more openly stating that privacy is either an obsolete value altogether or should be radically redefined, for instance to permit extensive use of personal information in research, or its free commercialization, or its systematic use to counter crime and fraud. Conversely, there are those for which privacy is first a political value. Among them, those who use privacy as the spearhead of some anarchist stand; those who, on the contrary, consider privacy as a democratic issue where the State clearly has a role to play in its protection; those who tend to disolve privacy into a larger civil libertarian framework where values such as freedom of speech are paramount".

So what is privacy? The simple definition summarised in the sentence: the right to be left alone, seems no longer to be enough. Or, as Colin Bennett believes, maybe privacy is a too much "elusive subject" to be captured in a set of specific issues. "Privacy issues are only issues because of the context", he says. In his book (Regulating Privacy), Bennett wrote that there is a "recent and widespread recognition among privacy advocates that data protection cannot continue to be seen as a discrete and separate political issue. Privacy, in an instrumental or strategic sense, is inextricably linked with a variety of other information policy issues, such as computer crime, international data flow, computer vulnerability, copyright, and access to information. Data protection policy should be conceived and implemented as just one problem among many in the increasingly interdependent and interconnected information society".

But Marc Rotenberg, for one, gives an advice to his colleagues. His fourth big privacy issue is "to end the myth of balancing privacy interests". He adds: "One of the easiest ways to avoid a debate about the future of privacy protection is to say that we must balance privacy against other competing interests. This is the answer of a person who does not understand an issue. The protection of privacy requires making choices". Why? Because (fifth Rotenberg big issue) we have "to act now" before technology wins over our law, our customs and our sense of community, Rotenberg writes. "We need to pursue privacy solutions with great determination and imagination" and encourage policy makers to explore new privacy policies. Rotenberg believes that "a politician who does not have recommendations for how to address the public's concern about privacy will not be able to govern in the twenty-first century".

One could have a look to the list of issues submitted by our others panelists to be convinced that many innovations are threatening privacy and must be regulated or forbidden. Vitalis stress an important point. It is true that many countries adopted some laws or other mesures to protect privacy. But this protection is often limited to classical computer technology. Regularly, innovation is the occasion for large public or private administrations to bypass the regulations and to collect, exchange and use growing amounts of personal information. Vitalis put two examples: camera surveillance and the use of cookies on the Internet to collect without the knowledge of the user personal data about him or her.

Camera surveillance

The growth of visual surveillance in public space is identified by four other (Westin, Clarke, Péladeau, and Davies) of our nine experts as one of the emerging most important privacy issues. The danger, says Roger Clarke, is that "the public will become inured to such intrusions into behavioural privacy, but will in the process constrain their behaviour on the assumption that they will be observed. This is the classic "chilling effect", which seriously retards creativity, diversity, and the exercise of democratic freedoms".

The growth of visual surveillance is a phenomena arising around the world. The camera systems, says Simon Davies, use sophisticated military technology. "They often have infra red night vision, automatic tracking, remote control, audio channels, and a zoom so powerful that it can scrutinise your facial blemishes in full colour at two hundred yards. Central control rooms are being equipped with sophisticated computer and telecommunication technology which link directly to police computer systems". It could include microphones to detect conversations. "Originally installed to deter burglary, assault and car theft, in practice", adds Davies, "most camera systems have been used to combat so-called 'anti-social behavior' or to track the movement of individuals 'of interest' and to monitor public meetings, marches, and demonstrations".

The power of an elite vs empowerment of data subject

The evidence is not very difficult to find that a loss of privacy, in terms of growth of the surveillance, has an impact on other human rights. This is even more true in countries where human rights violations are systematic, says Cecilia Jimenez for whom the most important issue is the implementation of national identification cards linked, of course, with centralised population database systems. The access of that information by government agencies can and is "used for population control, including indirect subversion of the exercise of peoples' rights, through information manipulation", per example, during elections. "The use of such centralised databases deepens the hold of powerful elites, private and public".

Here is the issue of privacy put in terms of power.

So to protect privacy, maybe one way would be to put the power, the control over information, in the hands of the person. That's what Herbert Burket identify as one important privacy issue: empowering the data subject through technical means like "encryption applications combined with anonymous biological identifiers". Berkert says that the technology allows to build electronic systems that permit anonymous transactions even when money is involved. We are talking a lot, for a couple of years, about technologies enhancing privacy. Alan F. Westin put on his list of issues the "access to strong encryption by online users". Rotenberg would probably had put it on his list too if I would allow to participants to get more than five issues, if we consider the battle of EPIC against the restrictive encryption policy followed by the american administration. And Simon Davies put on his own list as an issue the development of new standards around the world to render telecommunications devices "wiretap friendly" that "will set a matrix for the establishment of flawed and weak encryption policy".

The pursuit of perfect identity: biometrics and DNA

According to Roger Clarke, the increasing tendency for organisations to convert hitherto anonymous transactions into identified ones, is one of the most important privacy issue. The majority of transactions that people conduct are anonymous, says Clarke. But the purpose of organisations is to increase the data-intensity of their relationships with individuals. "This enables them to draw inferences about each individual's behaviour and preferences, and thereby detect behaviour that is against the organisation's interests, and manipulate the individual's behaviour". The problem, would add Burkert, is that "with the help of information technology, we are unlearning the social capacity of trust. In fact today we tend to ridicule people who have trusted someone without a technical backup. So when we employ someone, when we rent out something, when we give a credit, when we give out social security we are no longer prepared to take risk and want to look through the person we are dealing with".

As a result that organisations, public or private, are developing technologies that permit what Simon Davies call "the pursuit of perfect identity". He classify in this category all means of biometric identification (use of fingerprint, palm print or pattern of rods and cones on the retina). The use of genetic test information and DNA profiles can be considered as an extreme use of biometric identifier and bear many risks of discrimination and the multiplication of compulsory testing procedures, writes Roger Clarke. Westin and Davies too identifies DNA or genetic information as an important issue to deal with.

Moreover, according to Davies, this "pursuit of perfect identity threatens to bring the world back to a village system of fixed and irrevocable identities". Davies recalls that "the ability of individuals to move anonymously in society, or even to have multiple identities, has been one of the most important factors in the evolution of human society. It has also been a key element in the maintenance of free thought, free speech and democratic development". The use of a single biometric identifier, says Davies, "will have the effect not just of manacling the citizen to the machinery of the State, but also of providing a link between all data systems". One of the danger, says Roger Clarke, is that "if it becomes common to have to present a chip bearing a biometric identifier, there will be a tendency to mount it in the only carrier that can be relied upon to be with the person at all times, why not, to install it in the person's body". Data matching (the process of linking systems, by a biometric or anotherone identifier) "should be avoid at all costs", says Davies, who put the "interoperability" of information systems on his list of issues. Why? Because the idea of functional separation is at the core of privacy protection.

Internationalization of the issues

Of course, the globalization is a phenomena that, by itself, is an issue regarding the protection of privacy. Westin put his finger on the more specific issue of transfers of consumer and employees data by businesses. Jimenez point out the practice of transfering data for processing to third world countries where, obviously, there are no kind of protection for this personal information that include sensitive one like criminal or medical records. Police corps are now exchanging more and more personal data around the world. That means, adds Péladeau, that "the decisions over issues are more and more taking place in international settings rather than national ones. This implies that various interests have to organize themselves internationally", including privacy advocates, of course. One of the problem of the internationalization of the issues maybe harmonization of data protection standards, says Vitalis. This harmonization could have a bad effect, the one to lessen the level of protection in application in a country in favor of a less effective international standard.

For example, Roger Clarke mentions that one of the main privacy issues is the "failure of the American public to appreciate the need for publicly-funded watchdog agencies". American people, politicians, and institutions "continue to subscribe to the myth that individuals, in their roles both as consumers and as citizens, can exercise control over the actions and behaviours of large organisations. It is a myth, because the imbalance of power is so great, and the capacity of individuals to form organisations with sufficient countervailing power has been limited. There is a danger", says Clarke, "that this myth may migrate to other countries".

Democratization and Accountability

If the internationalization of the issue can have that kind of impact, Davies points out that the outsourcing (or contracting-out) of information technology services from governments to private sector is, as well, an "extremely dangerous trend because it places data in a market context and removes or erodes lines of accountability".

To face all those challenges, stakes or issues, Rotenberg would suggest to pursue a wide range of privacy solutions combining law, technology, practice, and codes. Others would prefer to rely upon the individual responsability. But Péladeau has another proposal. In his view, what is the most important thing is the "democratization of the design, normative, and implementation processes of personal information infrastructures". The idea is to assure that before a new infrastructure will be put in place or developed, people will have a say, within institutions that already exist (like parliaments) or other ones, about the necessity of it and about how it would work. Péladeau often promoted what he calls the need for public social evaluation of information infrastructures (like the Internet, DNA sampling bases, taxpayers databanks, telehealth information systems, encryption public key infrastructures, and so on). But Péladeau believes that democratization implies to consider issues beyond privacy and data protection, if not to redefine privacy itself.

Copyright © 1997 by Le Devoir. All Rights Reserved. Reprinted with permission.