Privacy On The Street: Fighting the Wrong Enemy

Why haven’t Massachusetts cities installed traffic light violation cameras, like New York and many other cities, that capture the license plate number of a vehicle running a red light and automatically send a traffic ticket?   Traffic-light violation cameras significantly reduce intersection violations and pedestrian injuries.  Critics cite possible privacy violations and the possibility that the vehicle owner may not be the driver breaking the law.  But neither argument has merit.  Just as a landlord can be held responsible for the public nuisance created by his tenants, a car owner is responsible for the behavior of anyone to whom she willingly lends her vehicle.  And breaking the law automatically cancels a person’s privacy rights. 

When it comes to privacy, we’ve got it backwards.  Perhaps the intangible nature of digital information has misled our instincts and reversed our judgment, so that in matters concerning privacy we denounce things that are harmless while allowing things that can cause real harm.  Traffic-light violation cameras are not an invasion of privacy; giving business firms access to our registry database information is.

(I suspect that the underlying reason people oppose traffic light violation camera, even those set up to only capture license plate numbers on cars that run red lights, is the desire not to have to pay the fines if we don’t change old habits.  And just to be clear:  I am equally disgusted by imbecile bicyclists who fly into busy intersections — no matter what color the traffic signal.)

While there are some (inadequate) laws limiting government data collection, there are almost no limits in this country on the private sector.  As a result, there is currently so much data about each of us floating around in purchasable databases (mostly collected and used by the private sector) that nearly everyone in this country can be identified, and a credit card applied for under their name, if a searcher only has three data items:  date of birth, five-digit zip code, and gender.  A recent paper lists 16 ways that new technologies have undermined privacy including aggregation of separate sources, increased geographic accessibility, insecurity during storage or transmission, leaks, ease of surveillance, and distortion.  (“A Taxonomy of Privacy”, Daniel Solove, University of Pennsylvania Law Review, 2006).

Perhaps our laxity about commercial data collection occurs because we tend to think of privacy as related to intimacy — about things close to us:  personal conversations and letters, our rooms or homes, our bodies, our whereabouts.  We tend to be less protective about less personal things – things about us rather than part of us or our immediate environment, things like information about our purchasing habits or our email address.  So we register our email address on every website we visit.  We provide details about our purchasing habits in exchange for cents-off coupons.  We give our social security numbers to store owners and over the phone.

Jim Hightower once said that right-wing talk radio hosts were cowards because it took no courage to endlessly denounced the government while remaining silent about the private firms whose advertising paid their salaries.  The American public shares some of that cowardice, tending to be more outspoken about government data collection than private sector intrusions – despite the reality, as the Bush-run National Security Agency showed, that government can manipulate private sector systems for surveillance.  But even so, after some initial controversy Americans seem quite willing to allow turnpikes to use central server-based databases to run their automated toll-collection systems like Fast Lane and Easy Pass.  And New Yorkers seem willing to trade the increased safety provided by traffic-light violation cameras for the capture of locational information.  We submit our electronic tax returns to the IRS.  We seem willing to trade privacy for convenience – although, in Massachusetts, not always for safety.  We don’t even have the European Union’s rules (radical by our standards, but actually quite modest) that control individually-linked data by both governments and business.

During the early 1990s I spent five years on the national board of Computer Professionals For Social Responsibility.  This was when the Information Superhighway became the Internet and then the Web, and one of our core issues was technology-related privacy.  We did our best to fight against the growing reality that our commercially-driven national information infrastructure was being built in ways that both undermined data privacy and allowed authoritarian censorship – even though more democratic technologies existed.  Despite the media-hyped fantasies of the techno-utopians, CPSR was right and, fortunately for us all, still exists and still deals with vital issues.  But based on my experience, I think we have three choices to deal with the technology-related aspects of privacy.

We can demand that our entire information system be redesigned and rebuilt from the ground up.  Since even radical change usually happens incrementally in ways that modify rather than overthrow the past, such a total transformation is unlikely to occur even if it is what is really needed.

On the other extreme, we can give up and proclaim that privacy has been already lost.  When the National Security Agency can record every telephone call made by every person in the entire country, perhaps this is the most honest approach.  But the implications are very scary.

In the middle lies a strategy that continues to push for meaningful control of data collection, particularly by currently under-regulated non-governmental firms, while requiring that we get a better return for those aspects of control over our own data destinies that we agree to release – at least demanding that our safety be protected.

Take our website survey!