Tuesday, March 1, 2011

Swire: How Individual Rights Can Both Encourage and Reduce Uses of Personal Information

Social Networks, Privacy, and Freedom of Association

By Peter Swire | February 28, 2011

Governments are concerned about protecting the privacy of social network users and other online activities. Yet a previously unaddressed question is precisely how to create privacy rules without jeopardizing the freedom of association inherent in these networks’ very existence.

The ongoing political transformation in Egypt highlights the crucial role that social networks play in helping individuals organize politically. Facebook was central to the initial sweep of Egyptians onto the streets of their nation’s main cities, allowing dispersed individuals to organize effectively. And democracy protesters could fear, if the popular movement to displace President Hosni Mubarak had not been successful, that the regime would be able to track them down individually, in part through their Facebook accounts.

At precisely the same time that everyday Egyptians were pouring out of their homes in protest, the U.S. Federal Trade Commission was receiving comments on how new online technologies, including social networks, affect privacy. The FTC request obviously did not spark protests across American cities but many here in the United States share the worries of those Egyptian protesters when it comes to privacy, including privacy of their political views but not just political privacy. These deeply held worries about information sharing must be considered given the growing role of social networking in our society—from Barack Obama’s successful online political campaign that helped propel him into the presidency in 2008 to the Tea Party’s successful social networking activism beginning a year later.

This report explores the tension between information sharing, which can promote the freedom of association, and limits on information sharing, notably for privacy protection. Although many experts have written about one or the other, my research has not found any analysis of how the two fit together—how freedom of association interacts with privacy protection. My analysis here, which I offer as a “discussion draft” because the issues have not been explained previously, highlights the profound connection between social networking and freedom of association.

At the most basic level, linguistically, “networks” and “associations” are close synonyms. They both depend on “links” and “relationships.” If there is a tool for lots and lots of networking, then it also is a tool for how we do lots and lots of associations. In this respect, social networks such as Facebook and LinkedIn are simply the latest and strongest associational tools for online group activity, building on email and the Web itself. Indeed, the importance of the Internet to modern political and other group activity is highlighted in a new study by the Pew Foundation, which finds that a majority of online users in the United States have been invited through the Internet to join a group, and a full 38 percent have used the Internet to invite others to join a group.

This new intensity of online associations through social networks is occurring at the same time as social networks and other emerging online activities receive increasing scrutiny from policymakers for privacy reasons, including the Federal Trade Commission, a recent report on privacy from the U.S. Department of Commerce, and a process underway in the European Union to update its Data Protection Directive. All these government efforts are concerned about protecting the privacy of users of social networks and other online activities, yet a previously unaddressed question is precisely how to create privacy rules without jeopardizing the freedom of association inherent in these networks’ very existence.

I stumbled into this tension between association and privacy due to a happenstance of work history. I have long worked and written on privacy and related information technology issues, including as the chief counselor for privacy under President Clinton. Then, during the Obama transition, I was asked to be counsel to the new media team. These were the people who had done such a good job at grassroots organizing during the campaign. During the transition, the team was building new media tools for the transition website and into the overhaul of whitehouse.gov.

My experience historically had been that people on the progressive side of politics often intuitively support privacy protection. They often believe that “they”— meaning big corporations or law enforcement—will grab our personal data and put “us” at risk. The Obama “new media” folks, by contrast, often had a different intuition. They saw personal information as something that “we” use. Modern grassroots organizing seeks to engage interested people and go viral, to galvanize one energetic individual who then gets his or her friends and contacts excited.
In this new media world, “we” the personally motivated use social networks, texts, and other outreach tools to tell our friends and associates about the campaign and remind them to vote. We may reach out to people we don’t know or barely know but who have a shared interest—the same college club, rock band, religious group, or whatever. In this way, “our” energy and commitment can achieve scale and effectiveness. The tools provide “data empowerment,” meaning ordinary people can do things with personal data that only large organizations used to be able to do.

This shift from only “them” using the data to “us” being able to use the data tracks the changes in information technology since the 1970s, when the privacy fair information practices were articulated and the United States passed the Privacy Act. In the 1970s, personal data resided in mainframe computers. These were operated by big government agencies and the largest corporations. Today, by contrast, my personal computer has more processing power than an IBM mainframe from 30 years ago. My home has a fiber-optic connection so bandwidth is rarely a limitation. Today, “we” own mainframes and use the Internet as a global distribution system.

To explain the interaction between privacy and freedom of association, this discussion draft has three sections. The first section explains how privacy debates to date have often featured the “right to privacy” on one side and utilitarian arguments in favor of data use on the other. This section provides more detail about how social networks are major enablers of the right of freedom of association. This means that rules about information flows involve individual rights on both sides, so advocates for either sort of right need to address how to take account of the opposing right.

The second section shows step by step how U.S. law will address the multiple claims of right to privacy and freedom of association. The outcome of litigation will depend on the facts in a particular case but the legal claims arising from freedom of expression appear relevant to a significant range of possible privacy rules that would apply to social networks.

The third section explains how the interesting arguments by New York University law professor Katherine Strandburg fit into the overall analysis. She has written about a somewhat different interaction between privacy and freedom of association, where the right of freedom of association is a limit on the power of government to require an association to reveal its members. As discussed below, her insights are powerful but turn out to address a somewhat different issue than much of the discussion here.

Peter Swire is a Senior Fellow at the Center for American Progress and the C. William O’Neill Professor of Law at the Ohio State University.
Read the full report (pdf)
Download the executive summary (pdf)
Download the report to mobile devices and e-readers from Scribd

No comments:

Post a Comment