Do We Have Privacy Rights Anymore?
It has been and most likely will be, debated until the end of time: our right to privacy. Here I tackle what privacy means to us and whether we have privacy rights in this day and age.
Back in the 14th century through to the 18th century, people went to court for eavesdropping and for opening and reading personal letters and from the end of the 19th century, this shifted to personal information being controlled in order to protect one’s privacy.
It has been mooted for decades and extends outside what we may deem as our privacy rights today. When we mention ‘privacy’, we may be taken to early 2018, to the Facebook – Cambridge Analytica data scandal, or to the EU’s GDPR regulation which was implemented, again, in 2018. But privacy extends further than that, to issues involving contraception, interracial marriages and abortion (think Roe v. Wade). And it is such cases that have shaped our society and law around privacy today.
A brief history into privacy
A major article written by Samuel Warren and his legal partner Louis Brandeis advocating privacy rights was published in 1890 in the Harvard Law Review. “The Right to Privacy” argued that privacy is inherent in common law and generates various privacy ‘torts’, such as the disclosure of private facts (such as the aforementioned examples). Where some counter-argued that such rights can offer protection for the privileged, Warren and Brandeis still managed to pave the way for future legal cases regarding privacy.
And while the US Constitution, to this day, does not specifically mention a right to privacy, the Supreme Court has noted that it believes this right exists in the “penumbra” of several other, enumerated rights
William O. Douglas – an American jurist and politician who served as an Associate Justice of the Supreme Court – quoted Brandeis in the Public Utilities Commission v. Pollak case in 1952, regarding whether the radio broadcasts on public transport was a violation of freedom and privacy: “The beginning of all freedom” is “the right to be let alone” thus the right to privacy. “The right to be let alone”, Brandeis – who was an Associate Judge at the time- quoted this in the Olmstead v. United States case in 1928, where Roy Olmstead’s conviction was in part based on evidence gathered through government wiretaps, is “the most comprehensive of rights, and the right most valued by civilized men.” Even though the Court originally held that neither the Fourth Amendment nor the Fifth Amendment rights of the defendant were violated, the decision was later overturned by Katz v. United States in 1967. This case somewhat altered privacy rights in America, as the decision expanded the Fourth Amendment’s protections from the right of search and seizures of an individual’s “persons, houses, papers, and effects”, as defined in the Constitution, to include “what [a person] seeks to preserve as private, even in an area accessible to the public” as a constitutionally protected area.
And while the US Constitution, to this day, does not specifically mention a right to privacy, the Supreme Court has noted that it believes this right exists in the “penumbra” of several other, enumerated rights, such as the Third, Fourth, Fifth, and Fourteenth Amendments, and as such, citizens are entitled to it under the catch-all provision of the Ninth Amendment. This has shaped privacy, in the US, to this day.
How much risk is posed here if we mindlessly click ‘agree’, or how much of our lives are now actually private?
What is ‘privacy’ today?
So, the right to privacy has been a much-debated issue for a very long time and it seems as society develops, so does our concern for privacy. Once upon a time, postcards were seen as a threat to our privacy and now, we don’t give them a passing thought as we have bigger qualms at hand: should we ‘accept cookies’, allow our phones to track our movement, or download the latest craze, such as TikTok and risk our precious data being shared amongst strangers? How much risk is posed here if we mindlessly click ‘agree’, or how much of our lives are now actually private?
If I take myself, as an example: I don’t post a vast amount on social media – I could be abroad and my Facebook friends would be none the wiser as I like to exercise my right to privacy. But, simultaneously, my phone will sift through my emails and recognise I booked a flight and it needs to notify me when I ought to leave the house so I make my flight on time; it will recommend sights for me to see, hotels to stay at, it will keep track of where I visited, how long for, how many steps I did that day, what restaurants I visited, what photos I took at that specific location, so when I land back home, it can collate all this information and email me a mini 21st-century ‘scrapbook’ on my adventure. My tiny phone is more aware of what I did on my holiday than my own mother. Does it bother me? Not so much, because all of these features are convenient and I am actively deciding what I share and what I keep private – which seems to be the centre of many debates and legal cases (such as the aforementioned Katz v. United States case). If my phone was hacked, however, and all my information was leaked, even though I lead a very boring life, I would be concerned to how my privacy was violated and who now has all that information at hand, yet I would have to still acknowledge that I allowed my phone to track my every move and that information was always available and at risk of being available to somebody else. It is not until external parties, such as the government, want to access that data that everything becomes a little too 1984 and we feel like our privacy rights are being breached.
The global pandemic is the perfect example of this constant battle we have with privacy and our control over it.
As written more succinctly in The New Yorker, people tend to invoke their right to privacy when it serves their best interests: “People are inconsistent about the kind of exposure they’ll tolerate. We don’t like to be fingerprinted by government agencies, a practice we associate with mug shots and state surveillance, but we happily hand our thumbprints over to Apple, which does God knows what with them.”
Freedom vs. privacy: What do we want more?
The global pandemic is the perfect example of this constant battle we have with privacy and our control over it. When governments across the world began to consider or release contact-tracing apps, many very apprehensive for obvious reasons: it screams a movement towards an Orwellian era. The app, which works by recognising when two phones are close together for longer than a set period of time (and if one user is later diagnosed with the coronavirus, an alert can be sent to the other), would enable the government to potentially track where you were and who you were with. The idea that the government would have a mass amount of data in their hands, didn’t sit right with people, including many people close to me. But as soon as I questioned their reasoning and asked ‘but do you care what cookies you accept or what information apps can access?’ they soon came to realise that they are not as concerned with their right to privacy as they thought, as they all simply don’t take any notice to what Instagram is tracking.
There is clearly a societal need and purpose for utilising location-based data for the greater good.
Nonetheless, it was understandable why they were apprehensive. Norway’s health authority had to delete all data gathered via its COVID-19 contact-tracing app and suspend further use of the tool as the Smittestopp app represented a disproportionate intrusion into users’ privacy. The UK government was also forced to abandon a centralised coronavirus contact-tracing app after spending three months and millions of pounds on its development and switched to an alternative designed by the US tech companies Apple and Google after being promoted as more privacy-focussed, leaving epidemiologists with access to less data.
Speaking to Mike Ingrassia, President and General Counsel at Truata, he explains that the COVID-19 pandemic seems likely to enhance this sense of unease among consumers regarding the use of their data. “On the one hand, consumers’ digital footprints are being expanded at a record-breaking pace as their lives move ever more from the physical to the digital realm. This is quickly increasing the amount of personal data that companies hold regarding their customers – and incentivising those companies to monetise that data more aggressively in order to thrive during the pandemic-induced recession”, he shares.
“On the other hand”, Mike expands, “The response from governments to the COVID-19 pandemic has already raised many concerns when it comes to contact tracing apps, mobile location data tracking and increased surveillance. However, as the world continues its fight against the spread of COVID-19, it has become vital for governments to assess how they can use data for social good.”
But why do we mindlessly allow Zuckerberg to store our data, but panic when the government wants access?
There is clearly a societal need and purpose for utilising location-based data for the greater good. But only if it is used responsibly. Governments must ask themselves whether appropriate safeguards and technologies are being applied so that they are not, in using that data to benefit society, failing to protect the rights of the individuals behind that data. “Questions that need to be considered include what type of personal data is being shared, for what purposes and for how long?”, says Mike.
There is no doubt that consumers have a growing awareness of the value of their personal information, and they are increasingly concerned with how it’s being used, both by public and private entities. It is not yet clear whether the introduction of GDPR and other more stringent global privacy laws has moved the dial on customer trust, as there still appears to be widespread confusion and distrust amongst consumers on how their data is being collected and who it is being shared with.
At the end of the day, the government is trying to do what it has always done: conduct surveillance of individuals and groups if they suspect they are presenting a danger to society. But why do we mindlessly allow Zuckerberg to store our data, but panic when the government wants access? Is our data in better hands when Facebook is using it, or with the government?
But in this day and age, when privacy almost correlates with data and our online activity, we lack full control over how private everything is.
And as Mike explains to us, even though most governments will in good faith want to use data responsibly, they will likely lack the tools and expertise to do so on their own. Private sector assistance, such as the provision of cutting edge, privacy-enhancing data analytics technologies so governments can responsibly get powerful insights from their data, will be needed. “One of the most effective ways for governments to obtain such powerful insights from unique, large data sets responsibly will be to fully anonymise those data sets first, better enabling them to extract value from their citizens’ data without compromising the privacy of the individuals behind that data”, Mike tells us.
Taking an approach such as this, leveraging the best privacy-enhanced data analytics technologies available from the private sector, such as powerful anonymisation solutions and related analytics tools, will allow governments to unlock life-saving insights from data, without sacrificing the privacy rights of its citizens.
“In the aftermath of the COVID-19 pandemic, this might be one of the greatest opportunities for responsible coordination among the public sector and the private sector. If they can both embrace this opportunity – if governments have the courage to use their data innovatively, and the self-restraint to do so responsibly, and if technology companies have the creativity to offer governments the tools to do so – we will all benefit.”
It is a fickle scale, where our need for control lies on one scale, and our trust in the technology lies in another. Perhaps we are more concerned with our right to freedom and liberty, as that is what shaped Roe v. Wade and Public Utilities Commission v. Pollak. And if we really think about privacy in this day and age (data, data and more data), we do somewhat lack full control of who has it and where it goes.
Do we care about privacy or are we actually aiming for liberty and freedom?
Rethinking what privacy actually means
Let’s think about one of the most discussed laws of 2018: GDPR. Privacy was at the heart of this EU regulation, but in reality, the new measures were partially rolled out to help people better understand the way in which information is collected and used and was designed to “harmonise” data privacy laws, providing greater protection and rights to individuals. It gave the average citizens more control and freedom over what they choose to share and left organisations with more liability if they breached privacy rights. It wasn’t to restrict companies’ access to our data per se (although companies were given less mobility in this area), it was to allow us to decide what we wanted to remain private. It is the same point that was mooted when postcards were invented – if you felt threatened that your mail was going to be read and thus breach your privacy rights, you had the option to use an alternative method; if you don’t trust a website with your cookies, you now have the option to refuse access. We have some control over our data and what we keep private but if we want to fully enjoy the world of Siri, we have to trust in the technology and be aware that our device is constantly listening and waiting for you to call its name.
The government is aware of our right to privacy. The Fourth Amendment in the US acknowledges that. The UK’s Data Protection Act acknowledges that. “The right to be let alone is the most comprehensive of rights”, and authorities will recognise that if we feel like our privacy is being violated, we will speak about it. But in this day and age, when privacy almost correlates with data and our online activity, we lack full control over how private everything is. In a survey conducted by EY, they found that nearly half (46%) of survey respondents’ number one or two concern is not having a clear picture of where personal information is stored or processed outside of their main systems and servers. Once data enters the internet, it will be accessed and logged and stored and analysed and compared with a billion other pieces of data, it is almost impossible to legislate data access away. So, is any of our data truly private anymore? Do we care about privacy or are we actually aiming for liberty and freedom? Is it time for us to rethink what ‘privacy’ means to us now and what it truly is in the current age?