Law in the Internet Society

View   r3  >  r2  ...
LiranNackerSecondEssay 3 - 21 Feb 2017 - Main.LiranNacker
Line: 1 to 1
 
META TOPICPARENT name="SecondEssay"
Changed:
<
<

Is the current status of Privacy an ecological disaster?

>
>

The Current Status of Privacy is an Ecological Disaster

 -- By LiranNacker - 15 Dec 2016

Introduction

Changed:
<
<
Privacy is typically viewed as a transactional good with a transactional nature. Whether this practice in which people contract away their personal information is viewed as welcome or inherently dysfunctional, there can be little doubt that we are complicit in allowing it to occur. Viewing Privacy through “ecological glasses” might put the problem into greater focus and provide a far more useful perspective in which to examine it.
>
>
Privacy is typically viewed as a transactional good with a transactional nature. Consequently, focus is placed on regulating the transaction – that is, on the kind of consent required for collection of data, on what constitutes informed consent and on how the collecting entity may use the data. Whether this practice, in which people contract away their personal information is viewed as welcome or inherently dysfunctional, there can be little doubt that we are complicit in allowing it to occur. Viewing privacy through “ecological glasses” might put the problem into greater focus and provide a far less myopic and more useful perspective in which to examine it.
 
Changed:
<
<

Is Privacy a Public Resource?

>
>

The Environmental Nature of Privacy

 
Changed:
<
<
Professor Moglen argues in a 2014 article in The Guardian, that we have misunderstood the nature of privacy, stressing that private surveillance that came into existence through the forces of the free market, has turned into an “ecological disaster”. He further argues that “privacy is about our social environment, not about isolated transactions we individually make with others”. Under this framing, as he further demonstrates, when individuals make a “personal decision” to contract away their privacy, they are also contracting away the privacy of others that they correspond and interact with – and therefore derogate from the right as a whole.
>
>
Professor Moglen argues in a 2014 article in The Guardian, that we have misunderstood the nature of privacy, stressing that private surveillance that came into existence through the forces of the free market, has turned into an “ecological disaster”. He further argues that “privacy is about our social environment, not about isolated transactions we individually make with others”. Within this framing, as he further demonstrates, when individuals make a “personal decision” to contract away their privacy, they also contract away the privacy of others that they correspond and interact with – and therefore derogate from the right as a whole.
 
Changed:
<
<
In keeping with this view, if we have misunderstood the nature of Privacy, if we have mistakenly viewed Privacy as a transactional good between two parties rather than a “public resource” in the sense that the choice of the individual affects the right of many – then really what we have here is a crisis that is not being dealt with in the proper manner or with the proper tools, or in other words: an ecological disaster without an EPA.
>
>
If, in keeping with this view, we have misconstrued the nature of privacy, perceiving it as a transactional good between two parties rather than an “environmental resource” in the sense that the choice of the individual affects the right of many – then really what we have here is a crisis that is being dealt with in an inappropriate manner – without the proper regulations or tools. In other words, we have an ecological disaster without an EPA.
 
Changed:
<
<

Disaster management

>
>

An Environmental System of Legislation

 
Changed:
<
<
In keeping with our view of Privacy as being transactional, we have been focusing on regulating the transaction – that is, on the kind of consent required for collection of data, on what constitutes informed consent and on how the collecting company may use the data. Consequently, in some territories the party contracting away his or her privacy is required to opt-in before information can be collected; in others, full disclosure by companies in their Terms of Service of how data is collected and shared is required, and users must have the option to opt-out. In the US, Laws have been carefully crafted to protect certain kinds of data such as HIPAA for health privacy; FCRA and GLBA for financial data; FERPA for academic records; and consumer data is protected from deceptive and unfair practices through Section 5 of the FTC Act. The user in the EU has a “right to be forgotten”, and EU data protection requirements limits the transferring of personal data outside the EU. But what is the relevance of this progress in the frame of Privacy as an ecological issue? What does it mean in the context of the claim that some personal information should not and cannot be contracted away?
>
>
If privacy is a “social environment”, then the legal framework of environmental legislation may well be applied here as well. As in the fight against climate change, air pollution by factories and even, in the scope of health regulation, intervention in the sale of cigarettes and restriction of their use in public spaces – the government has the obligation to regulate privacy as an environmental resource, and educate users on the ecological effects of their online decisions.
 
Changed:
<
<
If Privacy is an ecological matter then, from the outset, it requires some form of paternalism regarding dos and don'ts, agreed upon standards of liability and perhaps global uniformity on several matters. If we are applying standards for protection of environmental resources to Privacy, this approach empowers legislators to hold “polluters” accountable for their actions, and encourages legislators to take a more paternalistic approach on certain matters. For example, based on the model of environmental legislation, it would be easier to regulate the input of health metrics or (irreplaceable) biometric identifiers, such as fingerprints, retina and facial prints to the Net – identifiers that appear to play a critical role in strengthening security of digital payments in the move towards “going-cash-less”.
>
>
Similar to the government’s war against polluting factories or cigarette and tobacco companies, fighting the war against “privacy pollution” requires a measure of paternalism regarding dos and don'ts, agreed upon standards of care, rules regarding damages and global uniformity in abating dangerous privacy nuisances. By applying standards for protection of environmental resources to privacy, we are advocating an approach that empowers legislators to hold “polluters” accountable for their actions, and encourages them to take a more paternalistic approach in certain matters. In keeping with the model of environmental legislation, it would be preferable, as an example, to regulate the input of health metrics or biometric identifiers to the Net.
 
Changed:
<
<

Why time is of the essence

>
>

Battling Privacy Polluters

 
Changed:
<
<
If Privacy is a public resource, then it is resource at immediate risk of massive pollution. It is only a matter of time before we have succeeded in connecting the rest of the world to the Net, and surrounding mankind with mobile and wearable tech, IoT? devices and drones. Despite the obvious benefits, these achievements are “mass polluters” that raise fateful questions about our politics with respect to privacy: information we are allowed to contract away vs what not; fair value of the information contracted; rules of accountability; and corporate use and sharing of the information collected.
>
>
Under an ecological analysis, current forms of commercialization of privacy, typically examined through the notion of “consent” – would require revision. Where the regulator determines that “privacy pollution” is taking place, the following steps would have to be taken:
 
Added:
>
>
(i) Step 1: In certain instances, users would no longer have the option of contracting away their privacy. If privacy is no longer a transactional good, then a user’s consent to contract away his/her privacy in return for free services would be deemed irrelevant. Once again, a good example in this regard would be to prohibit the use of health metrics or biometric identifiers. For this to be effective, legislators would have to rethink the current form of behavior collection and information flow, currently encompassing the information industry.
 
Added:
>
>
(ii) Step 2: Companies would be held accountable for permitting such (previously regarded as transactions and now) “pollutions” to take place. Accountability in this regard might be considered in terms of a two-tier structure: (a) holding companies accountable for collection, storage and analysis of data (whether actively or passively collected) that the legislator and regulator have determined cannot be contracted away by users, transferred to third parties, or used to predict commercial behavior; and (b) holding companies accountable for their users’ “privacy pollutions”. For this to be effective, “privacy pollutions” by users may need to be excluded from the broad protection provided to Internet platforms by Section 230 of the Communications Decency Act.
 
Changed:
<
<

Too MUCH too late?

It may be too late for a change of heart. For years, both companies and consumers have benefited from the approach to Privacy as a transactional good. Companies operating in the free market within the boundaries of the law, have provided consumers with free services, in exchange for collecting online behavior and subjecting consumers to ads. Consumers, most of whom are totally incapable of understanding the potential consequences of their actions, have conveniently bought into the thinking that what they get in return for their information is far more valuable than any information that they provided. However, if Privacy is a “social environment”, then the legal framework of environmental laws must apply here as well. In the same way that we have gradually succeeded in fighting climate change, air pollution by factories and even intervened in the sale of tobacco and cigarettes and restricted their use in public spaces – online users can be educated to better understand the importance of their Privacy; companies can benefit from business models that are consistent around the world, as well as from growing trust by their users; and both players could benefit from a world in which aspects of privacy are commercialized according to their real market value.
>
>
(iii) Step 3: Holding users accountable for “polluting” other people’s right to privacy. In the same way that none of us can choose to pollute our air or water sources, and in the same way that smokers can no longer smoke in public and subject others to the harmful effects of nicotine – users whose online actions contract away the privacy of others, may very well be held accountable for nuisance (in addition to any other cause of action that may arise from their “polluting behavior”).
 

Conclusion

Changed:
<
<
If privacy is really a matter of “social environment”, as Professor Moglen argues, then its current status is a disaster of an “ecological” kind – requiring legislators to rethink the way we view and protect the right to privacy. If we have misunderstood the nature of privacy all along, we owe it to the next generation, who will be born into the consequences of this untreated ecological disaster, to open a serious debate, at this critical technological turning point, on the transactional nature of privacy and establish a set of clear ethical and legal standards for regulating it.
>
>
If privacy is really a matter of “social environment”, as Professor Moglen argues, then its current status is a disaster of an “ecological” kind – requiring legislators to rethink the way we view and protect the right to privacy, and to establish a set of clear ethical and legal standards for regulating it. This form of rethinking is long overdue, as privacy is clearly an environmental resource at immediate risk of massive pollution. It is only a matter of time before we have succeeded in connecting the rest of the world to the Net, and surrounding mankind with wearable tech, IoT? devices and drones. Despite the obvious benefits, these achievements are “mass polluters” that raise fateful questions about our politics with respect to privacy. We owe it to the next generation, who will be born into the consequences of this untreated ecological disaster, to rethink the transactional nature of privacy, and lay the foundations for a social environment in which technology innovation is encouraged while online users’ privacy is maintained.
 
Deleted:
<
<

Rather than piling up "ifs," an improved draft could just begin from the assumption of ecological rather than transactional analysis. Then the elements posed here as conclusions (social standards of care, damages rules based on broader harms, state power to abate dangerous and acute nuisances) would be jumping-off points rather than tentative conclusions. A real effort to design environmental systems of legislation---with their effort to require impact assessment before conducting development and reviewable decision-making in the development and use of common resources---with respect to social information flows and behavior collection, could then occupy the bulk of the space in that draft, which might be immensely productive.

 \ No newline at end of file

Revision 3r3 - 21 Feb 2017 - 02:06:20 - LiranNacker
Revision 2r2 - 12 Feb 2017 - 21:21:17 - EbenMoglen
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM