Computers, Privacy & the Constitution

Assessing Online Privacy

-- By NevfelAkkasoglu - 4 May 2021


Online privacy, which is just one aspect of privacy, has become at the center of the privacy debates, probably partly due to the internet's infrastructural evolution and the emergence of ubiquitous big tech. However, privacy is not just a trendy fad. It is, by nature, one of the characteristics that distinguish the human species from other living things.

The net, a tool that has the potential to advance the human race through easy sharing rapidly, has been so abused by the profit-by-ads-centered business mindset that it is reduced to a giant surveillance mechanism. As of now, few can imagine what the internet would look like without technology monopolies, unfortunately. As big players get fatter, and their relationships with governments grow stronger, privacy concerns arise: On what basis can people claim online privacy?

Can Data Ownership Help?

Some assert that creating ownership over information, treating your information as property, presumably as intellectual property, would help. However, this approach is flawed not only because the application of IP laws to online information is dissonant [Fn1] but also the very premise of the ownership of information itself. Claiming ownership for non-tangible things is an inherently complicated business. History testifies it: Nobody ever disputes the ownership itself for tangible things, and foundational physical property laws have hardly changed for centuries. But the intellectual property ownership has always been subject to existential disputes because of its controversial roots and artificial nature. Health data can show, as an example, its ineffectiveness: Currently, patients do not own the data generated in their health records; HIPAA established privacy rules for this data and enabled it to be shared with third parties, including the government, for the public health purposes. However, even if patients own that information, it is almost impossible to make a case that data ownership would give patients any more control than they now have: The government can already acquire data whether via Constitutional "takings power" or granting this power to private parties, as it currently does with "HIPAA Waiver." Granting ownership rights to the information produced online would be like building on a sand ground, let alone a relief for privacy.

Moreover, viewing privacy in terms of ownership and property raises another problem: how to specify the property. Information is not tangible property, and it does not even possess a distinguishing feature that intellectual property enjoys to some extent. For example, assuming that users own the property of the information created in their Facebook profiles, and if they want to sell information such as their connections or photos of friends they tagged, the following question must be asked: Is this really "your data" to sell? In other words, do other people in your profile have the chance to approve or disallow this transaction? Obviously, drawing lines around data makes commodification claims impracticable. Also, there is virtually no online instance where only one party is involved. So, would each party assert property claims over information related to joint activities? In addition, the ownership approach leads to bargaining asymmetry. Given the billion-dollar data brokers on the other side of the table, it is impossible to realistically "price" the value of highly subjective online information because what your data will mean in a different context and the potential impact of its use are unpredictable.

Thus, data ownership does not seem to be able to address privacy concerns in the online territory.

Privacy as an Inalienable Right

Inalienability is defined as any restriction on the transferability, ownership, or use of an entitlement. An entitlement is considered inalienable to the extent that its transfer is not permitted between a willing buyer and a willing seller. While it is not new to view privacy rights as inalienable, [Fn2] this concept appears to be the most appropriate understanding of privacy in the online context. Efforts to conceptualize a privacy framework that allows society to gain control over information should recognize the "human" factor in the data. [Fn3] In order to remain free and autonomous in their actions, one should not fear any harm to their integrity by others. In this sense, preserving human integrity is closely related to taking full advantage of inalienable rights such as privacy because digital presence entails digital integrity. And it makes no sense to exclude human integrity from digital platforms.

Inalienable rights are so fundamental to being a human that they cannot be transferred or waived. Privacy is a fundamental human right, such as the right to life or liberty, not a commodity that one can trade. Information related to oneself is the core component of the right to privacy itself. Treating and trading a person's online information like a commodity is just as absurd as receiving compensation for giving up your freedom. Even if one is not aware that they have the right to privacy, they do have it. It is an inalienable right that originates from being a human. And it cannot be ceded to third parties by consent or opt-in/out mechanisms. The misunderstanding stems from the illusion of using everyday expressions such as "my data," "sell my data," and this implies a false impression of "ownership" on privacy. However, privacy is a right, which is entailed by human integrity, not a property that is marketable. [Fn4] Therefore, it is absolute respect for a fundamental human right, not data ownership, that would protect online privacy.

"Inalienable" has become a synonym for "absolute." This is not what Thomas Jefferson means when he talks about an inalienable right to the pursuit of happiness.

Alternatives to rules of property are not limited either to anarchism or anti-transactional paralysis. The usual alternative to a rule of property, in fact, is a rule of liability.

Fn1: See here [anomalies of creating intellectual property for individual’s data.]

Fn2: See the U.N. Universal Declaration of Human Rights Article 12; California State Constitution Article 1 Section 1.

Fn3: “Personal data are constituting elements of the human person.” reads the resolution of the AFAPDP, adopted on October 18, 2018.

Fn4: We can live very well in a world without privacy tracking-advertising business models; this would not leave people in an abject state. Instead, it would create an environment in which there is less intrusion and more deliberate mental production.

You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" character on the next two lines:

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.


Webs Webs

r4 - 07 May 2021 - 15:39:21 - EbenMoglen
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM