-- HamiltonFalk - 01 Dec 2008

Threats of Obama technology policy to privacy.

While the Obama Technology Policy is surely an improvement over the policy of the previous administration (in that it exists), there are some dangers to privacy and autonomy if it is implemented without safeguards. The simple fact that Obama is aware of the internet, creating a website that is more like a myspace page than something a traditional politician puts on the net and is committed to increasing access to broadband connections create risk, although only by hurrying the inevitable and giving privacy advocates less time to act. It is some of the other policies that are more dangerous, such as online health records, online government records and information, enhanced controls over children’s viewing options, increased IP protection and the assumptions implicit in his suggests for protecting privacy. All of these risks are relatively simple to avoid, but they require the knowledge and will to do so.

Perhaps the most obvious potential risk is Obama’s promise to place more government data, decision making processes (with citizen input), financial information and more online, even creating a search engine for these things. The placement of all this information onto the internet, where it was previously inaccessible, seems to increase the chances that secret information (such as tax information) will be released. Its also is a deliberate reduction of the privacy of public figures, lobbyists, officials and government contractors. This is actually the least threatening issue, because the threat of information leaks are so obvious that there will surely be safeguards, and because the previously mentioned figures are not entitled to privacy, at least in the public actions that would be publicized.

Another relatively obvious risk is from Obama’s proposed creation/proliferation of electronic health records. This increases the already present risks from placing personal information online (see http://emoglen.law.columbia.edu/twiki/bin/view/LawNetSoc/SharmilaAchariPaper1). Here again, the risk is limited, as Obama has already stated the need to protect such information, and the administration’s consideration of the issue will almost certainly have a positive effect, since such records would otherwise be created through non-public organizations with less regulation.

The proposed parental controls, primarily software for controlling access to certain content, software that limits the information children can reveal and “increased enforcement resources and forensic tools for law enforcement, and collaboration between law enforcement and the private sector to identify and prosecute people who abuse the Internet to try to exploit children.” The first two are threats to the privacy and autonomy of children, both by their parents (which is presumably not a problem) and by outside actors. Unless the system is a primitive white-list of content parents have explicitly approved, the banned content (or allowed “safe” content) would need to be supplied by an outsider, creating opportunity to control the information available to minors. The potential of allowing such sites to monitor the activity of some people, in order to better create standards, is also a danger.

More worrisome is the suggestion that police be allowed better ability to search out people who “try to exploit children” (presumably sexually, not going after Saturday morning cartoon advertisers pushing sugary cereal). This, combined with the suggestion of collaborating with the “private sector” suggests that an Obama administration would allow and even encourage monitoring of private communication and internet use, and revealing the people (at least potential child predators) behind the IP addresses. This creates a dangerous slippery slope towards allowing similar monitoring of suspected terrorists, drug-traffickers, identity thieves and poker-playing internet gamblers. In light of this, focusing on child-side protection may be a better alternative.

Obama’s promise to “update and reform our copyright and patent systems to promote civic discourse, innovation and investment while ensuring that intellectual property owners are fairly treated” seems like an excellent idea, but creates its own risk. Since traditionally the voice of the intellectual property owners, such as the RIAA or MPAA, have advocated a version of being “fairly treated” that allows them to track down and sue internet pirates, there is a real danger that such reform could take the form of allowing greater investigative authority into such activity. Any system that creates incentives on ISPs to monitor their users or allows entertainment industry investigators to do the same thing would result in a massive violation of privacy, akin to sharing library lending records with such people (if people used the library for hours every day for a multitude of tasks). On the other hand, this entire risk could be eliminated if copyright were altered in such a way that lessened the incentive of the entertainment industry to do this sort of spying. What such changes would be is a topic for some other paper.

Finally, the assumptions implicit in what Obama suggests to “Safeguard our Right to Privacy” suggest that there are dangers there as well. He plans to restricting how information in “powerful databases containing information on Americans that are necessary tools in the fight against terrorism”, which reveals that he plans to keep such lists. There is no reason the citizenry should be comfortable with the government possessing such information, no matter how well it is kept from being misused, as defined by the government. Obama also plans to update laws to ensure that investigation and intelligence-gathering is only done under the rule of law. This is an improvement over the current situation, but with no description of what that rule of law will be, there is still substantial risk to privacy. Finally, related to the child protection law-enforcement issue, Obama plans to increase the FTC’s enforcement budget to track down “cyber-criminals” who spam us. This creates a similar danger of allowing government agencies to closely investigate internet users online activity.

[For the purposes of this paper I will be assuming the stance taken in this position paper: http://www.barackobama.com/pdf/issues/technology/Fact_Sheet_Innovation_and_Technology.pdf are true. All quotes are directly from the paper. Feel free to comment on any changes that may have been suggested more recently, but for a short paper I think it makes more sense to have a single solid policy statement to comment on.]

  • Commenting on campaign position papers is usually useless even during a campaign. Reading once quickly shows which constituencies the campaign considers it must pander to, and all issues of how to compromise among the competing positions then taken are of course postponed.

  • Here you take the additional step of observing, as one can, that every measure to expand use of data about citizens in government raises privacy concerns. Reiterating the concerns at each locus is merely repetitive, however--the issue is what the systemic policies are, and on this point you are more concerned to reject the campaign's statements than to inquire what, in the world of nuanced phoniness that is campaign rhetoric, they actually meant.