---------- Forwarded message ---------- Date: Thu, 21 Aug 1997 08:18:14 -0700 (PDT) From: Declan McCullagh <declan@well.com> To: fight-censorship-announce@vorlon.mit.edu Subject: Response to Time cover on privacy Attached below is my response to a message criticizing the Time story. As always, I don't speak for Time Inc. These views are mine and mine alone. More info: http://pathfinder.com/netly/editorial/0,1012,1050,00.html -Declan ---------- Forwarded message ---------- Date: Tue, 19 Aug 1997 12:27:59 -0700 (PDT) From: Declan McCullagh <declan@well.com> [...] My view is that many so-called "privacy" proposals are in fact censorship in disguise. Society traditionally has allowed people to share information about each other //without// requiring that the speaker seek permission from a third party first. This is a good thing: otherwise, journalists would go out of business. Reporters -- as long as they don't violate common law rights like copyright and defamation -- legally sell personal information about individuals, for profit, all the time. (I've written elsewhere how gossip plays a useful role in every society and is not strictly regulated.) We should extend these same principles and free speech protections to the online world. Yet enemies of freedom argue that as our society becomes more digital, we no longer deserve some of the liberties we have enjoyed in more mundane times. Such arguments led to the diluted free speech protections of radio and TV broadcasting and the passage of the Communications Decency Act. Now we're hearing similar calls for abridged electronic freedoms in the name of preserving them. Some have argued that private firms sharing information about individuals, or recording information your web browser supplies, are such a threat to society that new laws are needed to restrict their actions and muzzle their speech. And, of course, a new Federal Privacy Commission! This schizophrenic approach means trusting the federal government to shield our privacy -- even though the same people are engaged in an increasingly fierce attack on it. (It also ignores the very real differences between government collection and use of databases compared to private ones.) Bill Clinton is the Clipper Chip president, the Digital Telephony guy. His administration's bureaucrats fight harder to maintain crypto export controls than any other. Then there's last year's anti-terrorism bill, the push for roving and multipoint wiretaps, and the FBI's itch to ban nonescrowed domestic crypto. Let's not forget the administration's quest for enormous voracious databanks that will be tied together -- airport security, travel records, national ID cards. These bureaucrats are supposed to protect our privacy? This is the same president whose policies ACLU legislative counsel Don Haines decries as "the Clinton-Gore effort to hardwire Big Brother into the information age." The ACLU even boycotted the June FTC conference, calling it a sham that wouldn't lead to any substantive "privacy protection" rules. THESE bureaucrats are supposed to protect our privacy? I have, I suppose, two more objections to a privacy agency. First, it would be a likely beachhead for those who would restrict free speech in the name of privacy. Second, who would be on this commission? Prof. Westin, whose positions you criticize? The DMA? Could we expect such an anti-privacy president as Clinton to appoint anyone who would do a reasonable job of reining in the Justice Department and other police agencies? Such an office is far more likely to serve as a front for anti-privacy forces inside the administration, much as NIST may front for NSA. In fact, a privacy agency may well //hurt// privacy, for if a co-opted privacy agency backs a bad bill, that endorsement will make it more difficult for others to criticize the measure. As for governments with privacy agencies, you hold up the example of some European countries. But these same countries have unjust policies that restrict free speech in the name of protecting privacy. That's hardly a tradeoff I can accept. Our modern "right to privacy" is a relatively recent invention in the U.S. Many privacy rights mostly date from an influential 1890 law review article co-authored by soon-to-be Justice Brandeis. In it, Brandeis and Warren argued that newspapers went too far and printed offensive information. But absent from their analysis was any consideration of how creating new rights to restrict the press would restrict free speech. Brandeis and Warren wanted to create a new property right in personal information. But this position is no more philosophically coherent -- and consistent with the principles of a free society -- than would be a rule establishing a "property right" in information about your appearance. (Then, presumably, if someone were to talk about you behind your back -- even if the gossipmongering were true! -- you could sue.) Not to mention that it's directly opposed to traditional views of property rights. Don't get me wrong: the government has an important place in society. The state should provide such vital functions as law, police, and courts. Criticisms of a new federal agency are hardly based on opposition to government in principle. You're thinking about anarchism, which I don't support. (Locke had it right: There can be no liberty without law.) Sure, I'm not overjoyed by the databasification of American society. I feel uneasy about Equifax and TRW-type databases. I abhor Safeway's discount card program that links my identity with my shopping habits. But just as I detest holocaust deniers, NAMBLA supporters, and homophobes, I recognize they have a right to speak. So, generally, does Safeway have a right to enact anti-privacy policies. Transactional privacy is not a right but a preference. For example, free speech is a right that strictly limits the government's ability to control what you say. We must demand a similar right of privacy from the government. But I give up my free speech "rights" when I voluntarily attend a college with a wacky speech code or go to work at a company with strict workplace speech policies. Similarly, I give up my privacy "rights" when I voluntarily go to unknown web sites, apply to rent an apartment where a credit check is required, or post to Usenet, etc. I have no general "right" to bar others from sharing informtion about me, even if it's behind my back. (To invent such a "right" would violate their free speech rights.) If consumers //want// privacy -- and I believe they do -- then they'll turn to businesses that provide and protect it. Perhaps I'll take my business from Safeway to Giant since I can get a discount card without giving my true name. In this way privacy becomes one of the many factors -- along with quality of merchandise, reliability, and price -- that consumers consider when they enter into a transaction. In other words: privacy can be protected by contract and common law. Advocacy groups are particularly well-poised to educate individuals and raise consciousness. Privacy flareups like Lexis-Nexis, AOL, and UPS have shown it's possible. Companies often will react to a public outcry by changing policies. If they don't, then privacy-sensitive customers will respond, and the market will remedy its own problems -- without the intervention of bureaucrats or federal privacy agencies. -Declan