While I've got nothing to hide, I was chilled from driving to Trader Joe's at the mall this weekend when I read shopping malls now use Automated License Plate Readers (ALPRs) to track our locations and movements. There were two items I couldn't identify: a) why an ALPR bothered me, and b) whether I had something to hide. That's a lot of psychic RAM.
I was relieved yesterday to finally find in some levels-deep research, a taxonomy of privacy. With a guide to why invasions that are not technically invasions still bothered me, I could free up some space in my head and use that mental processing power for other endeavers.
Below is George Washington University law professor Daniel Solove's four-part "Privacy Taxonomy" in outline form, which he explains clearly and concisely in his widely cited academic paper 'I've Got Nothing to Hide' and Other Misunderstandings of Privacy.
I. Information Collection
- Surveillance
- Interrogation
|
II. Information Processing
- Aggregation
- Identification
- Insecurity
- Secondary Use
- Exclusion
|
III. Information Dissemination
- Breach of Confidentiality
- Disclosure
- Exposure
- Increased Accessibility
- Blackmail
- Appropriation
- Distortion
|
IV. Invasion
- Intrusion
- Decisional Interference
|
It's surprisingly hard to find definitions of privacy, which would have helped me articulate before yesterday how an ALPR violated mine.
After months of Googling, reading and link-hopping, I found in a blog post comment a pointer to -> an academic paper that in the footnotes cites -> a law professor's book, for which an Amazon review that was posted -> pointed this reader to an academic paper by that book's author, that finally, finally, points to a skeleton of why privacy surveillance bothers even people with nothing to hide.
But first, more about that cancelled shopping trip that below will flesh out this skeletal "privacy taxonomy."
While there's nothing shameful about shopping at Trader Joe's, I imagined mall employees sitting behind a screen showing video feed with little auto-generated rectangles outlining our license plates as we entered the parking lot.
I. Information Collection
- Surveillance
- Interrogation
“A privacy problem occurs when an activity by a person, business, or government entity creates harm by disrupting valuable activities of others. These harms need not be physical or emotional; they can occur by chilling socially beneficial behavior (for example, free speech and association) or by leading to power imbalances that adversely affect social structure (for example, excessive executive power)."
|
And I imagined these mall cops monitoring a CRT or flat-screen television seeing my first and last name floating to the right of an auto-generated rectangle outlining my license plate as I arrived.
(What's probably worse than a mall cop viewing me as I come and go, I thought, is that these location data points will be stored in a database forever. Which makes a trip to Trader Joe's more consequential now that ALPRs made surveillance en masse feasible and affordable for shopping mall managers. But again I didn't know why that bothered me as I have nothing to hide.)
II. Information Processing
- Aggregation
- Identification
- Insecurity
- Secondary Use
- Exclusion
"The second general category is information processing. This involves the storing, analysis, and manipulation of data. There are a number of problems that information processing can cause, and I included five subcategories in my taxonomy. For example, one problem that I label insecurity results in increasing people’s vulnerability to potential abuse of their information.57 The problem that I call exclusion involves people’s inability to access and have any say in the way their data is used.58"
|
I have nothing to hide, save for an unpaid parking ticket that I misplaced. But I decided not to go to Trader Joe's.
I also haven't emailed my friend Reed about a project idea, since I read in the Wall Street Journal last week that third-party developers surveil the contents of our gmail messages, even though Google anonymizes the gmail sender and receiver's names.
Maybe I should just stick with voice phone calls - even though the NSA monitors who we call and when, which never bothered me before, but does now for some reason I couldn't identify.
In the end I decided not to drive to Trader Joe's, and walked instead to the corner Walgreens, which I now know can sell the data of who I am and all over-the-counter drugs I ever purchased, to anyone it wants, without further consent from me.
III. Information Dissemination
- Breach of Confidentiality
- Disclosure
- Exposure
- Increased Accessibility
- Blackmail
- Appropriation
- Distortion
“Information dissemination is the third general category. Disseminating information involves the ways in which it is transferred—or threatened to be transferred—to others. I identify seven different information dissemination problems."
|
With a "Privacy Taxonomy" at last I can identify why this bothers me, and identifying the "why" of privacy frees up some psychic RAM.
IV. Invasion
- Intrusion
- Decisional Interference
"Finally, the last category involves invasions. Invasions are direct interferences with the individual, such as intruding into her life or regulating the kinds of decisions she can make about her life."
|
Most invasions happen in small increments. As Solove says: "In many instances, privacy is threatened not by singular egregious acts, but by a slow series of relatively minor acts which gradually begin to add up."
Solove’s academic paper “I’ve Got Nothing to Hide’ and Other Misunderstandings of Privacy” can be read in full here.
In the paper, Solove says that without a privacy taxonomy, cases get conflated and dismissed, or fail to gain recognition:
"Often, the philosophical discourse about conceptualizing privacy is ignored in legal and policy debates. Many jurists, politicians, and scholars simply analyze the issues without articulating a conception of what privacy means. However, conceptualizing privacy is essential for the analysis of these issues. Those working on legal and policy issues all have some implicit conception of privacy. In many cases, privacy issues never get balanced against conflicting interests because courts, legislators, and others fail even to recognize that privacy is implicated. It is therefore of paramount importance that we continue to work on developing a conception of privacy. But how? Why have existing attempts been so unsatisfying?"
(Cross-posted from my site www.offlinereport.net.)