Page 43 - Privacy in a Cyber Age Policy and Practice
P. 43

28  PRIVACY IN A CYBER AGE

           chapter instead recognizes the most significant difference regarding vol-
           ume: the difference between “spot collection,” the one-time collection of
           one or very few discrete pieces of information over a very short period of
           time, such as those carried out by speed cameras at intersections, Trans-
           portation Security Administration (TSA) agents during airport security
           screenings, and many CCTV cameras—and prolonged collections, includ-
                                            44
           ing wiretaps or continuous GPS tracking.  Those familiar with these issues
           may protest that certain spot collection programs are relatively compre-
           hensive because they capture all individuals who walk through an area, for
           example. However, as will be emphasized later, a large quantity of informa-
           tion can be collected without meaning being divined from the information
           through cybernation.
              The second concept of relevance to the dimension of volume is band-
           width, a term here used to refer to the collection of different types of
           information from or about a single subject. Collection of only one type of
           information, such as the metadata associated with an individual’s phone
           calls, e-mails, or locations, constitutes narrow bandwidth collection. By
           contrast, the collection of several kinds of information—say, phone call
           content  and voice data  and text message content  and  e-mail content—
           constitutes broad bandwidth collection. Bandwidth is important because
           when it is broad it allows law enforcement to gain a much more compre-
           hensive profile of the person under surveillance than when it is narrow, and
           diminishes privacy much more.
              One might argue that when high quantities of data are collected, even on
           a narrow bandwidth as is the case with “big data,” a comprehensive picture
           of the individual’s private life is created. However, these concerns do not
           take into consideration the limits on cybernation proposed by this chapter;
           limits that would apply particularly strongly to sensitive information. These
           limits—including a ban on cybernating insensitive information in order to
           divine sensitive information—would restrict, legally speaking, the ability
           to create such comprehensive pictures when they would be detrimental
           to privacy. For the CAPD to be effective, all three dimensions—volume,
           sensitivity, and cybernation—must be applied simultaneously. Considering
           high-volume collections without simultaneously considering the sensitivity
           of the information involved and the level of cybernation to which it is sub-
           jected produces an incomplete picture of the privacy violations—or lack
           thereof—caused by a particular collection. Unbounded “big data” may well
           blur the difference between collection and cybernation; however, “big data”
           limited by the suggested restrictions would be much less prone to damaging
           privacy.
              Just as the length of time surveillance is conducted or the number of
           messages collected by a search are crude but still useable measures of
   38   39   40   41   42   43   44   45   46   47   48