Page 86 - Privacy in a Cyber Age Policy and Practice
P. 86

72  PRIVACY IN A CYBER AGE

           a given space at one point in time. The information collected is typically of
           low sensitivity; it merely reveals the kind of information people readily dis-
           play in public; whether they dress up or down, for example. And as a rule
           the information is not stored or collected with other information about the
           same person.
              On the other end of the spectrum is New York City’s “Domain Awareness
           System,” developed by Microsoft. It collects information from many differ-
           ent CCTVs across the city as well as other sources, such as speed cameras
           and radiation monitors, and possibly in the future of cell phone locators. It
           stores this information, combines it with other information, and analyzes
           it. The information originally collected in both situations is the same; it
           is the great difference in the level of cybernation that makes the second
           situation much more of a threat to privacy than the first.
              Finally, a fourth variable, accountability, deserves consideration. This
           variable measures the extent to which those who collect information have
           erected barriers to access by unauthorized parties and are subjected to
           supervision and oversight to ensure that they use the information legally
           and legitimately. These measures include firewalls, passwords, audit trails,
           supervisors, inspectors general, and congressional committees.
              All accountability measures limit cybernation, not collection. Some
           entirely prevent agents from gaining access to personal information, oth-
           ers limit storage of information by regularly deleting it or stashing it away
           where it can only be accessed with additional judicial scrutiny, and still
           others minimize or de-identify information so that it cannot be analyzed
           as efficiently. Less cybernation occurs when accountability measures are
           robust. (Ideally, accountability mechanisms would be built into the design
           of future technologies.) And where cybernation is limited, fewer privacy
           violations will occur even if the volume and sensitivity of information
           collected by a given actor are considerable. Conversely, if databases lack
           accountability mechanisms, the risk of privacy violations will be high even
           when the information under consideration is of lower volume and sensi-
           tivity, because of the potential to draw inferences through unauthorized
           secondary usages.

                                   G. Conclusion

           “Privacy protection” has long meant according special protection to private
           spaces such as houses, cars, and containers. We have seen that this association
           has been criticized, for good reason, as both over- and underprotecting pri-
           vacy on various grounds. An earlier attempt to fashion privacy as based on
           other foundations than the barriers of private spaces, in Katz, largely failed.
           This chapter suggests that using the volume of information collected, its
   81   82   83   84   85   86   87   88   89   90   91