• No results found

Privacy and security in big data : beyond the trade-off model

N/A
N/A
Info
Downloaden
Protected

Academic year: 2021

Share "Privacy and security in big data : beyond the trade-off model"

Copied!
95
0
0

Bezig met laden.... (Bekijk nu de volledige tekst)

Download het nu ( 95 pagina )

Hele tekst

(1)

Privacy and Security in Big Data; Beyond the Trade-Off

Model

Abstract

This study combines an inquiry into the current way of viewing the relation between privacy and security in politics, with a normative description of how politics should deal with the relation of these concepts. It will focus on the debate around the PRISM program, and from this draw some broader conclusions about privacy, security and its relation. First of all it studies to what extent there is an emphasis on a ‘trade-off’ between security and privacy in the debate around PRISM, and what other perspectives can be uncovered. Then it will explain why we should view privacy and security as mutually strengthening concepts, and how PRISM violates our security through the violation of our privacy.

Master thesis Nynke Damstra

10296506 Wijsbegeerte van een bepaald wetenschapsgebied & Politicologie: International Betrekkingen Beate Roessler & Marieke de Goede

(2)

Preface

This text is my master thesis for Politicologie, specialization Internationale Betrekkingen (Political Science, International Relations) and Wijsbegeerte van een bepaald Wetenschapsgebied (Philosophy of a Scientific Field). As such some parts are meant to be reviewed for my Political Science grade, while others are written for Philosophy. The first and second chapter are written for both programs, since these consist of a sketch of the context and reasons for this research and are as such of importance for both fields, yet do not contain the body of my research. The third chapter should be graded for political science since it consists of an empirical study into a current situation. While the fourth chapter consists of a normative analysis of how the situation should (ideally) be, therefore this should be seen as the part of my thesis written for my philosophy master. The first part of the conclusion, section 5.1.1, is again a political science part. The second part of the conclusion, section 5.1.2 is a philosophy part. Finally the last section of my conclusion, section 5.2, is relevant for both fields.

The reason I have opted to write a combined thesis, rather than two separate ones is because my topic is located on a cross-roads between Political Science and Philosophy. On the one hand there is the current situation, which is interesting to research, since it is still an active and ongoing debate. On the other hand, there is, in my opinion a wrong within the current situation, therefore I chose to develop a philosophical reasoning as to how to right this wrong. I believe that to be able to prescribe how some type of situation should be, we need to have knowledge of how it currently is. Also, to merely describe a current situation, without critically assessing it is, to me, a lost opportunity.

(3)

Table of Content

Chapter 1: General Introduction

1.1 Introduction 1.2 The Trade-off Model 1.3 PRISM

1.4 Research Question

1.4.1 Expected Results 1.5 Importance of the Topic

1.6 Limitations and Key Assumptions

Chapter 2: Historical Perspective and Current Debates

2.1 Privacy 2.2 Big Data

2.2.1 Big Data and its Uses 2.2.2 Meta- vs. Content Data 2.3 Security

2.4 Historical Overview of Privacy as a Concept 2.4.1 History of Privacy in the US 2.4.2 History of Privacy in the EU 2.5 Governments, Big Data, Privacy and Security

2.5.1 The Current Situation in Europe 2.5.2 The Current Situation in the US 2.5.3 The EU and US (Safe Harbour)

Chapter 3: Discourse Analysis of the Debate around PRISM

3.1 Methodology 3.2 Source Selection

(4)

3.3 Conducted Research 3.4 Results

3.4.1 Official Statements by the Obama Administration 3.4.2 Statements in US Congress

3.4.3 The LIBE Hearings 3.5 Relation between the Statements

Chapter 4: Beyond Balancing and Coexisting

4.1 Privacy as an Independent Value 4.2 Privacy in Relation to Security

4.2.1 Privacy and Security as Mutually Strengthening Concepts 4.2.2 Why the Use of Big Data for Surveillance Purposes is Wrong 4.2.3 We are the Prisoners in a Panopticon of Data

4.3 Other Problems with the Use of Big Data for Surveillance Purposes 4.4 Possible Solutions to Privacy Problems

Chapter 5: Concluding Remarks

5.1 Conclusions

5.1.1 The Debate around PRISM

5.1.2 PRISM’s Implications for Privacy and Security 5.2 Suggestions for Further Research

(5)

1

‘Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.’

(Benjamin Franklin 1755)

Chapter 1: General Introduction

1.1 Introduction

Privacy and security are, both in politics as well as in science, viewed as linked concepts. In politics this often means that if either privacy or security policy is changed this will have an impact on the other. More specifically; if our level of privacy increases our level of security decreases and vice versa. This way of thinking about privacy and security is in academic literature referred to as the trade-off model. This way of viewing privacy and security appears to have had an impact on the way security policies have been shaped. Recently several research initiatives, such as PACT and SurPRISE, are questioning whether the assumed relation between privacy and security actually exists in the way policy makers are convinced it does. The researchers suggest that there does not have to be a direct link between privacy and security and to the extent that there is such a link, it might have been created by policy makers. It currently seems that the dominant point of view in politics is that

security should prevail over privacy without sacrificing privacy in total. We can see this in different programs such as PRISM, TFTP (Terrorist Finance Tracking Program), the Total Information

Awareness Program and other programs and acts both by the NSA as well as surveillance agencies from European countries. Programs which are aimed at preventing terrorism (thus enhancing security), but do so through collecting large amounts of data (which is often privacy sensitive). It is also stated implicitly in an already quite famous quote by US president Barack Obama when he claimed that: ‘You cannot have 100-percent security and also have 100-percent privacy and zero inconvenience’ (Obama speech on PRISM June 7th 2013). In literature authors seem to be more critical towards the trade-off idea, they often claim that it is the wrong way of viewing the relation between privacy and security. My research would fall into this tradition.

The aim of this research is twofold. Firstly it is aimed at uncovering to what extent the idea of a trade-off between privacy and security is relevant in the debate around the PRISM program. Its second aim is to clarify why we should see privacy and security as two concepts that strengthen each other rather than being traded off against one another and why, because of this strengthening relation, programs such as PRISM are wrong. Chapter one will consist of a general introduction to the

(6)

2 topic. I will start with explaining the trade-off model and PRISM since some basic understanding of these concepts is crucial in understanding this research. Then I will introduce and explain my research question and sub-questions. Furthermore I will clarify why this research is important and what I will not be covering in this research. In chapter two I will give an overview of the context in which the PRISM debate should be placed. This chapter will include an overview of the debate around the core concepts; privacy, security and big data. It will sketch how different scholars have debated these concepts and how these concepts and the different scholars views on these concepts relate to one another. This chapter is aimed at sketching the context in which this research and the PRISM debate has taken place. Chapter three will aim to uncover the different ways of viewing the relation between privacy and security in the PRISM debate. It will do so through a discourse analysis of three main sources; speeches and press releases from the Obama administration, statements made in US Congress, and statements made during the LIBE hearings. From this it will attempt to uncover the most common ways in which the relation between privacy and security is viewed. Chapter four will explain why privacy and security are linked, and why we need privacy in order to have security. It will furthermore explain how programs such as PRISM violate our privacy. From this it will conclude that trade-off reasoning is mistaken and that programs, such as PRISM, harm rather than help our security. In chapter 5 some general conclusions are drawn.

1.2 The Trade-off Model

The trade-off model, in short, is a way of viewing the relation between privacy and security, in which security prevails over privacy. In other words, we should sacrifice some of our privacy for the greater good of our security. Even though it seems that a trade-off mindset is the dominant way of thinking about privacy and security within politics it is often critiqued in academia. There are several research projects currently in progress that not only aim to study the trade-off model, but to find ways to deal with privacy and security that go beyond the idea of a trade-off. Examples of these kinds of

initiatives are the PACT program, the SurPRISE program and the PRISMS program. Other than these programs there are various other scholars in the fields of law, politics, philosophy etc. that study the trade-off model, its implications and possible alternatives. These studies mostly take different approaches and to an extent different cases, however most of them are focused on the European Union.

The idea behind the trade-off model is that privacy and security are linked, and that enhancing one will have a negative impact on the other. More privacy in the trade-off model inevitably means less security and vice versa (Fuchs 2013: 7). Although it is never stated explicitly, in

(7)

3 politics this generally means that some of our privacy is sacrificed for our security. The argument commonly is that with information we can take preventative action thus enhancing security, but the collection of information is a violation of privacy (Van Lieshout et. al. 2013: 119). Politicians claim that this sacrifice of privacy can be justified if it makes us safer and more secure (Fuchs 2013: 7). This is often combined with the argument that you have nothing to fear if you have nothing to hide (Solove 2011). Trade-off logic would also work the other way around; that would be than any increase in our privacy would be a decrease in our security. However, most scholars debating this topic debate the sacrifice of privacy for the benefit of security, since this appears to be the most common way of dealing with this problem in politics. Many of the scholars that research trade-off logic are critical of this way of reasoning, claiming for example that it is based on false assumptions.

Solove (2011) has included the idea of a trade-off between privacy and security in the sub-title of his book ‘Nothing to Hide; the false trade-off between privacy and security’. In this book he argues that there is a trade-off mindset in American politics (the book focuses on the US post 9/11), but that there are quite a few cases in which a trade-off would not be necessary to enhance security. Often privacy is minimized in favour of security, while there are privacy friendly alternatives. Sometimes the sacrifice of privacy does nothing to enhance security (Solove 2011). Fuchs (2013) in his study in the context of the PACT research project seems to share Solove’s (2011) intuition, that even though a trade-off mindset might be dominant in politics, this is not the only, nor is it the best, way to view the relation between privacy and security. Fuchs (2013: 2) states that the debate on privacy and security, post 9/11, has been shaped in favour of control, surveillance, policing and war. This implies an emphasis on security to which privacy has taken a back seat.

Van Lieshout et.al. (2012: 123-124) state that the trade-off model presupposes rational citizens that make an informed decision in giving some of their privacy to gain more security. However Van Lieshout et.al. (2012: 123-124) criticize this idea on the grounds that it is based upon invalid assumptions of peoples understandings of the concept. People, according to Van Lieshout et.al. (2012: 123-124) do not fully comprehend the concept of privacy and why we should value it. Van Lieshout et.al. (2012) appear to take a more public based approach when discussing the trade-off model, this in contrast with Fuchs (2013) and Solove (2011) as well as Barnard-Wills (2013) who take a more politics base approach. Barnard-Wills (2013:179-180), in his research of different policy texts across European countries, found that in general there appears to be some sort of trade-off mindset within these policy texts. ‘Information exchange for security is often represented as a good thing’ (Barnard-Wills 2013: 180). This quote implies that privacy in the sense of control over information appears not to carry much weight, when set off against security. However to claim based on Barnard-Wills’ (2013) research that privacy always takes a back seat to security would be a mistake. Not only

(8)

4 does Barnard-Wills (2013: 180) acknowledge that there can be constitutional limitations or negative historical experiences that can give privacy a more important role, we can also see a shift towards cyber-security being part of the broader concept of security. This implies that there might be a counterbalance against the current security dominant view. Furthermore there are some indication that the EU is looking at privacy and security not as two opposing concepts that need to be balanced against one another, but rather as two concepts that can support and strengthen each other

(Barnard-Wills 2013:180). While Barnard-Wills (2013) found evidence that some politicians see privacy and security as two mutually strengthening concepts, Hildebrandt (2013) states that they are two concepts which we need to balance. According to Hildebrandt (2013) the main problem with the trade-off mindset is that while it is portrayed as a balancing act this is not always the case.

Hildebrand (2013) sees the solution in making sure we balance privacy against security rather than just trading in one for the other. Hildebrand’s (2013) view of the trade-off model differs from the other scholar discussed in this section, since she is the only one who is convinced that a trade-off would imply giving up all of one (security or privacy) in favour of the other. The other scholars only state that an increase in one means a decrease of the other, not that we need to give one up fully in favour of the other.

Thus far I have discussed different scholars that attempt to establish what the trade-off model is and whether it is the right way of viewing the relation between privacy and security. Fuchs

(2013:4-5) also discusses the trade-off model, but continues by considering some alternative options that might be interesting to discuss for my research. Even though Fuchs (2013: 4-5) claims that the trade-off model is the dominant way of viewing the relation between privacy and security, he also acknowledges three other options of viewing this relation. Fuchs (2013: 4-9) describes four ways in which the relation between privacy and security can be viewed; reductionism, projetionism, dualism and dialectic. Reductionism holds that we should prefer security over privacy (which would be a trade-off type reasoning) (Fuchs 2013: 4). We find reductionist views in arguments such as the nothing to hide argument which states; if you have nothing to hide privacy is irrelevant, if you do have something to hide you are a threat to security and the violation of privacy is therefore justified (Fuchs 2013: 4-5). Projectionist arguments assume that we should value privacy over security; an example of this line of argumentation is the ‘privacy first’ argument (Fuchs 2013: 4-5). Dualism assumes that privacy and security are independent values; since they are not connected both privacy and security can be achieved at the same time (Fuchs 2013: 4-5). Finally, the dialectic view holds that privacy and security are interdependent values, this type of argument views privacy and security as two concepts that strengthen each other (Fuchs 2013:4-5).

(9)

5 1.3 PRISM

In order to make an informative analysis of the debate surrounding the PRISM program, it is important to have some basic understanding of what this program is. The PRISM program, officially known as the US984XN program under the protect America Act (Washington Post July 10th 2013), is an NSA security program which gathers large amounts of internet data on non-US citizens. Since it falls under Section 702 type programs, it cannot specifically target any US citizen (Medine et.al. 2014A: 6). At this moment in time we cannot know what exactly the PRISM program is. Most of the information available comes from a single source; the Snowden revelations, some of which have been disputed by the US government. More recently the Privacy and Civil Liberties Oversights Board has released a report on Section 702 surveillance programs, of which PRISM is part, which has given us some additional information (Medine et.al. 2014A). While Snowden (Poitras and Greenwald June 9 2013 and Poitras and Greenwald July 8 2013) claims that everyone’s communications are targeted in PRISM, Obama stated that PRISM does not target US citizens(Obama’s speech on June 7 2013). This has in international media led to the claim that every non-US citizen’s communication is

targeted. The PCLOB revealed that mostly non-US citizens are targets, and that when US citizens are targeted there are additional rules to which the NSA needs to comply (Medine et.al. 2014A: 6). The PCLOB (Medine et.al. 2014A: 6) furthermore states that when the NSA targets individuals under Section 702 surveillance (for example through PRISM), probable cause does not need to be proven. The NSA only needs to prove that the information collected falls within the normal collections for foreign intelligence. On the functioning of PRISM Snowden claims that PRISM collects, filters, analyzes and stores these communications for an unknown period of time (Poitras and Greenwald June 9 2013 and Poitras and Greenwald July 8 2013). The aim of the PRISM program is to target someone who is likely to give state secrets to other states or potential terrorist, but in doing so it collects information on everyone (Poitras and Greenwald June 9 2013 and Poitras and Greenwald July 8 2013). According to the PCLOB (Medine et.al. 2014A: 7) PRISM collects data through a selector (for example an e-mail address), which is send to a US based internet provider, the provider is obligated to give the data for that selector to the government. The report does not state how many of these selectors are send out and on what grounds, thus the true scope of the PRISM program remains unknown.

One of the ways in which PRISM is assumed to collect data is through cloud servers and other internet servers that are located in the US. With cloud computing the data is no longer in the control of the individual (Hosein 2011: 2). Since data is no longer stored in the home it is not protected under Fourth amendment rights in the US (Solove 2011: 105-106). The US government does not need a warrant to search information stored in a cloud, the same goes for information otherwise stored on a

(10)

6 server outside of the home (Solove 2011: 105-106). The US claims, because the data runs through their territory it falls within their jurisdiction (whether this should legally be the case is to some extent irrelevant because this is what the US acts on).

The second way in which the NSA might obtain big data through the PRISM program is through agreements with different service providers on the internet. Think of e-mail servers such as G-mail and Outlook, social media such as Facebook, search engines such as Google and Yahoo!, programs such as Skype and websites such as Youtube (Washington Post July 10 2013). Through these agreements the NSA can access any data from these companies directly. According to an article in Der Spiegel (2013) most of these companies deny giving the NSA access to their data. Also in the Libe Hearings companies such as Microsoft and Facebook have explicitly denied building back-doors into their software or granting the NSA excess in any other way without a warrant (10th Libe Hearing). Hosein (2011: 4) however claims that these companies do not only agree to the NSA collecting their data, they get paid for it. According to Snowden (Poitras and Greenwald June 9 2013 and Poitras and Greenwald July 8 2013) there are two general types of data collected; content data and meta-data, or what Solove (2011) would refer to as content data and envelope data. We know that the NSA collects (meta-/big) data and it seems likely that they store and analyze it; however we cannot know for sure if this is actually the case.

1.4 Research Question

Now that we have established some basic knowledge of the trade-off model and PRISM let us turn to the research questions. The aim of this research is twofold; first of all it is aimed at uncovering the different positions on the relation between privacy and security within the context of the debate around PRISM, and to what extent trade-off logic plays a role in this debate. Second it is aimed at providing an understanding of how privacy and security are related; that they in fact strengthen each other and therefore programs such as PRISM harm our security through harming our privacy.

Key question: What are the different positions on the relation between privacy and security within the PRISM debate and how should the relation between privacy and security be viewed?

Sub-questions:

1) What are the different points of view on the relation between privacy and security within the context of the PRISM debate?

(11)

7 2) To what extent can the different positions in the debate on the PRISM

program be linked to the trade-off model?

3) How should we view the concepts of privacy and security and the relation between them?

4) Does PRISM violate our privacy?

The first sub-question is intended to get an overview of the different positions in the debate surrounding the PRISM program is. What are the different points of view on this program? How where privacy and security valued and evaluated in the debate around PRISM? It will specifically focus on how the Obama administration and members of US Congress viewed privacy and security and the relation between them in de debate around PRISM. Also the LIBE hearings, although not a US source, will offer some critical notes. It will look at the debate surrounding the PRISM program, since this will not only show the different ways in which the relation between privacy and security is viewed and it also gives an insight into the arguments used to defend the way in which this relation is viewed.

The second sub-question is aimed at comparing the way of reasoning behind the PRISM program with the trade-off model. To what extent can we uncover trade-off reasoning in the debate? Are there participant in the debate that hold a point of view different from trade-off logic? Can these other positions, to the extent that they exist, be placed into other categories, for example those put forward by Fuchs (2013)?

With the third sub-question the research moves into the normative part. It aims to establish whether there is a necessary relation between privacy and security and if so, how that relation is shaped. Are security and privacy linked and are policies therefore merely reflecting a relation that is already there? Or do policy makers view the two as related and construct policies in this way, whilst the two do not have to be related? And if privacy and security are related do they have to impact one another negatively?

The fourth sub-question will go in to whether PRISM is actually a violation of privacy. In what ways is our privacy harmed through mass data surveillance? Does PRISM still violate our privacy if it only collects our data with no intention of using it?

(12)

8

1.4.1 Expected Results

For questions one and two I expect there to be a trade-off logic behind the PRISM program, I do not expect this to be uncontested though. I expect to find an emphasis on security within the PRISM debate on the US side. It seems that the discourse on the US side emphasises the sacrifice of some privacy, at least while there is still an active terrorism threat, in order to gain security. This

expectation is, amongst other things, based on the quote by Obama stating that: ‘You cannot have 100-percent security and also have 100-percent privacy and zero inconvenience’. However I also anticipate that not every member of US Senate and Congress will agree with this logic. These politicians might see privacy either as outweighing security since it is part of a liberal rights set focussing on individual freedoms, or they could see privacy and security as two important values which are not mutually exclusive.

For the third and fourth question it appears that there are four ways of dealing with privacy and security. First of all would be an emphasis on security in which privacy is sacrificed for the sake of security. The second option would be an emphasis on privacy in which security is sacrificed for the sake of privacy. The third option would be viewing privacy and security as unrelated concepts, in that sense security policy does not affect privacy and vice versa. The final option would be that privacy and security are related in a positive sense, that is if privacy is enhanced so is security and vice versa. This seems to imply that the relation between security and privacy is to a large extent created by virtue of the policy makers. It seems to me that if there is a relation between privacy and security it is the opposite of what the policy makers make of it. Privacy and security should be seen as two

concepts strengthening one another, and PRISM through violating our privacy, violates our security.

1.5 Importance of the Topic

Since 9/11 the call for preventative security measures has grown rapidly. Politicians of most western countries, especially the US, at some point have all stated something along the lines of: ‘we need to stop terrorist before they have the opportunity to attack’. Security has become one of the main focus points for western government. Usually this security comes at a cost; privacy is often sacrificed in the name of security. The sacrificing of privacy to enhance security has been critiqued since these policies started, but the critique has vastly increased since Edward Snowden revealed the existence of the PRISM program. Billions of people are affected, in the sense that everything they do (everyone they call, everything they search on the internet etc) is stored for we do not know how long by a country to which they do not even have to have ties. It is no longer that merely those who are

(13)

9 suspected to be engaged in criminal or terrorist activity are under surveillance, we all are. It is

unclear how long the data is saved, and for what purposes it is being used.

There is still a lot of secrecy behind the PRISM program. We know that data is collected but we do not know for how long it is stored, if it is used and if so for what purpose. By studying policy texts on PRISM, this research aims to understand the debate around the PRISM program. Understanding the debate about this program might contribute to knowledge of the functioning of it and it could gather some insights on how the program works. Since the PRISM program has raised so many questions and so much media attention it seems important to understand the different positions in the debate.

Furthermore PRISM does not stand on its own. There are several programs that are also concerned with the collection of data. Think of programs such as the Passenger Name Record and the Terrorist Finance Tracking Program, which also gather large amount of data for similar purposes (most likely prevention of terrorist attacks). Understanding the debate around the PRISM program might give us some insights in the different positions on similar programs. Studying the debate around PRISM can also enable us to get an understanding of the different views towards privacy and security held by US Congress and the European Union. Understanding the different points of view of the US Congress on privacy and security issues can help us understand possible future actions of the US in the security/privacy realm.

There are some indicators that there is a trade-off rationale behind the PRISM program. There are currently several research initiatives which study the relation between privacy and security, and more specifically trade-off logic. However these studies are currently mostly focused on the EU and its member states. This research will add to trade-off research, and research on the relations between privacy and security by giving a US account and the EU responses to a US based program.

The second part of this research which focuses on moving beyond trade-off reasoning to another way of viewing the relation between privacy and security, can contribute to other research done on this topic. Recently more and more scholars have argued to move away from viewing the relation between privacy and security as a trade-off. The second part of this research will add to this tradition. By establishing a way of viewing the relation between privacy and security in a more privacy friendly/non trade-off way in a broad realm of research it might urge policy makers to take on this different type of reasoning. This research will not have that effect on its own, but it might contribute to a number of other researches with similar intents, which combined could have this effect.

(14)

10 1.6 Limitations and Key Assumptions

This research will not look at the results of the PRISM program as such. It will not attempt to establish whether this program is effective and cost efficient. It will not look at whether the PRISM program is capable of enhancing security, since this would be an unachievable task. First of all, because there are still a lot of unknowns about the PRISM program; we do not know how this program works, let alone if it has been able to prevent a terrorist attack. But even if data would have been readily available, determining whether the program is effective would be problematic. How would you measure the effect of attacks prevented and balance it against the cost (both in the actual as well as in the metaphorical sense) of preventing such an attack. For these reasons this research will not question whether the PRISM program has the intended outcome.

Nor will this research specifically focus on the functioning of PRISM. This is in part because we cannot know exactly how PRISM works. The information available on this program is puzzled together from three main sources; the Snowden revelations, some policy documents and speeches by the US government, and a report by the Privacy and Civil Liberties Oversight Board. We cannot know for certain how reliable these sources are. On the other hand the functioning of PRISM is not necessarily relevant for understanding the different positions in the debate. Therefore this research will only elaborate on the functioning of PRISM when it is relevant for understanding the debate it. Other than that I have already made some general comments on the functioning of the program earlier in this chapter to give some basic understanding of this program.

This research will take meta-data and envelope data to mean the same thing, and it will separate this type of data from content data, since the implications on privacy might be different. But even if the conclusions in the end will be the same for meta-data and content data it is important to distinguish the two in the initial research. In the second chapter I will explain what these two are, what the difference between them is and to what extent this difference is relevant. Also the use of the different types of data and the collection of data will be seen as separate actions and both evaluated against privacy. This again because the outcome might differ and even if it does not, the fact that the conclusions are in the end the same or similar is more informative than taking the two together from the start. Although some might argue that one does not collect data without the intention of using it, it is interesting to establish whether it is the collection that is already problematic or that it becomes a privacy threat when the data is used. Another reason why this research takes collection and use to mean two separate things is because it is unclear whether the PRISM program merely collects data or if it uses it as well. To take collection and use separately can

(15)

11 give us insights both in the case that PRISM only collects data as well as if it uses it. In chapter four I will debate whether it matters if the NSA only collects our data or also uses it.

In chapter four I will also look at other policy possibilities to enhance security in a more privacy friendly way, please note that this cannot be an exhaustive list. It will consist of some suggestions, but it will not attempt to fully overthrow all privacy sensitive policies. It is not aimed at creating new policies, but it is aimed at critically reviewing the current mind-set. It will therefore only offer some policy suggestion in the form of example rather than an extensive list of policy options.

(16)

12

Chapter two: Historical Perspective and Current Debates

In this chapter I will give an overview of the context in which the texts analysed in chapter three and the general debate around PRISM should be placed. The chapter will start with a brief, and by no means fully inclusive, description of the ways of viewing the three core concepts, privacy, security and big data. These are three complex and contested concepts and this chapter will not aim at giving a straight forward definition of these concepts, since it is, especially for privacy and security, an impossible task. Rather it will give an overview of the debate around these concepts; what there is usually agreed upon and on what points scholars interpretations differ. Furthermore this chapter will describe how the concept of privacy has developed in the US and the EU, and how this development has differed. This chapter will give an overview of the development of the concept of privacy because it is necessary contextual background information that is needed in chapter three during the

discourse analysis. In order to fully understand the texts studied in chapter three it is crucial to have insight in the history behind privacy, since this is likely to have an effect on how the different sources view privacy and its relation to security.

2.1 Privacy

Privacy is a complex and contested concept and there has been a lot of debate on how it should be defined. In this part I will first give an overview of the (usually six) different ways in which the concept of privacy has been defined in the literature; “the right to be let alone”, “limited access to the self”, “secrecy”, “control over personal information”, “personhood” and “intimacy” and explain why these definitions are problematic (Van Lieshout et al. 2013:120, Solove 2008: 12-38). Some scholars use a different distinction, for example bodily and informational privacy, but this is more a question of privacy over what, rather than what privacy actually is and it is therefore less relevant in this debate. I will attempt to find a solution to the problem defining privacy along the lines of work by Solove (2008) and Nissembaum (2010). Both claim that we do not need define privacy by

uncovering its necessary and sufficient conditions, as had been done in the past. Both Solove (2008) and Nissenbaum (2010) put forward that privacy should be defined through its context rather than through a set of conditions. Privacy should be seen as an umbrella term for a number of questions and dilemma’s. I do not, however, accept the conclusions drawn by either Solove (2008), who concludes that we should balance privacy against other values. Nor do I accept the conclusion drawn

(17)

13 by Nissenbaum (2010), who argues that we should talk about contextual integrity rather than

privacy.

Privacy as ‘the right to be let alone’ was most famously introduced by Warren and Brandeis in their article from 1890 in the Harvard Law Review. Warren and Brandeis (1890) describe how new technologies, such as the photo camera, can potentially be a threat to the individual’s right to a private life, or his right to be let alone. The main concern of Warren and Brandeis (1890) was that with photography becoming more available and portable, celebrities where photographed in the street and these, sometimes compromising, photographs where, or could potentially be, published in newspapers. Warren and Brandeis (1980: 83-84) use the case of Prince Albert v Strange, in which private photographs of Prince Albert where released to the public by Strange, to show that in these cases it is not about the photographs being Prince Albert’s property (although they are), but it is about the intrusion on Prince Albert’s private life through the release of these photographs. The wrong in this case would be the intrusion of one’s private life and personal affairs, the right, that should correct this wrong, is the right ‘to be let alone’. Solove (2008: 17) critiques the right ‘to be let alone’ because it is as a definition of privacy to broad, we do not wish to be let alone entirely, humans need social contact, but we want some aspects of ourselves closed off to some people. Therefore, although being let alone plays a role in the idea of privacy, it cannot be seen as a sufficient definition of privacy. Limited access to the self is closely related to the right to be let alone, yet not quite the same thing. According to Solove (2008: 18) limited access to the self can, to an extent be seen as the more sophisticated version of the right to be let alone. It draws upon the need of any individual to be away from others (Solove 2008: 18). It is not the same as solitude, since it is not merely about being completely alone, but solitude is part of this conception of privacy (Solove 2008: 18-19). It is however not about fully closing of oneself but closing of certain parts of the self.

Nissenbaum (2010: 70-71) refers to the limited access to the self definition of privacy as the

“constraint access” view. The problem with limited access to the self (or constrained access) is that it is, just like the right to be let alone, to broad to work as a definition of privacy (Solove 2008: 20).

Another way in which privacy is traditionally defined is as some form of secrecy (Solove 2008: 21-24). Secrecy in this case would be hiding something (for example information) or keeping something from the, or a, public. Currently an often heard argument against the right to privacy is; why would I need privacy I have nothing to hide (Solove 2011). Secrecy is a part of privacy, but this does not mean that privacy is always about hiding deep dark secrets (Solove 2011). What an individual chooses to keep private might be the most mundane of things. Nor does privacy have to mean secrecy in full. Privacy is more about choices and who you, as an individual, choose to share certain bits of personal or private information etc. with. Which leads to the fourth way in which

(18)

14 privacy is traditionally viewed; control over personal information. Control over information, means that for a person to have privacy, he or she needs to have control over when and how (if at all) personal information is shared with others (Westin 1967:7). This idea differs from the previous definitions, in the sense that it is not aimed at keeping everyone away from oneself or information about oneself but it is about controlling who is allowed certain information about you. Solove (2008: 28-29) does not necessarily dismiss the control over information definition, but he states that this brings the problem of defining control. Since it is extremely difficult to define when exactly an individual is in control, it does not help us define privacy in a usable manner. It also places too much emphasis on privacy as an individual value while, according to Solove (2008:78-79), the value of protecting the privacy of an individual is not only of value to that individual, but to society as a whole. Privacy is necessary because it allows the individual freedom from intrusion of others, a society without this would be oppressive (Solove 2011: 50). This is why according to Solove (2011: 47- 52) privacy is too often viewed as an individual value whereas it should be seen as a societal value.

Some scholars argue that privacy is crucial to the personhood of the individual (Solove 2008: 34). Personhood refers to some type of individuality or selfhood, it is necessary for an individual to be precisely that; an individual. Essential freedoms such as freedom of religion and freedom of association are crucial parts of a right to privacy. These essential freedoms secure a person’s

individuality. If a person is not free to make his or her own choices and have his or her own thoughts and believes a person cannot fully be seen as an individual. Privacy was traditionally aimed at the protection of the sovereignty of the individual (Solove 2011: 47-50). This means that the protection of privacy in necessary to protect an individual’s essential freedoms. However personhood is, again difficult to define, and perhaps give to broad a scope to be a workable definition for privacy.

The final way in which privacy is traditionally viewed, is as intimacy (Solove 2008: 34-37). This refers to the idea that privacy is a necessary precondition for different types of relationships (Solove 2008: 34). Rachels (1975) is one of the main defenders of privacy as intimacy. According to this argument the relationships we have with others are defined by what types of information we share with them, in turn what information we share with whom, depends on the relationship we have with that person. The information I would share with, for example a co-worker, differs from what I would share with a close friend, because the type of relationship I have with these people differs. To some extent this relates to the control over personal information view of privacy, since this is also about what information is shared with whom. However, as Solove (2008: 36-37) argues, this view of privacy is to narrow, since it focuses only on inter personal relationships, thus it does not properly take into account the individual.

(19)

15 What we can see in the above section is that there are many different ways of defining privacy, although each of the definitions hold some truth (and to some extent overlap), none of the definitions provide both necessary and sufficient conditions without being too narrow or too inclusive. Both Solove (2008) and Nissenbaum (2010) offer a solution to this problem and that is to move away from the traditional attempts at defining privacy and move to, as Solove (2008) puts it, Wittgenstein’s idea of family resemblance. This means that what privacy or the realm of privacy includes, is dependent upon context, but that it always draws from a pool of similar elements (Solove 2008: 9). Privacy should thus, according to Solove (2008: 42), be seen as not having a single essence, but rather a number of interpretations that are related in different ways depending upon context.

Nissenbaum (2010), like Solove (2008), is also convinced that one definition of privacy is unnecessary and impossible, but she takes the argument a lot further. She argues that the way in which privacy should be shaped, is context dependent and that therefore the term privacy is irrelevant (Nissembaum 2010). To claim that privacy means either limiting the access to personal information or assuring the right of control over information is incorrect according to Nissenbaum (2010: 1-2). A right to privacy should be a right to appropriate flow of information rather than a right of secrecy or a right of control (Nissenbaum 2010: 127-128). Nissenbaum (2010: 127-128) calls this “contextual integrity” rather than privacy and claims it is based on social context and context

relevant information norms. Contextual integrity is constructed from roles, where people act within a certain context, activities or practices in which people, in roles, engage with norms which prescribe and proscribe acceptable actions and values, also known as goals purposes or ends (Nissenbaum 2010: 129-132). Contextual integrity presupposes that there are many social contexts, each with their own values, norms, roles and activities, and a distinctive set of rules and therefore we cannot speak of simply one right to privacy (Nissenbaum 2010: 141). Even in Nissembaum’s (2010) way of viewing privacy (or contextual integrity), what we can distinguish, which can also implicitly or explicitly be found with the other authors, is a sense of control on the part of the individual that is necessary for the functioning of both the individual and society as a whole.

2.2 Big Data

Big data has started to play a huge role in the world, from online advertising to being able to point out possible terrorist; there seem to be endless possibilities with big data, or more specifically the use of big data. In this section I will explain what big data is, how it differs from for example meta-data and what the current uses of big meta-data are. We know that the PRISM program collects big meta-data, but we do not yet know if, and for what purposes it uses this data. In this section I will first explain

(20)

16 what big data is and what its uses and threats could be. Then I will go into the distinction between meta-data and content-data and whether there is a difference in how privacy sensitive these types of data are. A commonly heard argument is that if it is only meta-data that is collected there cannot be a privacy violation, in this section I will show why this argument does not hold.

2.2.1 Big Data and its Uses

Big data is simply large quantities of data that are collected, stored or simply exist in the digital age, which become big data through their use. Big data becomes big data when it can be used for statistical analysis to uncover patterns of behaviour that would otherwise have stayed hidden (Mayer-Schönberger and Cukier 2013: 115). Whether we register on Facebook, buy something on Amazon, search for information on Google or simply use our smart phones, with all these actions data is collected on us. Amazon keeps track on what you buy to improve advertising specifically for you. Websites like Google can link your IP address to your search history, which you will see in the ads displayed when you visit Facebook (Try searching something like new shoes on Google, just seconds later Facebook adds for online shoe stores will pop up). Through the GPS service in your smart phone your location can be determined. With most things we do nowadays we leave a trail of data, which can be used both by companies as well as the government to create profiles (through data mining) and predict behaviour. An important characteristic of big data, as put forward by Mayer-Schönberger and Cukier (2013: 115), is that it enables us to do research on a large scale that would not be possible on a small scale, which then enables us to obtain more insights. Because of the digitalisation of the world, we can now obtain insights in behavioural patterns that would previously have stayed hidden. Morozov (2013) argues that new technology, of which big data is a part, will have the effect of changing the way we understand human society. Technology, Morozov (2013: ix) claims, is no longer about hardware and software but about the use of data mining to make the world a better place. Mayer-Schönberger and Cukier (2013) claim that the collection, use and reinterpretation of big data will change the way in which the world works.

Mayer-Schönberger and Cukier (2013: 16) claim that the revolution in big data is not about revolutionary new technologies but about the way we use those technologies. Some scholars, such as Schmidt and Cohen (2013), mostly see the possibilities with these new developments, for example in the increase in efficiency in health care. While other, such as Morozov (2013), offer sharp critiques. Schmidt and Cohen (2013: 13) claim that everyone will benefit from new technologies (though not everyone equally). In their book; ‘the New Digital Age; Reshaping the Future of People Nations and Business’, they describe a computer influenced life that could (and if we allow it, would) be possible

(21)

17 in the near future. They describe a world in which our everyday lives, our homes and even our day to day health are constantly monitored by computers and other smart devices (Schmidt and Cohen 2013). They sketch possibilities for more efficient health care, more honest politicians and over all a better live through these new technologies. They do acknowledge that there could be some concerns (mainly privacy concerns) with these new technologies, but they seem convinced that these new technologies will, over all, make our lives better. Morozov (2013) on the other hand is a lot more critical. Morozov (2013: 226-230) offers a sharp critique of what he calls data-sexuals, individuals obsessed with gathering data on everything (he would probably place Schmidt and Cohen’s 2013 book in the category of data-sexuals). Morozov (2013) questions the idea that technology can solve problems. He sees difficulty both in the current way technology is used to solve problems as well as in the long term consequences of these solutions (Morozov 2013). He claims that in our attempt to make the world more efficient, transparent and perfect we are limiting human freedom (Morozov 2013: xiii). Morozov (2013: 63- 99) continues by questioning the, often actively defended, value of the openness of the internet and concludes that this is not necessarily a good thing. Mayer-Schönberger and Cukier (2013) seem to take somewhat of a middle ground position between Morozov (2013) on the one hand and Schmidt and Cohen (2013) on the other. Mayer-Schönberger and Cukier (2013) state that on the one hand, big data analysis has made a lot of things function in a more efficient way, but on the other, this shift poses quite severe problems for privacy and the notion of consent that has been devalued. Mayer-Schönberger and Cukier (2013) also warn us for the dangers of using predictions in criminal law and for finding potential terrorist, since these predictions might be faulty in which case the consequences will be severe.

Mayer-Schönberger and Cukier (2013: 22-25) claim that there are three ways in which information analysis is changed due to big data technology. First of all there is more information to analyse (Mayer-Schönberger and Cukier 2013: 22-25). Second, the demand for exact or good quality data has become lower because there are vaster quantities of data available (Mayer-Schönberger and Cukier 2013: 22-25). Third, this has led to a breach with our search for causality (Mayer-Schönberger and Cukier 2013: 22-25). Mayer-(Mayer-Schönberger and Cukier (2013: 26) refer to these changes as datafication. According to Solove (2011: 157) when talking about datafication we should distinguishes between content data and meta-data. Content data can be compared to the content of a letter (the actual information in an e-mail or on a website) whereas meta-information can be compared with the information on the envelope, so the address the stamp etc. (in online terms this would be the e-mail address you send an e-mail to) (Solove 2011: 157). Some, such as Solove, refer to data as envelope data, both mean data about data. We should distinguish between

(22)

meta-18 data and content data because the implications of privacy violations with these types of data could differ quite a bit.

2.2.2 Meta- vs. Content Data

In the past year, as a defence of programs such as PRISM, we have often heard the argument; the program does not violate privacy since it only collects meta-data. In this section I will look at what meta-data could consist of, what its uses are in a time of big data. Finally I will explain why the distinction between meta- and content data is irrelevant when we talk about the privacy considerations with collecting these types of data.

It is first of all important to have a good grasp of what meta-data is. In the pre-digital age this was quite simple; if someone for example sends a letter, all the information on the envelope (that is visible to all) is meta-data, whereas everything that is inside the envelope would be content data. The same would go for phone calls, the number you call and the duration of the call would be meta-data, while the actual conversation would be content data. The phone number and duration of the call are data about the phone conversation, which is in turn content data; therefore meta-data (the phone number) is data about the data of the conversation. The situation becomes more complex when we look at this distinction in a digital age. We can still say that for example an e-mail address would probably be meta-data and the text in an e-mail would, quite obviously be content data. But how should we treat for example the subject of an e-mail, or someone’s IP-address? Some would argue that these would fall in the category of meta-data, since they can be compared to the address on an envelope. But from these small fragments of data, especially when combined with other small fragments, we can tell a lot more about a person than we could with an address on an envelope. A similar example would be the URL of a website, even though it might be seen as meta-data; it often gives quite a good idea of the content of a website. Given the amount of information that can be derived from things such as URL’s and IP-addresses one might argue that these should be categorized as content data.

In the US, under the patriot act, the scope of data that is classified as meta-data is quite large. Meta-data would be; on a letter the text on the envelope, with a phone call the numbers of both participating in the call (possibly as well as the duration of the call), with e-mail this would be the header of the e-mail and to whom it is sent, from who and possible cc’s and for surfing it would be all IP-addresses and URL’s (Solove 2011: 161). Content data under the patriot act is limited to; a letter, spoken communication, the body of an e-mail and the text on a website (Solove 2011: 161).

(23)

19 Effectively this means that only the limited amount that is classified as content data is actively

protected under the fourth amendment while the broad scope of meta-data is not.

Not all scholars, and possibly not even all countries, agree with the US’ distinction between content and meta-data. There are those who defend a more narrow scope of meta-data in which only the e-mail addresses and not, for example, the header of an e-mail would be used. Or that exclude URL’s from meta-data because they give away to much content information. Try for example to search something on Google and then look at the URL, you will notice that all your search terms are visible in the URL, therefore it gives away quite a lot more information than simply the address on an envelope. One could argue that therefore URL’s should not be considered meta-data. At the same time IP addresses can give a lot more away than actual addresses, so should these be excluded from the term meta-data? It seems that the comparison between the pre-digital era is not really possible when looking at the distinction between meta- and content data. The two have become more and more overlapping concepts.

Regardless of whether we accept the US’ definition of meta-data or we take a more narrow scope, we can currently tell a lot about a person by meta-data alone. In the pre-digital age the distinction between meta-data and content data was very useful, the address and return address on a letter are clear for everyone to see and do not reveal much about the lives of the sender or receiver (except that the sender send some sort of mail to the receiver). There was no further analysis, the meta-data stood alone and because of this revealed only minimal information. In the current digital age meta-data never stands alone, it can be combined with other meta-data (and perhaps content data) into big data warehouses that are a treasure trove of information for the trained researcher. Where a letter used to be just that, a letter, we are currently collecting information on how many letters are send, who sends letters to whom etc.

Let us start with the example of a smart phone, this device, that currently most people in the western world have, is used for almost everything. We call or text our friends, send e-mails, search things on Google or Bing, we buy apps using PayPal or our credit cards, we use GPS in combination with Google maps to find our way around, my employer even has an app on which I can check my work schedule. Other than through GPS, our position can often also be determined based on which telephone poles our phone connects to at a certain time. Even if we would just take the meta-data in the narrow sense and use only that data collected from smart phones for research, we can still tell a lot about a person’s life. When the seemingly unimportant meta-data is grouped together and perhaps combined with the meta-data of others we can, through data mining, not only obtain insights in people’s lives, what they do, who they talk to, where they are, but we can also make

(24)

20 predictions about what a person is likely to do or try. Meta-data when it stands on its own does not usually carry any specific value, however when it is combined into big data it becomes quite valuable, perhaps more valuable than content data (Mayer-Schönberger and Cukier 2013: 22-25).

In his speech during the 15th LIBE hearing Glenn Greenwald, a journalist who has written for the Guardian on the Snowden revelations, explains why the NSA targets meta-data specifically. Greenwald (15th LIBE hearing) states that the NSA is not using envelope data because it is less privacy sensitive than content data, but because the NSA can actually derive more information from meta-data and it can gather this information at a faster pace. The content of a phone call might be generic. If I would call one of my friends the conversation would have meaning to us, usually because it is placed in a context of other conversations and background knowledge we have on each other (Greenwald 15th LIBE hearing). Now to someone listening in on this call, assuming that they do not know the context, half or more of our conversation would not have the same meaning to us as it would have to them. Greenwald (15th LIBE hearing) uses another example; if someone has HIV and regularly contacts a doctor specialized in this disease the content of those phone calls might not tell us much. The phone will be answered either with the doctor’s name or with the name of the clinic, they will make an appointment and that is it (Greenwald 15th LIBE hearing). Now through meta-data and the analysis of this data, a security agency can know who is called, based on the phone number (and from this derive that it is a doctor specializing in HIV and that the person is thus likely to have HIV), also from the duration and frequency of the calls it can gather information, for example; it could indicate that the symptoms have gotten worse (Greenwald 15th LIBE hearing).

So why is meta-data so much more valuable than content data? The answer lies in the linkage it shows to other people. With content data it shows the connection between you and one (or perhaps a few) other people. It is just you and the person you called or the people you send a (group) e-mail to. While content data is focused on a single connection, the use and analysis of meta-data is aimed at uncovering networks, who is connected to whom through whom else etc.

(Mayer-Schönberger and Cukier 2013: 22-25). Meta-data can uncover patterns in our behaviour we ourselves did not even know existed (Mayer-Schönberger and Cukier 2013: 22-25). Most of our behavioural patterns are not visible to the naked eye, we go about our normal lives without noticing these patterns ourselves and without others noticing (Mayer-Schönberger and Cukier 2013: 22-25). But data mining is aimed at uncovering exactly those patterns, because of this it can tell us a lot more about people and their connections than content data can.

In short it would seem that in the sense that the distinction between meta-data and content data is relevant, we should from a privacy point of view perhaps be more concerned with the large

(25)

21 scale collection and use of meta-data. For the further purpose of this study I will take meta-data and content data together, since both have some clear privacy implications. To merely say PRISM is not an invasion of privacy because it only collects meta-data (an argument the US has put forward) is wrong, PRISM could still be a violation of privacy and the rest of this research will focus on whether that invasion of privacy can be justified against the idea of security.

2.3 Security

Like privacy, there is no clear and obvious definition of security. Security of often taken together with safety, precaution, emption and preparedness. Even though safety, security, precaution, pre-emption and preparedness are often mentioned in the same sentence and these concepts, and their meanings are somewhat similar, they are not the same. In this section I will briefly sketch the debate around security and how it is related to safety, precaution, pre-emption and preparedness. Like the definitions of privacy, the definitions of security described below should be seen in the line of family resemblance, rather than a set of necessary and sufficient conditions.

Hildebrandt (2013: 359) claims that although safety and security are often used for describing similar things they are in fact different. Safety should be seen as the protection against physical or other harm (Hildebrandt 2013: 359). Security on the other hand is best described as the prevention of or resilience against deliberate attacks (Hildebrandt 2013: 359). Even though safety and security mean different things the two do, to some extent, overlap in the sense that when attacks are prevented successfully (security) this can enhance safety (Hildebrandt 2013: 359).

Barnett and Finnemore (2006:168-169) claim that while security was traditionally seen as a state concept with a focus on military security (protection the state from invading armies), we should also take into account individual security. Individual security could for example be seen as security from the state, when the state would pose a threat to the well-being of the individual. Individual security could in this case be seen as the protection of the basic human rights of the individual, whether the threat comes from the own state or abroad. Baylis’ (2008: 229-230) definition of security falls along the lines of the description provided by Barnett and Finnemore (2006: 168-169). Baylis (2008: 229-230) defines security as; ‘freedom from threat to core values, for both individuals and groups’. In this definition to be secure, would be to have ones basic human rights, such as freedom of religion and freedom of association, protected. Along these lines, Fuchs (2013: 3) also does not limit security merely to the idea of national security. He claims that security concepts should include at least five components; military, environmental, economic, political and societal

(26)

22 (Fuchs 2013: 3). Barnett and Finnemore (2006 168-169) only acknowledge four of these, military, economic, environmental and political, although societal could fall under one of these four

categories. It is important to note that Barnett and Finnemore, Baylis and Fuchs all acknowledge that security has several aspects (whether there are four or five categories) and that both national and individual security matter.

Fuchs (2013: 4) uses the absence of a survival threat or a survival risk for individuals and society as a definition for security. Security, according to this definition would be the elimination of risk; this is where security links to pre-emption, precaution and preparedness. Precaution can be seen as a preventive logic that as an act is not tied to the process it acts on and which aims to act before the threat becomes irreversible (Anderson 2010: 788-789). Pre-emption can, according to Anderson (2010: 789-790), be seen as the active form of precaution (precaution is a passive).Pre-emption is aimed at stopping a threat before it happens. Preparedness is aimed at dealing with the aftermath of an event (Anderson 2010: 790-791).In short precaution and pre-emption are aimed to stop or reverse a threat or risk to our security, and preparedness is aimed at restoring security after an event.

Barnard-Wills (2013: 172-175) researched different policy documents in order to understand the different ways of conceptualizing security in the EU. He concludes that the various policy documents used in his study have quite different conceptions of security. Although all texts include the idea of national security, some include for example the idea of economic prosperity (Barnard-Wills 2013: 172-175). Others acknowledge that security is no longer merely a matter of internal affairs (Barnard-Wills 2013: 172-175). From this it seems that in policy documents the idea of security as a complex and multidimensional concept is acknowledged.

2.4 Historical Overview of Privacy as a Concept

In this part I will give an overview of how the concept of privacy has been developed in law in the US and in the EU. This part is aimed at sketching the context against which the PRISM debate has been shaped, which is necessary to properly understand the discourse analysis in chapter three. Also since I use both EU and US sources in chapter three it is important to understand the difference in

(27)

23

2.4.1 History of Privacy in the US

In US constitution the word privacy does not exist, however some implicit mentions of the idea of privacy do occur (Solove 2008: 2-3). The first amendment protects religious freedom (US Bill of Rights 1789). The fourth protects citizens from searches of their person or property without a warrant (US Bill of Rights 1789). While the ninth amendment protects a citizens’ rights that are not enumerated within the constitution (US Bill of Rights 1789). These three amendments do imply a right to privacy in the sense of a right to be let alone, but do not state this explicitly (Solove 2008: 15). The right to be let alone can be seen as the foundation for privacy laws within the US (Solove 2008: 15) Even though these amendments were added to the constitution in 1791, thus a right to privacy had been implicit since then; the actual concept of a right to privacy was not introduced in the US until 1890 when Samuel Warren and Louis Brandeis published their famous article in the Harvard Law Review (Warren and Brandeis 1890). Their article was written in response to sensation journalism becoming more and more intrusive. Warren and Brandeis (1890), in this article, plead for a right to be left alone to be taken up in law. In a sense the Warren and Brandeis (1890) article can be seen as a plead for a right to privacy because of new technological developments (Solove 2008:15-18). The new technology in the case of Warren and Brandeis (1890) being photo camera’s and news papers, which meant that every detail of the private life of a famous individual could be publicly accessible (Solove 2008:15-18). Solove (2008: 3) does claim that although the US constitution does not explicitly include a right to privacy the laws of many states do.

The Warren and Brandeis (1890) article has been the ground work for other privacy research and from this a number of different privacy concepts have emerged. Westin (1967: 56) roots the idea of a right of privacy or a need for privacy in animal life. He claims that animals, like humans,

sometimes seek seclusion or small group intimacy, which implies that the need some form of privacy (Westin 1967: 56). Rachels (1975: 290) claims that the interest of the individual are harmed when privacy is violated. Rachels (1975: 292) argues that our ability to control who has access to information about us is closely related to our ability to have different types of relationships with different people. Privacy in this argument is a necessary precondition for different types of social relationships (Rachels 1975). The way Rachels describes the right to privacy, the right to control information about oneself, is currently the dominant way of viewing privacy within the US, in which the harm of a breach of an individual’s privacy is crucial for the privacy breach to matter. Prosser (1960)researched privacy breaches and their harm within the US and found four common intrusions of the private that US law distinguishes between. These four types of intrusion are commonly referred to as the four privacy torts, and consist of four ways in which a breach of privacy can harm an individual. The first privacy tort is the intrusion upon the individual’s seclusion or solitude, or into

(28)

24 his or her private affairs (Prosser 1960: 389). The second tort is public disclosure of embarrassing private facts about an individual (Prosser 1960: 389). The third tort is publicity which gives a false impression of the individual in the public eye (Prosser 1960: 389). The final privacy tort is

appropriation of an individual’s name or likeness (Prosser 1960: 389). According to Wacks (1989: 38-39) even though all four torts matter within US law, only the first two torts actually refer to privacy, whereas the third and fourth tort are more aimed at protecting against defamation of an individual’s character. Wacks (1989: 38-39) furthermore states that the courts, as well as Prosser (1960) have not aimed at defining what is private because of the perspective of privacy chosen (privacy as ‘the right to be let alone’).

Privacy in the US mostly guarantees bodily privacy and privacy in the home (fourth

amendment), and freedom of religion and freedom of speech (first amendment). However, as Solove (2011: 93-94) notes, the fourth amendment only applies when one has a reasonable expectation of privacy. The reasonable expectation of privacy plays an important role in the way privacy is shaped in the US. It is included in Prosser’s (1960) first tort of privacy when stating that a reasonable man should be offended by the intrusion (Wacks 1989: 36-39). In the other torts the same idea of the reasonable man, which can be translated into the idea of reasonable expectation can be uncovered (Wacks 1989: 36-39) In short this results in a lot of government data gathering being justified because of lack of valid data protection under the fourth amendment. This lack of data protection under the fourth amendment can be traced back to there not being a reasonable expectation of privacy (Wacks 1989: 36-39) I will come back to this topic in the fourth section of this chapter; Government, Big Data, Privacy and Security.

2.4.2 History of Privacy in the EU

The concept of privacy has quite a different history and meaning in the European context. Where, in the US constitution, one needs to read between the lines to distinguish the idea of a right to privacy both the European Convention on Human Rights and many laws in the individual member states acknowledge a right to privacy explicitly (European Convention on human rights 1970). The European concept of privacy can be traced back to the Roman empire, ancient Greece and in medieval times in which an individual had a right to be protected against having their honour and dignity violated (Craig and Ludloff 2011: 20). This means that every European citizen has the right to have his or her honour and dignity protected both in the private and in the public sphere (Craig and Ludloff 2011: 20). In the European Convention on human rights (1970) the right to privacy in explicitly mentioned in article 8 which states that:

Referenties

Download het nu ( PDF - 95 pagina - 0.91 MB )

GERELATEERDE DOCUMENTEN

Schoolbetrokkenheid binnen het cluster 4 voor speciaal onderwijs

Kijken we apart naar de componenten van schoolbetrokkenheid dan blijkt dat de globale vragenlijst meer betrokken leerlingen meet voor het gedragsmatige component

De observatie van emotionele expressie van kinderen tijdens lichamelijk letselonderzoek bij vermoedens van kindermishandeling : een eerste stap naar de ontwikkeling van een observatie-instrument voor gebruik binnen de F

In deze studie werd onderzocht op welke manier de emotionele expressie van kinderen tijdens het lichamelijk letselonderzoek mogelijk geobserveerd kon worden..

The "Utility" Of The Time Trade-Off Method In Cancer Patiens: Feasibility And Proportional Trade-Off

Some patients made remarks pertaining to the TTO method that offer insight into the acceptability of the method and the wide variation in scores (see

that it

A suitable homogeneous population was determined as entailing teachers who are already in the field, but have one to three years of teaching experience after

the the that

The present text seems strongly to indicate the territorial restoration of the nation (cf. It will be greatly enlarged and permanently settled. However, we must

On the scent of wine that never goes off

He added: "Unfortunately, the process to remove the metals can strip colour and flavor compounds from the wine and processes like ion exchange can end up making the wine

Tekst 9 On the scent of wine that never goes off

Niet fout rekenen wanneer de juiste zin (deels) verder is overgenomen of de juiste zin op een andere manier is aangewezen.

The trade-off between economic performance and spatial equality

The Amsterdam Treaty states that countries will promote strengthening its economic and social cohesion, in particular periphery regions (European Union, 1997). The