A New Deal for Online Privacy

Book Review: Dragnet Nation (2014) by Julia Angwin

Not many years ago, investigative journalists started to approach the topic of data surveillance and privacy intrusion with some sorts of self-experiments. Usually, these experiments involved the reconstruction of shopping habits or traveling routes on the basis of personal data that the journalist was able to recoup from a third party that had collected these data.

Dragnet Nation, the latest book by Wall Street Journal reporter Julia Angwin, goes in a similar direction, but much further. Basically, the book is a re-structured diary of a very extensive self-experiment, dealing with the attempt to escape all sorts of data-surveillance. Among the topics covered by the experiment are use of search engines which do not collect their users’ data, the employment of fake identities, the avoidance of cellphone-tracking and personalized online-advertisement and the use of encrypted email-communication. All this is as entertaining to read (as every chapter is enriched with personal anecdotes) as it is informative: Dragnet Nation is nothing less than a state-of-the-art report on how to fight advanced technologies of consumer surveillance. The book covers a broad range of methods, software products and applications. Angwin not only provides the reader with information concerning the use and value of these technologies resulting from her personal experience, but also tries to evaluate the trustworthiness of privacy-enhancing software and applications, often based on interviews with experts or with technology-makers which she has conducted as a journalist.

All this is of great practical value. I personally picked up for instance MaskMe, a free service and firefox-plugin from a privacy start-up called Abine, which creates a new fake e-mail address for every account. Also, I discovered my Google “location history” – showing my daily movements within the city (which Google is able to record with the help of the WiFi-location technology build into my smartphone). The location history is awesome: even small movements within the apartment or the office building are covered. I wasn’t aware of being tracked to that extent.

The protection of privacy in the digital realm can hardly be achieved by the efforts that consumers are able and willing to invest

One conclusion which Julia Angwin draws from her experiment is that the protection of privacy in the digital realm can hardly be achieved by the efforts that consumers are able and willing to invest. But instead of just handing over the job of protecting privacy to the government, Angwin describes in basic terms something like a new deal. Her starting claim is that we should consider reframing the issue. Privacy, Angwin claims, “is not a goal in and on itself. We might find that privacy was just a shield we had been holding up to protect ourselves from harm.”

Surely there has been, especially in recent years, a vital theoretical debate about the value of privacy. But to a great extent, this debate was launched because nobody could really foresee the consequences of widespread surveillance technologies. Surely: AT&T has said it responded to about seven hundreds requests for law enforcement a day in 2011 – meaning that data concerning seven hundred suspects using AT&T communication services were handed over to the government, the police and the secret services. That’s immense. But still it’s difficult to point specific harm caused by this.

Maybe it’s time to become more pragmatic. Looking at the evidence (also contained in the book), most victims of surveillance indeed suffer from very concrete harm. Take Sharon and Bilal, who met on the private online social network “PatientsLikeMe.com” and who were traumatized when they learned that their private conversations were intruded by Nielsen market research. Take John, the municipal worker who lost his driver license (and in consequence of this, his job) because a facial recognition software used by the local authorities had flagged him and another man of having similar photos. Or take the case of the fifteen-year old high-school student Blake, who was confronted by an assistant principal of his school claiming that she had evidence that he was engaging in “improper behavior in his home”. As it turned out, his school had installed spyware software on the laptop that the school had issued to his students. The spyware made snapshots with the built-in webcam.

That’s the lesson of Dragnet Nation: Instead of focusing too much on a nebulous idea of privacy, we should think about how to re-design our technological systems in order to avoid worst-case scenarios such as Sharon and Bilal, John and Blake have experienced. What shall we do?

In conclusion, Julia Angwin comes up with a set of questions, articulating regulative norms. Among these questions are the following:

  • Informative right: Does the dragnet provide individuals with the right to access and dispute the data?
  • Accountability: Are the dragnet operators held accountable for the way the data is used?”
  • Appropriateness: Is the dragnet too intrusive for its purpose?
  • Social value: Does is benefit society?

All these are sexy normative questions. But at least the questions concerning appropriateness and social value are, as an ending, disappointing for that very reason. Most issues which are of real impact today don’t exhibit the sexiness of general normative issues. Rather, they are deeply immersed in technical questions – such as the recent fight about net neutrality nicely demonstrates. For democratic decision making and public participation, the highly technical and complex character of most of the issues around digital politics is a problem. But it’s a situation that we have to deal with one way or the other. Dragnet Nation is a good read and full of new insights. In the end, though, the book leaves us pretty much where we are, because it totally avoids dealing with current political issues on the level at which they are actually being discussed. That’s a pity –because the book itself demonstrates so vividly the need for more appropriate privacy laws.

Ralf Grötker