The assault on our privacy is being conducted in private
By Greg Bensinger
“You have zero privacy anyway,” Scott McNealy, the chief executive of Sun Microsystems, infamously declared more than 20 years ago. “Get over it.”
Well, you shouldn’t get over it. The rise of social media, Google and online shopping and banking has made us far more exposed than back in the internet’s infancy in 1999. Today, personal data like your Social Security number, bank account information, passwords, purchases, political beliefs, likes and dislikes are stockpiled in central databases. That makes it more easily analyzed than ever before by companies that want to part you from your money, and easier for criminals to steal or for the government to sift through. Worse, we hand over much of it willingly.
Perhaps you feel McNealy’s remark was prescient and that tech companies have simply won out in the battle for access to your every desire or private thought. (They even track your mouse movements.) And it may feel benign to turn over your shopping and web browsing history to technologists in Silicon Valley. But it should worry you that access to your data and myriad inferences about you are a mere government request away.
At a congressional hearing last month, Tom Burt, Microsoft’s corporate vice president for customer security, said his company fields as many as 3,500 federal law enforcement requests annually for sensitive customer data, all under order of secrecy.
“Most shocking is just how routine secrecy orders have become when law enforcement targets an American’s email, text messages or other sensitive data stored in the cloud,” Burt said. In other words, the days of trench-coat-clad G-men riffling through filing cabinets are long over, and the assault on our privacy is being conducted, well, in private.
There are real consumer benefits to this data aggregation, of course. Facebook and many other sites are free in large part because of the volume of data fed daily into the companies’ ravenous maws, which in turn feed their lucrative targeted advertising business. The more that ads can be tailored to each consumer, the higher the ad price. It’s the difference between being shown a generic Nike shoe ad and being shown one for Nikes in the correct size, color and style.
Any notion that digital privacy is overrated is belied by Facebook’s very public anger over Apple’s recent move to allow iPhone users to choose to stop being tracked across the mobile web. Your data is worth billions.
Brad Smith, the president of Microsoft, recently argued in The Washington Post for curtailing the secret gag orders to help restore consumers’ privacy. But he failed to acknowledge that Big Tech makes itself an obvious stop for investigators through its voracious aggregation of data on its users, nor did he offer solutions that would reduce the flow of information from users to corporate computers — and ultimately to governments.
The assaults on our privacy have become not only more secretive but also far more efficient. Americans once blanched at government efforts to sweep up data, including through the Patriot Act after Sept. 11 and programs like the Clipper Chip, which created a back door for the government to monitor phone conversations.
Much of the erosion of online privacy stems from the Federal Trade Commission’s policy known as “notice and choice,” which grants companies almost no boundaries on what they can collect, as long as users are informed, often in unwieldy terms and conditions statements, according to “System Error: Where Big Tech Went Wrong and How We Can Reboot,” a forthcoming book by three Stanford University professors. “Nobody expects, much less desires to be tracked from moment to moment, with the intricate details of our lives pieced together and made permanently reviewable by companies or governments,” they write.
The trouble, they argue, is that Big Tech places the burden on users to protect their own privacy, which the companies would otherwise exploit at will. But most consumers can’t be expected to read hundreds of pages of disclosures, nor, if they object to their data being collected, to exclude themselves from participating in discourse through Facebook, Twitter or Google.
In their efforts to prosecute or prevent crime, governments may sweep up health, sexual or financial information that can affect future employment or benefits and that most people wouldn’t otherwise willingly release. Facial recognition software, made available to governments, has sweeping and chilling implications for surveillance and law enforcement and even for legal activities like participating in protests.
President Joe Biden signaled his own concerns, directing the FTC in his broad executive order this month to write new rules concerning private surveillance and data collection. While the changes could take years to come to fruition, they are a welcome acknowledgment of the extent of the problem.
Technology companies have exploited for far too long users’ and lawmakers’ indifference to a market devised by them that optimizes for ever-greater data collection in exchange for free products like email and digital maps.
The authors of “System Error” call for three reforms: a federally mandated right to privacy, revisions to the rules on informed consent so that consumers know what they are agreeing to and a new government agency to protect citizens’ privacy rights.
Congress has considered federal privacy legislation for several years but has been unable to pass a bill, leaving states to pass their own patchwork of protections.
However, the Biden administration appears to be turning the tide on regulatory apathy, in addition to a promising slate of antitrust bills in Congress that would fix some of the imbalance between Big Tech and consumers. But it will also require a collective sense of outrage — you don’t have to be OK with signing your life away to Silicon Valley technocrats.