By Paul Rosenzweig, The George Washington University Law School
The ability to collect and analyze vast quantities of data is a fundamental change caused by technological advances that, like King Canute’s fabled tide, cannot be stopped or slowed. So, how concerned should we be about our privacy?
Data Storage Capacity and Costs
Today, computer processor capacity is 10 million times greater than in 1970. The power of this added processing capacity translates almost directly into processing speed.
Data-storage costs, by contrast, have been decreasing at a logarithmic rate.
What this means is that while in 1984 it cost roughly $200 to store a megabyte of data, by 1999 that expense had sunk to 75 cents. Recently, you could buy 100 megabytes of data storage capacity for a penny.
This is a transcript from the video series The Surveillance State: Big Data, Freedom, and You. Watch it now, on Wondrium.
How Much Data Can You Store?
So, just imagine what a large corporation or government can purchase and maintain. Here’s a practical way of thinking about it. In 1984, you needed about $400,000 worth of storage capacity to capture a 2-gigabyte movie, which today you can stream on Netflix in about 2 hours, or maybe a bit less.
So, the story of technology requires us to answer this question: What happens when ever-quicker processing power meets ever-cheaper storage capacity? Here’s how Samuel Palmisano put it in a speech in September 2011, when he was the CEO of IBM:
We are all aware of the approximately 2 billion people now on the Internet. This number is growing rapidly in every part of the world, thanks to the explosion of mobile technology. But there are also upwards of a trillion interconnected and intelligent objects and organisms—what some call the Internet of Things. All of this is generating vast stores of information. It is estimated that there will be 44 times as much data and content coming over the next decade, reaching 35 zettabytes in 2020.
A zettabyte is roughly the entire corpus of human information created from the beginning of time until the year 2000. And now we produce that same amount of human data almost every month.
Learn more about cyber fraud, theft, and organized crime.
The Need for a Policy
Our law and policy thinking hasn’t caught up with this new reality yet. Several years ago, Scott McNealy—who was then the CEO of Sun Microsystems—surveyed the state of available technology, which was about 1/1000 as powerful as today’s data processing capacity, and said, “Privacy is dead; get over it.”
He was describing the loss of public anonymity—that is, our dwindling capacity to act, whether physically or in cyberspace, without anyone having the technological capacity to permanently record and retain data about this activity for latter analysis.
U.S. law has a phrase that describes this phenomena—we call public anonymity practical obscurity. The idea is simple: Even though there are public records, in practice, they can’t be found; so your privacy is protected by a veil of obscurity.
Derived from a 1989 Supreme Court case—Department of Justice v. The Reporters Committee for Freedom of the Press—the origin of the phrase ‘practical obscurity’ is instructive in illuminating the effects of such changes in technology.
Back in the late 1980s, the Department of Justice went to great trouble to create a database with information about the criminal records of known offenders. Back then, these records were kept in disparate local, state, and federal databases.
All of these records were generally public and, in theory, available for inspection by the media and private citizens. But, in practice, the information was so widely scattered that no crusading journalist or enterprising individual could incur the expense of finding it all and creating a comprehensive dossier on any individual. Each of us was, in a phrase, ‘practically obscure’.
Learn more about surveillance in America.
Freedom of Information Act
Only the federal government possessed the degree of need, and adequacy of resources, to undertake the task of creating the precursor of what is today the National Crime Information Center. At very great expense, the Department of Justice began to collect criminal records on a small number of criminals, mostly prominent Mafia dons who were of national interest.
The Reporters Committee case was a powerful expression of the strength of the idea of practical obscurity. A CBS news correspondent and the Reporters Committee for Freedom of the Press—a first amendment advocacy group—filed a Freedom of Information Act (FOIA) request, asking federal prosecutors for the complete dossier, or rap sheet, on alleged Mafia figures.
Now, as public information, you’d think that collectively—in the form of the requested dossiers—it would clearly be subject to disclosure under the FOIA.
But, the Justice Department denied the FOIA request, and a unanimous Supreme Court upheld that decision. The court found:
Plainly there is a vast difference between the public records that might be found after a diligent search of courthouse files, county archives, and local police stations throughout the country, and a computerized summary located in a single clearinghouse of information.
Because of that distinction, the justices concluded that “privacy interest in maintaining the practical obscurity of rap sheet information will always be high.”
The Advent of Data Aggregators
Alas, the court’s confidence that obscurity will always be high has had a half-life of fewer than 20 years. Large data collection and aggregation companies, such as Experian and ChoicePoint, began to harvest public records from government databases. Paper records are now digitized; electric records, downloaded.
These data aggregation companies systematically compile birth records, credit and conviction records, real estate transactions and liens, bridal registries, and even kennel club records. One company, Acxiom, estimates that it holds, on average, approximately 1,500 pieces of data on each and every adult American.
Anyone with enough data, and sufficient computing power, can develop a detailed picture of virtually any identifiable individual. That picture might reveal your food preferences, or your underwear size. It might tell us something about your politics, or your friend’s politics.
The New Yorker magazine cartoonist Peter Steiner once depicted a dog seated at a computer and telling a fellow canine, “On the Internet, nobody knows you’re a dog.” Today it’s been said that not only do they know that you’re a dog, but they know your favorite leash color and whether or not you’ve been neutered.
Common Questions about the Question of Easy Availability of Data and Privacy
The idea behind ‘practical obscurity’ is: Even though there are public records, in practice, they can’t be found; so your privacy is protected by a veil of obscurity.
A CBS news correspondent and the Reporters Committee for Freedom of the Press filed a Freedom of Information Act request, asking federal prosecutors for the complete dossier, or rap sheet, on alleged Mafia figures.
The data aggregation companies systematically compile birth records, credit and conviction records, real estate transactions and liens, bridal registries, and even kennel club records to compile data on individuals.