Daniel J. Solove, Nothing to Hide: The False Tradeoff between Privacy and Security
That information technology has eroded privacy has been a common theme of the literature since the mid to late 1990s. Time was when we could go about our daily business and enjoy considerable de facto privacy: No cameras would document our trip to or browsing in the department store; only a handful of people would notice us at all. We paid cash, leaving no credit card record. Maybe no one but the cashier would see what we bought, and odds were that he would forget before the end of his shift. Thus it went for countless other routines.
So much for the old days: Now more and more that we do, from swiping our IDs at the office to having medical exams, lays down a digital record. This information can be aggregated and mined to permit sometimes dead-on inferences about our health, preferences, and future behavior. It can then be delivered far and wide, often without our consent or even knowledge.
This trend alarms Daniel Solove. With a number of fine articles over the last decade and three well-received books published between 2004 and 2008 he has established himself as one of the leading privacy theorists writing in English today. Although this work focuses on the law, it also has a strong normative component. In Nothing to Hide Solove continues his investigation into the moral and legal questions that modern technology raises for privacy, while offering various legal remedies for preserving privacy in the face of a clamor for security.
The book has four main parts: 1. “How We Should Assess and Balance the Values of Privacy and Security”; 2. “How the Law Should Address Matters of National Security”; 3. “How the Constitution Should Protect Privacy”; and 4. “How the Law Should Cope with Changing Technology.” This review will pay closer attention to parts 1 and 4.
Solove resists defining privacy, implying that there are no necessary and sufficient conditions for the correct application of the concept. Also, he attempts to steer a middle course between rights-based and utilitarian justifications of the notion. He plausibly settles for characterizing it as an “essential interest” (p. 1). So too is security. Smoothing out the tension between privacy and security is the book’s theme. The trouble is that security, which relates to lives and limbs, seems altogether more urgent than privacy, which can seem trivial by contrast. At least that is how the law sees it. Much of Nothing to Hide is devoted to arguing that U.S. law unduly favors security over privacy and thus that the law needs serious reform.
One of Solove’s chief concerns is the nothing-to-hide argument of the book’s title. It goes like this: If you have nothing to hide, then you have nothing to fear from the massive amount of personal information that the government and other organizations possess about you, or the coming blanket of security cameras covering our parks, streets, and sidewalks. On the other hand, if you are acting illegally, then you have no claim to protest. Solove begs to differ: One problem he points out with the nothing-to-hide argument is that it assumes that privacy is strictly about concealing sensitive or embarrassing information. Solove calls this the secrecy paradigm and pronounces it dogma. It turns out that the government is not likely to be collecting images of our naked bodies or revealing the pictures of Dorian Gray in our attics. But privacy is about much more than keeping secrets or concealing crimes. The main danger from government information collection and processing comes not from the revelation of one’s deepest darkest but from the collection and processing of crumbs that people might not care about hiding at all. Breathtaking advances in information technology over the last several decades have made this possible. We will examine this issue more closely below.
As in some previous writings, Solove favors two literary metaphors to illustrate that privacy is far broader than secrecy and how some uses of technology can damage privacy without revealing any secrets. The first is from 1984, which depicts the state engaged in round-the-clock, all-encompassing surveillance of its citizens.
Although the United States today is far from this kind of dystopia, Solove is concerned about the proliferation of surveillance cameras in public and what they imply for the de facto anonymity that most of us have hitherto enjoyed. Nearly everyone values some measure of privacy in public, even though we might have nothing to hide when we ride the subway or take a walk around the block. Surveillance cameras, combined with ever more sophisticated biometrics, mean that our comings and goings can be rigorously tracked and that our public behavior can be thoroughly documented. Moreover, surveillance can “tie us to our past by creating a trail of information about us” (p. 178). In fact, as current U.S. law stands, the government could stalk our every public move and we would have no legal recourse. Solove’s worry is that such widespread documentation of public spaces amounts to a kind of non-stop informational dragnet. In his shrewd accounting the benefits do not cover the costs, which include inhibited speech and association. A further cost is that this kind of ubiquitous public surveillance grants “significant power to the watchers” (p. 179), who currently are scantily regulated in the United States. How are they judging us? What are they doing with the information that they gather? Could they use it for blackmail? Solove is not opposed to all public cameras, but he wants government to assume a very considerable burden before embarking on a British-style program of comprehensive surveillance of our shared spaces.
Although Solove takes the Orwellian threats seriously, more insidious are the Kafkaian challenges to privacy, which have to do not so much with the gathering of personal information as with the processing of it. In The Trial a man is arrested but is never able to discover either the charge or what the government presumes to know about him. Today the government and the many organizations that readily cooperate with it are drawing in gobs of personal information, mostly unremarkable stuff that hardly anyone would care to hide, for instance, about one’s date of birth, place of birth, address, ethnic background, marital status, and purchases. The rub is that this information can be stored indefinitely, aggregated, and then mined to yield new information that is anything but unremarkable and which people might prefer not be disclosed. Solove’s example involves a person’s jointly buying a wig and a book about cancer, from which a third party might well infer that she is about to undergo chemotherapy. When scraps of even innocuous personal information are fused and mined, it is now possible to sew a silk purse out of a sow’s ear, as Helen Nissenbaum puts it. Worse still, the government excludes citizens from discovering how this information about them is being used, creating a power imbalance between it and its citizens.
Solove devotes considerable attention to data mining. The U.S. government has promoted the technique as a useful tool for fighting crime and terrorism, and so it can be. However, Solove raises several objections to government mining programs. The first is empirical. Data mining is not all that good at predicting whether someone is or is disposed to be a criminal or terrorist. Second, the costs of a false positive can be steep. They might range from having one’s accounts frozen to being forbidden to fly. Solove rightly points out that security experts cannot tell us when these costs are too high. Third, even if we could eliminate false positives, how do we know that people won’t be singled out for holding unpopular views or because of their ethnicity? At the very least this diminished privacy can chasten speech, association, and information seeking. Fourth, the secrecy that shrouds the program means that citizens are not aware of what information the government has about them or how it is being used, so they cannot correct mistakes in the information or object to its use. Finally, the details of government data-mining programs are also concealed from the public. Under these circumstances citizens are unable to understand or evaluate them. Of course transparency is just what the data miners oppose, since criminals and terrorists could always keep one step ahead of government minders. Yet such openness is precisely what a sound democracy requires. Solove is not opposed to all government data mining. However, he is prepared to countenance it only “when there’s a specific threat and specific information about the likely perpetrators” and not when it is used dragnet style (p. 195).
Much of Nothing to Hide is devoted to legal issues with implications for privacy, among them government secrecy. As we have seen, Solove is wary of such secrecy. To support his case he offers numerous examples of the Executive Branch’s hiding dodgy activities or incompetence behind the veil of national security. Sweeping appeals to national security raise the likelihood of unaccountable and opaque executive power. Solove is exercised by the extent to which matters of national security, particularly since September 11, 2001, are “kept secret and … insulated from close scrutiny” (p. 62). Part of the problem rests with the legally fuzzy distinction between national security threats and regular crime. The frequent post-2001 invocations of national security have been used to expand surveillance and to justify information gathering and processing about citizens and legal aliens in a way that would not be possible if they were suspects in a criminal investigation. This leaves us all vulnerable to the caprice or incompetence of law enforcers. Solove accordingly proposes “rigorous scrutiny” for government claims of secrecy in the light of national security (p. 69). Again, he points out that the government’s shroud of secrecy prevents all citizens from being properly informed about national security policy and its potential abuses. Without such information, how can they know that their government’s policies and practices are worthy of their support? Whither democracy in such a climate?
Another important legal issue taken up in Nothing to Hide is the third-party doctrine. Solove characterizes it as “one of the greatest threats to privacy in our times” (p. 103), and he convincingly presents it as another instance of how the law has failed to respond to digital encroachments on privacy. The doctrine, as promulgated by the U.S. Supreme Court, says that if I share information with a third party I forfeit any privacy rights with regard to it. Solove plausibly suggests that the doctrine was less vexed when most personal information was stored in people’s houses or when they communicated over distances through sealed letters. For the past several decades, however, computer networks have been buzzing with personal information. This development has enabled the government and other large information collectors to compile digital dossiers about us. These dossiers, since they are held by third parties, lack Fourth Amendment protection. That Amendment forbids warrantless search and seizure. Digital information gathering and processing typically involve neither search nor seizure. Cloud computing means that even less personal information will constitutionally shielded. Ever more will become vulnerable to government information gathering and processing campaigns. The culprit is the secrecy paradigm. His ironic advice in the light of this trend? “[D]on’t use a credit card. Don’t have cable. Don’t use the Internet. Don’t use the phone. Don’t have a bank account. Don’t have insurance. Don’t go to a hospital. Don’t have a job. Don’t rent an apartment. Don’t subscribe to any magazines or newspapers. Don’t do anything that creates a record” (p. 110). Solove doesn’t pretend that it is, to borrow a phrase from one of his earlier writings, any longer possible to live as an “information ghost.” Instead he argues that the law has to adapt to the threat by protecting information not according to where it is kept or who happens to be holding it but rather according to what and who it is about.
Solove concludes by responding to the claim of some security advocates that the critics of surveillance and data mining are mere Luddites. He makes his point in the context of biometrics. Solove concedes that the technology can help detect crime, but he is skittish about a national biometric database. Such technology would permit far greater tracking of citizens’ movements. He insists that the burden is on the defenders of the new technology to assure the rest of us that adequate safeguards are in place to protect our personal data, which, unlike IDs and passwords, cannot be readily changed. So far they have not done this. Solove also raises a more general objection. Other things being equal budgeting is a zero sum game. Money spent on developing a sophisticated biometric database is money not spent on some potentially more effective means of security or, he might have added, is money spent not on security at all but on some highly useful social goal, like expanding healthcare or improving public transportation.
Before closing let us consider three mild criticisms. The first relates to Solove’s treatment of government secrecy. He raises some excellent questions about the topic throughout the book. He convincingly shows that in excess it can undermine democracy by making government unaccountable to its citizens. On the other hand he plausibly concedes that all governments need some secrecy to be effective. Yet he never answers the question of just how much secrecy government should be allowed to have and how we can keep secrecy within proper bounds. Nor does he explain how citizens can monitor it without revealing legitimate secrets. Consider the following: “Certainly, there are times where the government has a compelling reason to keep information secret. But it is currently far too easy for the government to cry ‘national security’ to conceal unseemly information. Claims of secrecy in the name of national security must be subjected to rigorous scrutiny” (p. 69). Who could disagree? How rigorous though? Later, to give him his due, Solove gives an answer: “ …demands for secrecy in the name of national security should be subjected to the utmost scrutiny” (p. 85). This is better. However, if secrecy is subjected to the utmost scrutiny, how can government have any secrets? Solove never says. In fairness this might be a topic for another book.
Second, Solove makes a strong case that civil liberties like privacy, free speech, and the rights of criminal suspects should not be curtailed during crises, contrary to what security hawks urge. He plausibly suggests that one problem is that the burden of such sacrifice is not borne by all but falls disproportionately on “minorities and dissidents” (p. 57). He thinks that we should be particularly vigilant in tough times to ensure that these liberties continue to be protected. He cites the egregious internment of Japanese-Americans during World War II and the dubious post September 11 rounding up of “enemy combatants” living in the United States. Still, true to the middle ground that he seeks throughout the book, Solove claims that some sacrifices during crises are warranted. To what extent? His answer is not terribly helpful: “Sometimes sacrifices in rights and civil liberties should be made, but only when the government adequately justifies why they are necessary.… In light of a history marred by frequent misguided responses to threats, we should be extra cautious about making needless sacrifices” (p. 69). Solove’s point is worth making. However, surely even those, like Richard Posner, who think that the so-called war on terror should not have to accommodate itself to basic civil liberties would agree that government’s justification should be adequate and that it should take pains to avoid needless sacrifices. Also, one might wish he had been a bit more explicit about just what “extra cautious” might amount too. Again, this might be the topic for another book.
Finally, as suggested above, Solove opposes informational dragnets in an attempt to dredge up would-be terrorists. In one place, however, his claim seems to exceed the evidence: “Finding a terrorist among the millions who travel each day is like finding a needle in a haystack. An individual fitting a profile may be statistically likelier to be a terrorist than someone who doesn’t fit it, but the chances are still very small. Thus the costs associated with datamining outweigh the relatively slight chance that it will detect a terrorist” (p. 197). Maybe, but without numbers it is impossible to get a sense of what “very small” or “slight” amounts to or to appreciate how apt the needle in the haystack analogy is. We cannot tell, on the strength of Solove’s argument, whether the costs of the dragnet in this case really are too high.
Overwhelmingly Nothing to Hide is a carefully argued, hysteria-free book. It makes a significant and engaging contribution to the moral and legal challenges that security and information technology pose for privacy. Solove makes a strong case for the profound social value of privacy, the siege it is currently under, and how to preserve it. Law is the key to its salvation. But current law will not do. What we need are laws that acknowledge the many informational benefits of computers along with the various privacy hazards that they create. Solove’s jargon free prose and lucid presentation should enable him to reach the general audience that he is seeking with Nothing to Hide. Readers will no doubt eagerly await his next book.