Ceding Privacy

Ceding Privacy

September 14, 2012

Abstract

The technologies that we use daily are changing the way we interact with the world and opening up doors into the once private and anonymous lives of individuals. This article explores how notions of individual privacy are evolving with technology away from quiet anonymity, and toward unchecked monitoring, recording, and analysis of small bits of information by corporations and the US government. Privacy, and the boundaries that protect privacy, are often misunderstood in relation to the law, and how the law applies to the information that technology makes known. The article first shows where our notions of privacy evolved from historically as seen in the checks on government power established in the constitution, and how notions of privacy are interpreted and applied though case law respecting the use of technology. The article analyzes why we have be come complacent in allowing private information to be collected, who is collecting our information, and how small pieces of information can be compiled in ways that conflict with our notions of privacy.  The article concludes with suggestions that will help preserve and protect our notions of privacy by enacting laws that place limits on data retention and use; and though oversight of data collected and retained by US government by outside auditors.  

Ceding Privacy

The line separating information within and outside of the public sphere has become blurred. As technology increasingly becomes incorporated as part of our daily lives, we see a change in the way personal privacy is defined. Many people have a narrow, internalized definition of what privacy, or a right to privacy, means. This internalized definition often conflicts with the extent to which one’s privacy is protected under the law. The technologies that surround us and have become a part of our daily lives force a compromise between convenience and efficiency and the security of the information that defines who we are. Our interests, thoughts, wants, complaints, and actions are used as bartering chips, as currency, in the pursuit of the convenience that technologies bring to our lives.  

As an abstract concept, privacy must be defined within the context of how, what we do, who we are, and what we allow others to know, relates to the effect that personally private information will have on society. With respect to the information about ourselves, we see two competing interests. The first is privacy versus the security of society on the whole. At issue is the government’s need to know about us to secure, preserve, and protect the rights of individuals in an organized law-abiding society. The second competing interest is privacy versus the use of personal information for commercial gain. The Internet and rapid advances in mobile technology, coupled with fast and affordable processing and storage capabilities, have spawned an industry that peers into our private lives in ways that were unimaginable to the average person just a few decades ago.  

On the commercial side are companies like Google, Bing, Facebook, Acxiom, and Experian, which collect and aggregate data for advertising, target marketing, and assessment of one’s ability to repay creditors. The information gathered by these companies is given up with the expectation that the information given up will be limited in use, applicable only to the use of the services provided. In other cases the information is given freely with the understanding that what one says, does, or thinks is being said for the whole world to see. What many fail to realize is the way that commercial businesses combine information to create detailed profiles of individuals to be exploited for monetary gain. Beyond the commercial interests lie a government that is hungry for this information as a means to secure the country from criminals and terrorist both foreign and domestic. In light of how that information is being aggregated and warehoused by both the government and commercial businesses, one must wonder if consideration of individual privacy, much less a right to privacy, has eroded to a point of no return. One has to wonder, as Debbie Kasper asserts, if “privacy’s status as a right is precarious, [and] depend[s] on the caprice of the courts and social institutions” (2005, p. 71). If this is true, then what level of influence do we have as individuals in defining what is an acceptable level of privacy?  

As US citizens living in a free country, we are often our own worst enemy where privacy rights are concerned. In many respects, we determine the level of privacy that one can expect as we go about our day-to-day lives. At issue is what we are willing to give up in the name of security and convenience, and the ability of everyday citizens to influence the boundaries of individual privacy. Advances in technology coupled with a desire for convenience and demands for security make us dangerously complacent and are changing our perception of privacy as it relates to individual liberty.

Many of the arguments against invasive forms of technology are centered on a false assumption that there is a constitutionally guaranteed right to privacy. What has been acknowledged by the Supreme Court of the United States in Griswold v. Connecticut is the implied right to privacy under the First, Third, Fifth, and Ninth Amendments to the Constitution (Clarkson, Miller, & Cross, 2012, p. 88). The majority of cases surrounding privacy have leaned heavily on the Fourth amendment as a foundation for protection against government intrusion without just cause and intrusion under specific guidance. Writing for Widener Law Review, Raymond Ku argues that the Fourth Amendment protects a person’s right to be secure from the power of the government; but to view the Fourth Amendment in the narrow scope of protecting privacy under a given set of circumstances undermines the intent of the amendment. Rather, the amendment should be viewed as an extension of the intent of the Founding Fathers to put in the hands of the governed the right to place limits on government (Ku, 2010, 879). The historical context for the addition of this amendment and its intended limitations on unreasonable search and seizure are rooted in pre-constitution case law.

In the case of Wilkes v. Wood (1763), Parliamentarian John Wilkes was suspected of seditious libel against King George III for a series of pamphlets that were published and distributed which criticized the King. The British Secretary of State, Lord Halifax, issued a general warrant which named no suspects, but gave officials blanket authority to ransack the homes of potential suspects and seize any “seditious or treasonous papers” and to arrest the authors. After his arrest, Wilkes brought trespass charges against the officials who had ransacked his home and was subsequently awarded monetary damages against the officers and separately, Lord Halifax. In ruling on the case, Judge Pratt cited that what was at issue was the delegated discretionary power given to offices, under general warrant, to go wherever their suspicions take them and to search using whatever means necessary, thereby subverting the liberty of those who are the target of said search (Ku, 2010, pp. 655-66). The decision laid the groundwork for the wording used, and the intention behind, the limitations placed on government when conducting searches of private residences and personal effects.  

The importance of reason, checks and balances, and limitation on government authority can be seen in the specific wording of the Fourth Amendment. 

The rights of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by an oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized (U.S. Const. amend. IV).

The wording “…and no warrants shall issue, but…” are placed specifically in front of the prerequisites specifying the place to be searched and what will be searched for, with oversight by the judicial branch regarding the reasonableness of the search. (Amar, 1994, p.774). Ku also adds that the Fourth Amendment should not be considered in isolation, but as something that compliments other constitutional protections against unlimited, arbitrary governmental power (Ku, 2010, p. 648). Given that the US Constitution enables us to check the powers of government and determine how much privacy will be afforded to individuals, the onus then is on us to strike a balance between what we consider private, and what we consider a necessary intrusion to ensure security. In many ways it appears that this concept is foreign to may people when it comes to personal privacy.  

An often-ubiquitous answer to the question, ‘What is privacy?’ is that it is ‘the right to be left alone’. Rapid advances in technology used both inside and outside the home threaten to make the ability to be left alone an unattainable desire. Privacy, as applied to specific circumstances through case law, and under the guidance of the separation of powers outlined within the Constitution, appear to be trending toward the interests of the state and security over the desires of the individual. So where can we find solace from the prying eyes and ears of both the government, and private corporations? There are certain expectations that we can find privacy in our homes; but as Ku states with respect to the words of James Otis, there is a caveat. Otis states, “A man's house is his castle; and while he is quiet, he is as well guarded as a prince in his castle.” Ku is quick to point out that the key word in this line of reasoning is the word “quiet” (Ku, 2010, 657). As we will see, the word “quiet” is critical to what is considered private, but nearly impossible to abide by due to our reliance on technology.

A key to understanding the limiting powers of the Fourth Amendment lies in judgments that have been handed down by the judiciary branch of government, or through laws passed by the legislative branch regarding the reasonableness of a search or surveillance. Steven Penney writes in the Harvard Law Review that, typically, judges and courts “view privacy as a fundamental right, rooted in notions of dignity, autonomy, identity, and personal liberty.” Additionally, this view is detached from the economic and social realities that accompany the privacy argument. (Penny, 2007, p.478-79). Within the privacy argument we see competing interests. On one hand is the individual, you, the one reading this, and on the other hand is everyone else. Simmons notes that constitutional scholars tend to ignore that where advances in surveillance technology used by the police push the boundaries of privacy, there is little consideration given to advances in technology used by criminals to cause harm to others in society (Simmons, 2007, p.534). It would seem, though, that fears over security are foremost in the minds of American. This fear has lead to legislation that has moved the boundary line in the reasonableness argument though the passing of anti-terrorism laws that expand law enforcement’s use of technology, in many cases outside of the Fourth Amendment’s warrant requirements. What is reasonable and what is private appears to be dynamic where technology is concerned, and is wholly dependent on the interests of the individual, society, and the state who is charged with protecting both.

Many believe that given the constitutional protection afforded under the Fourth Amendment, what we do with technology from the comfort of our homes is out of reach where the government and private corporations are concerned. Our thoughts, feelings, interests and relationships that we share through private communications in phone calls, or through email and text messages are our business. Likewise, neither government nor the company we contract through has a right to record, analyze or disseminate that information to anyone else. Yet, what we do in our homes, as our private business is only considered private within the boundaries of established case law. What is and is not considered off limits with respect to the limiting principles of warrant requirements are shown in the case of Smith v. Maryland.

One principle that defines what can reasonably be expected to be considered private in relation to what people do in their homes rests on the doctrine of public exposure. The doctrine, in simple terms, says that what a person does that is observable from outside the home cannot reasonably be intended to be private (Penney, 2007, p.483). Application of this principle is seen in the case of Smith v. Maryland. The case involves the use of a pen register installed on the telephone line of a suspected burglar by the police without a warrant. After committing the burglary, the suspect proceeded to make obscene phone calls to the victim in the days that followed. During one of the phone calls, the suspect instructed the victim to come out onto her front porch, and in following those instructions the victim saw the suspect’s car and was able to provide a description to the police. The police narrowed down the description of the vehicle to one driven by the suspect and then worked with the phone company to install a pen register, which did not record conversations, but did record the numbers dialed out from the line. It was found that the suspect was making the obscene calls and he was arrested for committing the burglary based on the evidence gathered using the pen register (Ku, 2010, pp. 877-78). That the use of the pen register was not considered to be in violation of the warrant clause established by the Fourth Amendment highlights a dividing line supported by case law.

The line of demarcation established in Smith v. Maryland is an inside versus outside view of privacy, which brings to life the James Otis’ criticism of the Writs of Assistance, and that one’s home is his castle. The case law supports the idea that a man’s home is his castle, and that he is protected within it as long as he is quiet. The word “quiet” holds true in Smith v. Maryland in that the suspect transmitted incriminating information to a third party, the phone company, which had every right to record that information, if it chose to do so, in the course of conducting normal business with the suspect (Ku, 2010, pp. 877-78). The underlying philosophy is one of inside versus outside, or of transmitting and revealing what goes on inside the house to any outside party versus acting quietly inside one’s home. Courts have argued in that what is broadcast by an individual to the public from inside one’s home cannot be assumed to be private. The introduction of a third party, whether a phone company or a cable Internet provider, assumes the person sending the information knows that it can be seen, heard, or recorded by that third party (Penny, 2007, p.486). This clashes with how people think about the technology used on a daily basis. People use email or make phone calls assuming that the third party providing a service acts as a neutral intermediary oblivious to the content of the communication. That the courts have likened the use of technology to speaking with another person present in the room is misguided and is in direct conflict with our expectations of privacy.  

We expect as citizens living in a representative republic, with a strong constitution that places in check government authority, that certain aspects of our lives, our thoughts, and the people we associate with are off limits regardless of the means by which we make those associations. On the opposite side of the argument lies a government who is charged with ensuring that the private association of person A and person B does not affect the freedom, liberty, or security of person C. The government, through legislation enacted by representatives elected by those it is charged with protecting, must balance the risk of harm to society with privacy concerns and the potential for abuse of power by those collecting the information (Bannister, 2005, p. 72). Cell phone technology, email, text messaging, point of access purchases, and surveillance cameras in public places are capable of revealing information about individuals in a way that creates a potential for abuse. Attempts to deter crime and domestic or international terrorist threats have resulted in legislation that allows law enforcement to cast a broad net that reveals information about the innocent and those who act outside the interests of a law-abiding society. Additionally, the government may invade privacy directly by targeting a single person, by use of publicly available information gathered by the state like tax records, or through third parties who hold voluntarily disclosed information (Bannister, 2005, p. 67). While targeted law enforcement using all available resources is can be affective and efficient, the potential for misuse and abuse of these sources of information gives us strong reasons to protect and limit their availability and ease of access.  

In making his case for the need to balance risk to security and privacy of the individual, Bannister defines four main categories of privacy: watching, intercepting, reading, and interpreting. Watching is the monitoring of physical movement in public spaces, electronically through use of a debit card, on the Internet through malware or cookies. Intercepting captures information as it moves electronically by email, text, or talking on the phone. Reading involves analysis of data observed through watching or intercepting. Interpreting is the combination of data to draw conclusions about what has been observed, and pieces together either past or potential future actions of those observed (2005, p. 68-70). Each of these categories illustrate aspects of privacy that are progressively intrusive. People who go out in public today have little reason to believe that they will not be observed in some way and recorded by a video camera at some point while in public. Though slightly more intrusive, it is no secret that users of Google, by conducting a search or using their free email service, will have the content of their searches and emails scanned (intercepted) and analyzed (read) for use in targeted advertising by the site (http://www.google.com/intl/en/policies/). This is a tradeoff made by users of the service with respect to privacy as part of the terms of use; but these categories are cast in a different light when the government conducts them, and when the terms of use are nothing more than going about our daily lives.

The introduction of cameras into public spaces by police and government agencies has exploded in the last decade. They function as a force multiplier by allowing police to observe multiple high-risk areas remotely, and help to serve as a deterrent to would-be criminals. What is legally observable by law enforcement without a warrant and at what point using technology to make observations is allowed was defined in the 2001 Supreme Court ruling in Kyllo v. United States. In rendering the majority opinion against the use of thermal imaging technology to observe heat generated inside the home of Kyllo by the heat lamps he was using to grow marijuana, Justice Scalia makes two important points regarding the use of technology to augment the natural senses while conducting surveillance. The first observation is based on the public exposure doctrine where privacy expectations can only be considered reasonable if the information cannot be obtained from a public vantage point observable with the unaided natural senses. The second point, which is made in tandem with the first, is that a person does not forfeit a right to privacy simply because someone could gain access to information by some available means (Kemler, Tomkovicz, & Shapiro, 2000, pp. 14-15). The introduction of cameras into public spaces acts as an extension of the first point made in that the court has found that merely putting more eyes on a physical space is no different than posting 100 extra officers in town; which is a perfectly legal, but not necessarily economical.  

Though the introduction of cameras to observe and act as an extension of police capabilities falls mainly in the category of reading, demonstrable usefulness necessitates movement into the categories of reading and interpreting to apply the technology as a law enforcement tool. Use of a camera to capture pictures is benign, and in and of itself should cause little concern given that there is little expectation for privacy in public spaces. What should be of concern is the combination of information with data gathered from disparate sources of information to make individual people in the crowd uniquely identifiable. This capability is what many in the law enforcement community are quietly pushing for, and the infrastructure and technologies to make it happen are being planted in cities across the US where technology like license plate scanners are routinely used to track motorists within city limits (http://www.startribune.com/printarticle/?id=1664946 46). In some cases the capabilities are being put in place by US government agencies under the broad umbrella of the Department of Homeland security to include local and state law enforcement, but the majority of the of capabilities are in the form of gadgets and convenience technology that people buy as individual consumers. For example, it is estimated that 100M US citizens carry GPS capable phones, and an August 2012 ruling by the US Sixth Circuit Court has found that users do not have a reasonable expectation of privacy regarding GPS data; which smartphones are able to transmit continuously (http://www.washingtonpost.com/world/national-security/gps-technology-finding

-its-way-into-court/2012/08/23/03db6030-ed42-11e1-a80b-9f898562d010_story.html). In many respects, what we see is conditioning of the public away from what was once considered a reasonable expectation of privacy, and acceptance of a new normal based on the capabilities of the technology we own and that are being employed in public spaces.

Much of the conditioning we see has been pushed by the government in the name of thwarting a terrorist attack on the scale we witnessed on 9-11. The conditioning is effectively based on the simplistic Bush Administration logic that either you are with us, or you are with the terrorists. For all intents and purposes this logic has worked, likely because people are eager to prove their innocence. What is ignored in this type of thinking is the intended separation between individual Americans and government overreach into our personal lives. With respect to collection and analysis of the bits of personal information we broadcast to the world, no agency is more intrusive than the National Security Agency (NSA). Looking at the evolution of the NSA’s mission in intelligence gathering since its the revelation of its existence in 1975, it is clear that the agency is at the forefront of knowing and cataloging all aspects of our private lives. In the name of foreign intelligence gathering and analysis, the NSA casts a broad net, quietly sweeping up incidentally collected information on law-abiding Americans’ for possible future use and analysis (Graves, 2010, p.1858). The issues surrounding the collection of data by the NSA are twofold. The first concern is the rapidly expanding capability of the agency; and the second is the determinations made by the executive branch regarding what information can be collected and its end use.

The NSA’s expanded capabilities will reach a new high in 2013 with the completion of its Utah Data Center. As described by Wired.com, with insights into the facilities capabilities from former NSA crypto-mathematician and whistleblower William Binney, it appears that the US government has tossed privacy rights out the window. The one million square foot facility will be used to warehouse data from around the world, including communications between individuals within the US. The goal of the data center is to act as a centralized hub where data from 10 other existing NSA intelligence-gathering facilities will be funneled for analysis and storage. The stated goal of the facility is to coordinate the reading and analysis of a Yottabyte (1024 bytes) of data per year. It is estimated that the worldwide communications traffic in all forms will be 966 Exabyte (1018 bytes) by the year 2015. For perspective, 1 Yottabyte of data “would be equal to about 500 quintillion (500,000,000,000,000,000,000) pages of text” (http://www.wired.com/

threatlevel/2012/03/ff_nsadatacenter/all/1). The capabilities of this new data center and its intended use illustrate what level of privacy we can expect in the future. It appears that where technology is concerned, the notion of privacy has taken a back seat to interests of the state, and that interest is pointed squarely at knowing every detail obtainable about those who live in this country.

The explosive growth of the NSA during the decade after the attacks of 9-11 illustrates a huge shift in the balance between liberty and security. The expanded capabilities of the agency are the fulfillment of a wish list floated by the R&D arm of the Defense Department in 2002.  The Defense Advanced Research Program Agency’s (DARPA) Total Information Awareness program would have gathered disparate information from public sources and through monitoring of communications in the US against potential terrorists. Funding for the program was blocked in 2003 due to fears that the program would be turned against Americans (Ellis, 2010, pp. 8-9). The reasons for defunding the TIA program are closely aligned with the shock people felt about project MINARET when it was discovered; it illuminated an untethered use of foreign intelligence gathering assets being used against American citizens. Ellis adds that the TIA program did not die, but that the money allocated to meet the end goals of the program were reallocated and kept quietly in NSA budgeted accounts (2010, p.9). Expansion of the NSA’s capabilities, erosion of warrant protections under FISA, and incremental dissemination of information, intentional and unintentional, through the technologies in our lives has opened up the door to the US government.

The ability of the NSA to collect electronically transmitted data without a warrant shows the deterioration of laws enacted by the legislature to protect US citizens in the wake of the Nixon Administration’s Project MINARET, which targeted foreign intelligence gathering capabilities illegally against people in the US. The Church commission uncovered the existence of the NSA and its use to gather information about individuals who opposed the Vietnam War. This triggered legislation that limited the government’s ability to gather intelligence against US citizens without a warrant (Graves, 2010, 1875-83). In the wake of 9-11 we have seen fears surrounding security and external threats, creative interpretation by the executive branch of the law as written, and collusion between the executive and legislative branches working together to change the definition of privacy. The Foreign Intelligence Service Act of 1978 (FISA) was enacted to ensure that gathering of foreign intelligence was directed overseas and that intelligence collected on US soil would follow the warrant requirements of the Fourth Amendment. Passage of the USA Patriot Act of 2001 changed the FISA standards to allow intelligence gathering against people in the US for criminal prosecution. Amendments to FISA in 2008 strengthened the warrant requirements, but added exceptions that temper these requirements when there is an imminent threat to the country, or the country is at war (Graves, 2010, 1867-70). Though the law does afford protections to US citizens, it says very little about what can be collected from third parties.

What has become obvious is that a warrant is not necessary to gather large amounts of very personal data. Through technology we are shouting from our rooftops and placing the intimate details of our lives out there for all to see. Graves states that warrant requirements are designed to curtail the actions of the government, not corporations. She warns that without statutes stating that it may not, the government may collect the information that corporations gather as part of selling their products and services (2010, pp. 1859-60). And indeed, the NSA is putting in place the infrastructure to do just that. With a brand new data center to warehouse, analyze, and catalog every discarded and mundane piece of information, and an $8 billion budget to work with, we see not only the means to collect and interpret on the government side, but also the monetary motivation from the corporations gathering the data to pass this information on to government agencies (Graves, 2010, p. 1902). What has evolved over the past two decades between technology innovators and the general public is a false sense of trust. It is a situation where the technologies we have grown to love, like social networking sites and mobile phones, provide both the means and the motivation for usurping and sacrificing privacy.

Two studies conducted in 2008 and 2009 lend insight into why we accept the invasion of privacy that is part of the technology we use on a daily basis. The studies were conducted in London and they show how social identity theory plays a significant roll in what we will or will not accept with respect to technology that is invasive in nature, and whether or not the technology is perceived as an invading our privacy. The study looked at how closely people identify with a group they were told had set up surveillance cameras; and gauged the corresponding acceptance of this invasion of privacy. The study showed that those who identified closely with the source of surveillance were less likely to perceive the surveillance as an invasion of privacy (O'Donnell, Jetten, & Ryan, 2010). Social identity theory and the results of this study provide insight into why we place so much trust in the technology we use on a daily basis. We choose an Android or Apple phone not only because of its utility, but also because of its general acceptance among peers, and expectations that we will use that technology just like they do. We also identify with the manufacturers of these phones, eagerly anticipating newer versions with more capabilities that will make our lives better. One of the important conclusions drawn from the social identity experiment was “when identification was higher, individuals tended to believe that the surveillance was there to promote the safety of themselves and other in-group members” (O'Donnell, Jetten, & Ryan, 2010, pp. 143-44). Social identity theory may explain why some invasions of privacy are given a pass when the companies we love and trust are the ones breaching our trust.  

In 2011, lawmakers initiated a probe into location tracking by both Apple and Android cellular phones. Software running on the operating systems of the devices used the GPS capabilities of the phone’s hardware to log the location of users, and then transmitted the location data back to Apple and Google (Byron, 2011). This examples of surreptitious data gathering garnered only fleeting attention and quietly died with no apparent impact upon smartphone sales or action by our astute legislature. The lack of reaction to this breach of trust between users and the companies manufacturing the devices raise interesting questions regarding privacy not only in the big picture, but also on an intimate level with the providers of technology. The congressional probe yielded nothing in the way of fines or new consumer protection legislation. So what was the point? Is it possible that lawmakers backed down in light of the intelligence value of the information collected? As mentioned earlier, the threat to personal privacy does not lie in the information that is made available by individual technologies; it is the combination of information from disparate sources that threaten our privacy and civil liberties.

While social identity theory may explain much about our broad acceptance of technologies on the commercial side, it does not explain the acceptance of the pervasive surveillance the FBI is introducing across the country through its Next Generation Identification (NGI) program. The system, designed by Lockheed Martin Transportation and Security Solutions, is an extension of the Automated Fingerprint Identification System (IAFIS) currently used across the country to keep tabs on people with criminal records. The system combines cameras with facial recognition technology to identify and track known criminals as they move about in public places. (http://rt.com/usa/news/fbi-recognition-system-ngi-640/print/). The system raises privacy issues not because it can identify known criminals, but because of the intention of law enforcement to combine the data acquired with public information from the Internet and social media websites to identify everyone. With this technology, we see law enforcement casting a broad net to identify and to keep track of known criminals in the US without considering how the technology affects the average person on the street. The RT.com article goes on to quote the FBI as saying, “As a result of the NGI initiatives, the FBI will be able to provide services to enhance interoperability between stakeholders at all levels of government, including local, state, federal, and international partners.” Given that the system will “enhance interoperability…at all levels of government…” is there any doubt that this information will make its way to Utah? It looks very much like the government will have a complete dossier on every American citizen within the next decade, gathered from information that we provide though the technology that we integrate into our lives.

The looming question regarding privacy in light of the capabilities of the government and private corporations to gain access to our personalized information is what can we do about it? We live in a society driven by information where technology acts to either enable or constrain what we are capable of doing (Ohm, 2010, p. 1695). There is a need for government, and by extension, law enforcement to have the best and most sophisticated technology possible to ensure the safety of the average person. There is no doubt that criminals and enemies of the US will use the best technology available to them when they commit crime, and to hide the activity of their crimes (Simmons, 2007, p. 543). We invite disastrous consequences on the lives of innocent people when we fail to act on gathered intelligence, but also we risk missing pertinent intelligence through the misallocation of resources in watching, intercepting, reading, and interpreting data gathered on otherwise law-abiding citizens. Additionally, we need to balance the social and economic costs of intelligence gathering (Penny, 2007, p. 510). Checks and balances must be put in place with congressional oversight to protect privacy with respect to government agents and private corporations.

Acting as a first line of defense, and being directly accountable and accessible by the general public, congress should put in place a review board that molds, modifies, and drafts law regarding the use of specific technology where it may infringe on the privacy of individuals. Unlike the federal judiciary, which is appointed by the executive branch, legislators are in a position to hear and be influenced by their constituents, industry experts, and law enforcement representatives in assessing the use of new surveillance technology (Penney, 2005, p. 501). Placing concerns over privacy as they relate to technology in front of elected representatives shines a public light on the issue and forces concerns to be addressed, or at least recognized. What we currently see with the use of technology as a tool in law enforcement is a use first, ask questions later mentality. Penny observes that a law enforcement agent’s performance metrics are strongly based on how much crime is prevented. There is a tendency to use any and all technology at the disposal of the agents to prevent and solve crimes without considering how its use potentially violates standing laws or the Fourth Amendment (Penney, 2005, p.501). Shedding light on the relationship between the uses of novel technologies in law enforcement protects both integrity of police investigations and provides an opportunity for the public to erect boundaries regarding their use. 

Review boards that focus on specific types of technology like wireless communication data, cell phone GPS data, or the use analytical software that compiles, sorts, and profiles individuals will aid in drafting legislation that fits societal expectations of privacy. Technology review boards should serve two functions. First, to ensure that legislation keeps pace with newly introduced and emerging technologies; and second, to periodically review how existing law applies to available technology. Many of our laws surrounding technology are drafted in haste, in response to events that cause societal panic such as terrorism or gun crime and fail to take into account how these laws created will affect us in the long term (Bannister, 2005, p. 74). Law enforcement powers, like those passed after 9-11 may, in retrospect, be overly intrusive in the view of society one or two decades later. Active, periodic review of existing law also ensures that neither criminals who leverage new technologies, nor law enforcement who do the same from a security and policing perspective, are constrained or enabled unjustly due to gaps and loopholes in existing law (Simmons, 2007, p. 545). The fine-tuning of existing or future laws ensures that the laws are relevant and in the interest of current societal norms, mores, and expectations. Review boards will also be able to clear any ambiguities in the laws as written, or in case law when applied unjustly to particular criminal prosecutions within the view of current societal reasonable expectations of privacy.  

There is a need for access to data obtained and retained by both government agencies and private corporations as part of independent audits and oversight of law enforcement agencies. Data retention time limits would help insure privacy by reducing the government’s ability to compile data on individual citizens who act within the law and are not part of an ongoing police investigation (Bannister, 2005, p. 76). The advances in the ability to monitor, process, and store data, as will be possible with the NSA’s Utah data center, make it tempting to take a no holds barred approach to data acquisition and interpretation. We should not sacrifice security so government agencies can justify monetary expenditure through proof of system capabilities. Auditing in conjunction with data retention limits would aid in reducing costs, improving privacy, and focusing resources where they can effectively be used to protect the security of US citizens.  

Nothing in this paper is meant to detract from or downplay the important roll that technology plays in conducting effective law enforcement. In many instances, it is criminals who find novel ways of applying technology to harm others in society, and the police and private corporations who are playing catch up. Still, we cannot forget or ignore the boundaries that were established by the framers of the US Constitution to ensure protection against the vast power and unlimited resources wielded by the government. We often forget that the power or limitations on the government are derived from the people through duly elected representation and a separation of powers in our three branches of government; and that this is what establishes the boundaries between liberty and security.  

What is happening, at an accelerating pace, is a growing comfort level in and desire for the technology that surrounds us. Through established case law that analyzes the reasonableness of one’s expectation of privacy; we see a slow erosion of what is and is not considered private based on our own divulging of information. This information is given either overtly, as bartering chips in transactions for goods and services with private corporations, or because the technology acts through a third party intermediary as part of the service. To many of us this information is incidental, and with limited use and dissemination this assumption is certainly correct. Where we fail, and where we have become complacent, is in not considering the future use of this information and to what ends at a corporate or governmental level. As individuals we need to shrug off complacency and silent acceptance of compiled personal data without strict limitations. Through our voting power we must call on our representatives to expand the boundaries of privacy to encompass the extension of ourselves that technologies have become. If we choose to act now, rather than later, we will be able to preserve the long-held beliefs of individualism and personal privacy that are so closely enmeshed within the framers’ desire to protect civil liberties and guard against abuse of power. 

References

Amar, A. R. (1994). Fourth Amendment First Principles. Harvard Law Review, 107(4), 757-819. Retrieved from: http://digitalcommons.yale.edu

Byron, A., & USA, T. (2011). Lawmakers request probe of tracking by Apple and Google. USA Today. Retrieved from http://web.ebscohost.com.ezproxy.etown.edu

Clarkson, K.W., Miller, R.L., Cross, F.B. (2012). Business Law Text &Cases: Legal, Ethical, Global, and Corporate Environment. Mason, OH: South-Western, Cengage Learning.

Ellis, W. W. (2010). US Intelligence at the Crossroads. Mediterranean Quarterly, 21(2), 1. doi:10.1215/10474552-2010-001

Graves, L. (2010). The Right to Privacy in Light of Presidents' Programs: What Project MINARET's Admissions Reveal about Modern Surveillance of Americans. Texas Law Review, 88(7), 1855-1904. Retrieved from http://web.ebscohost.com.ezproxy.etown.edu.

Kasper, D. V. S. (2005). The Evolution (Or Devolution) of Privacy. Sociology Forum, 20(1), 69-92. Retrieved from http://www.jstor.org.ezproxy.etown.edu

Kemler, L.B., Tomkovicz, J.J., Shapiro, S.R. (2000). Brief Amicus Curiae of the National Association of Criminal Defense Lawyers and The American Civil Liberties Union, In Support of the Petitioner (No. 99-8598). Retrieved from http://supreme.lp.findlaw.com

Ku, R. (2010). PRIVACY IS THE PROBLEM. Widener Law Journal, 19(3), 873-891. Retrieved from http://web.ebscohost.com.ezproxy.etown.edu

Ku, R. (2010). UNLIMITED POWER: WHY THE PRESIDENT'S (WARRANTLESS) SURVEILLANCE PROGRAM IS UNCONSTITUTIONAL. Case Western Reserve Journal Of International Law, 42(3), 647-673. Retrieved from http://web.ebscohost.com.ezproxy

.etown.edu

O'Donnell, A. T., Jetten, J., & Ryan, M. K. (2010). Who is watching over you? The role of shared identity in perceptions of surveillance. European Journal Of Social Psychology, 40(1), 135-147. Retrieved from http://web.ebscohost.com.ezproxy.etown.edu

Ohm, P. (2010). The Argument Against Technology-Neutral Surveillance Laws. Texas Law Review, 88(7), 1685-1713. Retrieved from http://web.ebscohost.com.ezproxy.etown.edu

Penney, S. (2007). REASONABLE EXPECTATIONS OF PRIVACY AND NOVEL SEARCH TECHNOLOGIES: AN ECONOMIC APPROACH. Journal Of Criminal Law & Criminology, 97(2), 477-529. Retrieved from http://web.ebscohost.com.ezproxy.etown.edu

U.S. Const. amend. IV.