Free flows of information [about someone else]
After the fuss surrounding PRISM last month, I was bemused to find the historical pages of the July 2013 issues of IEEE Computer reporting that, thirty-two years ago, "worldwide protectionist legislation is threatening the free flow of information across borders". This lament is attributed to W. Michael Blumenthal in the July 1981 issue of the same magazine (p. 115), who was then the chairman of the Burroughs Corporation (now part of Unisys).
How things change! I thought. In 1981, Blumenthal feared that governments might enact legislation preventing the free use of private data. In 2013, computer enthusiasts fear that governments themselves might be making free use of private data.
Reading the original article in its entirety, I realised that the two attitudes probably aren't as contradictory as they first seemed. I take Blumenthal to be referring to computer companies' ability to use data as they please, while modern critics of PRISM are referring to the government's ability to use data as it pleases. The two sentences in the previous paragraph are perfectly consistent when interpreted in the light of self-interest: the computer industry would like to do as it pleases with whatever data it can collect, while it has nothing to gain from law enforcement agencies' use of similar data. For law enforcement agencies, it's the other way around.
I think just about all credible systems of ethics, justice and law try to resolve this problem by demanding some variant of the Golden Rule: treat others as you would have them treat you. Or, that everyone is equal before the law. In a privacy context, I may not have anything immediate to gain from someone else's use of data, but it would be irrational (or at least egomaniacal) for me to deny someone else use of data in a way that I believe I'm entitled to do myself. If I think beyond my immediate self-interest, I see that I do have an interest in allowing other people to make use of data insofar as it provides a moral basis for my right to use data in the same way.
Computer companies and law enforcement agencies, though, differ markedly from individuals and from each other. Law enforcement agencies do plenty of things that would be regarded as vigilantism if I did them myself, and I have no conceivable need to sell customer information since I'm not an ad-supported business. Yet I appreciate enforcement of the rule of law and (sometimes) ad-supported services, so it's not so simple to say that I should treat them as I would have them treat me. So perhaps we need something a little more nuanced.
I was recently introduced to the work of John Rawls, who proposed that a "just" system of laws is one that would be agreed to by people with no knowledge of what social position they were going to be born into. I wonder if computer companies, law enforcement agencies and the rest of us could learn from similarly pondering how we would establish rules for the sharing of data without any knowledge of the industry in which we were to be engaged?
