Is Privacy a Zero Sum Game? Balancing Competing Privacy Interests in the Internet Age.

Technology has revolutionized nearly all aspects of modern life. Email, smartphones and social media are so ingrained into our society that it has become hard to remember how we existed before them. On a daily basis, we see what was once considered science fiction become reality. However, the breakneck speed of innovation has come with a cost, most notably to our collective notion of privacy. With modern technology, it is increasingly hard to achieve what has been described as the right to be let alone.

Modern technology poses particular challenges to privacy because it acts as a double edged sword, often serving as the source of someone’s privacy and the tool used to abuse someone else’s. This paradox inherent in modern technology is maybe best exemplified by the debate over encryption highlighted by the FBI’s 2016 fight with Apple and anonymous software, such as Tor, which allows users to mask their interactions over the Internet. For its proponents, encryption and anonymous software are critical for protecting privacy, allowing individuals to speak freely against oppressive governments and ensuring the uncensored dissemination of information. Notably, with concerns over how President Trump may utilize government surveillance to quell dissent, downloads of secured messaging apps have spiked since President Trump’s election.

That being said, the same technologies benefiting political dissenters and social activists can be used maliciously by Internet trolls, pedophiles and terrorists. With their communications encrypted and their whereabouts disguised by anonymous software, those wishing to do harm are emboldened to commit a range of abuses targeting the privacy of others without fear of discovery or retribution. The challenge remains how to balance competing perspectives of privacy, protecting both individuals whose privacy depends on encryption and anonymity and those whose privacy depends on ensuring against the harms created by the misuse of encryption software and technologies promoting anonymity.

Whether a balance between competing interests in privacy is achievable will depend on whether privacy advocates, legislators and scholars recognize and address the current imbalance, which favors encryption and anonymity over protecting against the abuses that flow from them. During the FBI’s fight with Apple, some suggested that encryption services should contain a hidden back door in the name of security. While such a proposal may seem outwardly easy and convenient, administering such a solution is impractical and fails to appreciate the need for encryption and anonymity to begin with.

The answer to protecting against the abuses posed by encryption and services such as Tor starts with limiting the fuel which powers the abuse. Information easily found on data aggregation websites can provide those wishing to do harm, often hiding behind the veil of anonymity, access to critical information, such as a person’s home address, email address or phone number. The ease in which such information is obtained can be troubling, especially to those with ongoing concerns for their personal safety, such as members of law enforcement, prosecutors, legislators, judges and more recently, journalists. We need to provide individuals the ability to have greater control over the information that exists about them on the Internet. This can be achieved in a couple of ways.

First, concerns raised over information appearing on online data aggregation websites could be mitigated through legislation affording individuals the ability to opt-out of the collection or publication of their personal information. While many websites currently offer an opt-out mechanism, Congress should create a website, patterned on the Do-Not-Call Registry, which would allow individuals the ability to have their information removed from all aggregation sites from a single source. Second, states should create privacy corporations, entities specifically designed to disassociate a person’s name from their home address. Limited liability companies (LLCs) are already commonly used by millionaires and billionaires to protect the privacy of their real estate holdings. The ability to mask the location of a person’s home address should be a right afforded to all, regardless of wealth.

Websites must also have incentives to implement protections for individuals against abuse committed through their sites or services. The primary way to entice websites into action is to reexamine Section 230 of the Communications Decency Act. Section 230 of the CDA affords broad immunity to websites for the content posted on them by third-parties. As opposed to receiving unconditional immunity, websites should be granted immunity only upon satisfying or agreeing to certain conditions, such as the removal of content upon court order and their implementation of a written policy, incorporating industry developed standards, to combat cyber harassment, hate speech and content promoting terrorism.

In the future, technologies which encrypt communications and allow for anonymity will become even more pervasive and widely utilized. The cat, with respect to these technologies, is proverbially out of the bag. To counteract the harmful effects these technologies can have on privacy, it will require cooperation, dedication and most importantly, innovation. There needs to be as much emphasis placed on technologies to prevent abuse from software promoting encryption and anonymity as there is in the development of the encryption and anonymity technologies themselves. Without ensuring a balance between encryption and anonymity and the negative effects resulting therefrom, privacy will continue to be a zero sum game subject to winners and losers. There must be a better answer to this paradox of privacy and we must find it.