Privacy and New Technology
posted by:Alison Gardner Biggs // 11:02 AM // January 26, 2005 // Surveillance and social sorting
Sometimes the impact of the Internet can catch us all by surprise. Policies which are perfectly appropriate for the offline world have different implications and consequences when translated to the online environment.
An example of this recently came to CIPPIC’s attention when an individual notified us that her personal contact information had been posted on the CRTC’s website. The CRTC's policy is to directly reproduce all comments received, including personal information. In this case, however, the individual in question did not know her information would be posted and only became aware of the posting when contacted by a complete stranger, three years later.
The CRTC has always made comments to Public Notices available in print format for inspection. This policy does not, however, translate well to the online world. An easy example is that of spammers and e-mail harvesting programs which troll the Internet for e-mail addresses. As well, information is harder to pull from the Internet - pages are often still available through tools such as Google's cache.
CIPPIC has written to the CRTC explaining our concerns and to ask them to reconsider their policy and move to a more privacy-respectful approach. The text of that letter can be found here.
On the other hand, democratic society relies on public debate to advance the public good through an honest exchange of views. Although there's clearly a wide range of anonymous speech which is essential to a vibrant democracy, there's still a place for identified speech, especially when it involves a direct intervention in policy development. Again, privacy isn't equated with secrecy. What's the principal harm here? Publishing the email address? The street address? The views expressed? Or the name? It seems to me that it's at least arguable that privacy-respectful policies in this regard could include posting the views of the individual by name, without disclosing the street address and email, because the views were submitted in a public process where the goal was to promote an exchange of views. Our understanding of privacy has to be flexible enough to account for the sociological and political meaning of the concept - in other words, we negotiate various levels of privacy when we leave solitude and intentionally engage in civic debate. I suppose I'm making the argument that we should expand Westin's privacy states of reserve and intimacy to include a public space in which private individuals engage as citizens. State surveillance practices, like police videotaping protestors who gather in a public place, would violate our understanding of "privacy" in the context of public participation because there's an implied threat associated with identification that negatively impacts of ability to exercise both our right to free speech and to freedom of association. In the CRTC case, the citizen has self-identifed in order to participate in a public consultation process so it seems to me that it isn't invasive to post her comments and her name. I would suggest the "harm" comes from putting her email and street address online, because it opens up her private space, her "solitude" so to speak, to nonconsensual invasion for purposes other her democratic participation.
Posted by: Valerie Steeves at January 28, 2005 03:00 PM
I am sorry if my post was unclear. Our main concern is with publishing e-mail address, fax numbers, phone numbers, and/or mailing addresses. We are not concerned with attaching names to comments submitted - as you eloquently point out, there are a variety of reasons why this is acceptable and perhaps even required.
Posted by: Alison Gardner Biggs at January 31, 2005 11:47 AM