Legislating Privacy
eBook - ePub

Legislating Privacy

Technology, Social Values, and Public Policy

  1. 336 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Legislating Privacy

Technology, Social Values, and Public Policy

About this book

While technological threats to personal privacy have proliferated rapidly, legislation designed to protect privacy has been slow and incremental. In this study of legislative attempts to reconcile privacy and technology, Priscilla Regan examines congressional policy making in three key areas: computerized databases, wiretapping, and polygraph testing. In each case, she argues, legislation has represented an unbalanced compromise benefiting those with a vested interest in new technology over those advocating privacy protection. Legislating Privacy explores the dynamics of congressional policy formulation and traces the limited response of legislators to the concept of privacy as a fundamental individual right. According to Regan, we will need an expanded understanding of the social value of privacy if we are to achieve greater protection from emerging technologies such as Caller ID and genetic testing. Specifically, she argues that a recognition of the social importance of privacy will shift both the terms of the policy debate and the patterns of interest-group action in future congressional activity on privacy issues.

Originally published in 1995.

A UNC Press Enduring Edition — UNC Press Enduring Editions use the latest in digital technology to make available again books from our distinguished backlist that were previously out of print. These editions are published unaltered from the original, and are presented in affordable paperback formats, bringing readers both historical and cultural value.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Legislating Privacy by Priscilla M. Regan in PDF and/or ePUB format, as well as other popular books in Politics & International Relations & City Planning & Urban Development. We have over one million books available in our catalogue for you to explore.

Chapter 1 Privacy, Technology, and Public Policy

When Robert Bork was nominated to the Supreme Court in 1987, a Washington, D.C., newspaper, after examining the computerized records of a video store, published the titles of movies he had rented. In 1989, while preparing an article on computers and privacy, a Business Week editor, claiming to be investigating a job applicant, gained access from his home computer to the database of a major credit bureau for a $500 fee and obtained the credit report of the vice president.1 In 1991 allegations that aides of Virginia’s junior senator Charles Robb had eavesdropped on the car phone conversations of Virginia’s governor Douglas Wilder alarmed car phone users as well as politicians. Because of the prominence of the people involved, these “privacy” invasions received considerable attention and contributed to the development of legislative initiatives.
Every day millions of ordinary people are subject to a variety of technologies that invade their privacy. Frequent-shopper programs retain computerized databases on the buying habits of millions of consumers and then sell that information to marketing firms. Banks, department stores, malls, airports, and federal and state governments currently use sophisticated electronic surveillance equipment for security purposes. Cordless phone conversations can be picked up accidentally on a home or car radio or can be intercepted intentionally. Job applicants are subject to a variety of background checks and, for many jobs in the service sector, are required to take “honesty” or “integrity” tests to determine if they have engaged in prior actions that could be labeled dishonest or counterproductive and to gauge applicants’ attitudes toward such actions.
Although these examples are contemporary, concerns about privacy and technology are not new. In 1928 Supreme Court Justice Louis Brandeis, in a now famous dissenting opinion in a case involving wiretapping, warned: “Subtler and more far reaching means of invading privacy have become available to the Government. . . . The progress of science in furnishing the Government with the means of espionage is not likely to stop with wiretapping. Ways may some day be developed by which the Government, without removing papers from secret drawers, can reproduce them in court, and by which it will be enabled to expose to a jury the most intimate occurrences of the home.”2 Science and technology have progressed and, as Justice Brandeis anticipated, have given government and other organizations the capability to invade privacy in new and different ways.
A number of technological innovations have an aura of science fiction but will soon become realities. Genetic mapping and screening will make possible the identification of genes associated with predispositions to certain diseases or behaviors. Medical researchers have already identified genes associated with cystic fibrosis, breast and colon cancer, osteoporosis, and alcoholism. Once genetic identifications can be made on an individual basis, a host of troubling privacy problems, especially in the areas of employment and insurance, will develop. Pilot projects utilizing Intelligent Transportation Systems (ITS) also raise privacy issues. These systems allow for the tracking of vehicles in real time and the collection of information on where vehicles have been and where they are headed. These communication and information systems will contain vast resources of personal information that have not been easily documented before and will be of great interest to direct marketers and law enforcement officials. Personal communication systems, which telephone companies see as a major trend in the future, will associate phone numbers with individuals rather than with phones. Although this will facilitate direct communication, it will also allow for monitoring the movements of individuals.
Uses of new technologies raise policy issues that are often defined in terms of an invasion of privacy. A new technology might allow for observation of actions regarded as “private,” listening in on conversations thought to be “private,” collection and exchange of information thought to be “private,” or interpretation of physiological responses viewed as “private.” At the same time, the new technology gives the organizations using it a new source of power over individuals. The power derives from the organizations’ access to information about individuals’ histories and activities, the content and pattern of their communications, and their thoughts and proclivities.
Technology enhances the ability of organizations to monitor individuals. Oscar Gandy refers to this as the “panoptic sort” — “a kind of hightech cybernetic triage through which individuals and groups of people are being sorted according to their presumed economic or political value.”3Yet in policy debates in the United States, the emphasis has been on achieving the goal of protecting the privacy of individuals rather than curtailing the surveillance activities of organizations.4 Instead of targeting the organizational aspects of surveillance, policy concern has been directed at the effect of surveillance on individual privacy. It was thought that by protecting individual privacy, the surveillance activities of organizations and the government would be checked. Individual rights were seen as a means of controlling power. This emphasis on privacy and individual rights makes for good political rhetoric and captures the initial attention of the public and policy makers. Privacy issues are easily placed on the public, and even the governmental, agenda. But as this book will illustrate, the focus on privacy and individual rights does not provide a sound basis on which to formulate public policy. As a value, privacy is important, but as a goal for public policy, privacy remains ambiguous.
One problem in legislating to protect privacy is that it is difficult to conceptualize privacy, especially for purposes of formulating policy. Authors of philosophical and legal works about privacy emphasize that their subject is difficult to define. Alan Westin’s book Privacy and Freedom begins: “Few values so fundamental to society as privacy have been left so undefined in social theory or have been the subject of such vague and confused writing by social scientists.”5 Judith Jarvis Thomson’s article “The Right to Privacy” opens: “Perhaps the most striking thing about the right to privacy is that nobody seems to have any very clear idea what it is.”6 Similarly, C. Herman Pritchett, in his foreword to David O’Brien’s book Privacy, Law, and Public Policy, states: “Privacy is a confusing and complicated idea.”7 In the first chapter of her book Privacy, Intimacy, and Isolation, Julie Inness writes that in the legal and philosophical literature on privacy, “we find chaos; the literature lacks an accepted account of privacy’s definition and value.”8 This view is echoed by Vincent Samar in the first chapter of his work The Right to Privacy: Gays, Lesbians, and the Constitution when he states: “After a century of development of the right to privacy in American law, the parameters of privacy and the arguments for its protection are still unclear.”9
These difficulties in conceptualizing privacy not only are of philosophical importance but also have profound implications for the formulation of public policy to protect privacy. My interest here is not to arrive at a definition of privacy with which all philosophers can concur. I agree with Spiros Simitis, an internationally renowned privacy scholar and the former data protection commissioner for the German state of Hesse, that “the more the need for a convincing definition of privacy based on criteria free of inconsistencies has been stressed, the more abstract the language has grown.”10 Instead, I forego that debate entirely and use the definition of privacy that has provided the basis for most policy discussions in the United States, namely that privacy is the right to control information about and access to oneself.11 My concern is to explore the policy importance of the idea of privacy, not to refine its definition, and to examine what happens when an individualistic conception of privacy serves as a goal for congressional policy making. As we will see, this individualistic conception of privacy does not provide a fruitful basis for the formulation of policy to protect privacy.
In addition to difficulties in conceptualizing privacy as a value, another problem in legislating to protect privacy is its definition as an individual right. In the American tradition, there are two types of rights — civil liberties and civil rights. Privacy is defined as a civil liberty, a right to be free of outside interference or what Isaiah Berlin terms a negative liberty.12 Vincent Samar also makes the point that “legal privacy is a species of negative freedom.”13 Because privacy is viewed as a civil liberty, it loses some of the political power and legitimacy that attaches to rights in American political life.14 Defining a problem in terms of rights has been a potent political resource for many issues — civil rights, women’s rights, rights of the disabled—but these issues involve rights to some benefit or status and are defined not in terms of an atomistic individual but an individual as a member of a group. These civil rights issues raise different questions than do civil liberty issues about the use of government power and elicit different types of politics.
Because privacy is seen as an individual interest and choice, ambiguities about its meaning exist. It is assumed that different people define privacy differently. No individual right is absolute, and all need to be balanced against other competing rights and interests. Privacy is balanced against other values people regard as important, such as freedom of the press, law and order, detection of fraud, and national security. The ambiguous nature of privacy is further complicated because people assume they possess a certain level of privacy and appear unconcerned about privacy — until their privacy is threatened or invaded. When this occurs, the definition of privacy is dependent upon, or derived from, the nature of the threat to privacy.
In the United States, the formulation of policy to protect privacy in the face of technological change has been slow and incremental. Most recent analyses of the development of American privacy protections have focused on judicial formulation of policy. Both Julie Inness and Vincent Samar base their analyses almost exclusively on legal protections for privacy that have resulted from Supreme Court decisions.15 Congressional deliberations have received less attention. But several recent books point to weaknesses in American privacy legislation, especially in the area of personal information. Both David Flaherty16 and Colin Bennett17 compare the formulation and content of information privacy legislation, or data protection, in a number of Western democracies and point to shortcomings in the American approach. David Linowes,18 Jeffrey Rothfeder,19 and Jeff Smith20 examine a number of situations, especially in the private sector, in which privacy is raised as an issue and suggest that existing statutes need to be strengthened and new ones adopted. In general, these authors advocate more congressional action. An understanding of the dynamics of congressional politics involving earlier privacy issues will provide a basis for determining what is likely to occur in policy formulation involving current and future privacy issues.

Three Areas of Privacy Concern

The U.S. Congress has passed more than a dozen laws protecting individual privacy, most of which have been enacted since 1974 (see figure 1.1). Most were placed on the congressional agenda in response to technological changes that were perceived as threatening an area of individual privacy. Concerns about information privacy — involving questions about the use of personal information collected by organizations such as credit card companies, banks, the federal government, educational institutions, and video stores — account for three-quarters of these laws. Communication privacy concerns — involving questions about who can legitimately intercept discussions between two parties, whether those discussions be printed, verbal, or electronic — are responsible for two-thirds of the remaining laws. Psychological privacy issues — involving questions about the degree and type of probing utilized in determining individuals’ thoughts and attitudes — have resulted in the smallest percentage of privacy legislation.
Before discussing the selection of privacy areas, we should place these laws in perspective. The number of laws does not reflect enormous policy success by privacy advocates. Some of these laws, notably the Video Privacy Protection Act of 1988 and the Right to Financial Privacy Act of 1978, were passed in response to specific circumstances that highlighted threats to privacy. But more importantly, the actual number of laws passed pales in comparison to the amount of congressional activity devoted
Figure 1.1
Selected Privacy Legislation
Title III of the Omnibus Crime Control and Safe Streets Act of 1968 (PL 90–351) protects the privacy of wire and oral communications by prohibiting electronic surveillance of aural communications except for law enforcement surveillance under a court order, specified telephone company monitoring for service purposes, and cases where one participant consents to the surveillance.
Fair Credit Reporting Act of 1970 (PL 91–508) requires credit investigations and reporting agencies to make their records available to the subjects of the records, provides procedures for correcting information, and permits disclosure only to authorized customers.
Family Educational Rights and Privacy Act of 1974 (PL 93–380) requires educational institutions to grant students or parents access to student records, establishes procedures to challenge and correct information, and limits disclosure to third parties.
Privacy Act of 1974 (PL 93–579) gives individuals rights of access to and correction of information held by federal agencies and places restrictions on federal agencies’ collection, use, and disclosure of personally identifiable information.
Foreign Intelligence Surveillance Act of 1978 (PL 95–511) establishes legal standards and procedures for the use of electronic surveillance to collect foreign intelligence and counterintelligence within the United States.
Right to Financial Privacy Act of 1978 (PL 95–630) provides bank customers some privacy regarding their records held by banks and other financial institutions and stipulates procedures whereby federal agencies can gain access to such records.
Privacy Protection Act of 1980 (PL 96–440) prohibits government agencies from conducting unannounced searches of press offices and files if no one in the office is suspected of having committed a crime.
Cable Communications Policy Act of 1984 (PL 98–549) requires cable services to inform subscribers of the nature of personally identifiable information collected and the nature of the use of such information; the disclosures that may be made of such information; the period during which such information will be maintained; and the times during which subscribers may access such information about themselves. It also places restrictions on the cable services’ collection and disclosure of such information.
Electronic Communications Privacy Act of 1986 (PL 99–508) extends Title III protections and requirements to new forms of voice, data, and video communications, including cellular phones, electronic mail, computer transmissions, and voice and display pagers.
Computer Matching and Privacy Protection Act of 1988 (PL 100–503) requires agencies to formulate procedural agreements before exchanging computerized record systems for purposes of searching or comparing those records and establishes Data Integrity Boards within each agency.
Employee Polygraph Protection Act of 1988 (PL 100–347) prohibits the private sector’s use of lie detector tests for employment purposes, except in certain circumstances.
Video Privacy Protection Act of 1988 (PL 100–618) prohibits video stores from disclosing their customers’ names and addresses and the specific videotapes rented or bought by customers except in certain circumstances.
Telemarketing Protections Act of 1991 (PL 102–243) restricts telemarketing calls, especially those made by autodialers.
Sources: Office of Technology Assessment, Federal Government Information Technology: Electronic Record Systems and Individual Privacy, OTA-CIT-296 (Washington, D.C.: Government Printing Office, 1986); Robert Aldrich, Privacy Protection Law in the United States, report 82–98 (Washington, D.C.: National Telecommunications and Information Administration, 1982); Sarah P. Collins, Citizens’ Control over Records Held by Third Parties, CRS report 78–255 (Washington, D.C.: CRS, 1978).
to the subject and the number of laws not passed, involving, for example, medical privacy, personality tests, the sale of personal information, and the use of the social security number...

Table of contents

  1. Cover Page
  2. Legislating Privacy
  3. Copyright Page
  4. Dedication
  5. Contents
  6. Tables and Figures
  7. Preface
  8. Acknowledgments
  9. Chapter 1 Privacy, Technology, and Public Policy
  10. Chapter 2 Privacy as a Philosophical and Legal Concept
  11. Chapter 3 Privacy in American Society
  12. Chapter 4 Information Privacy: Recording Our Transactions
  13. Chapter 5 Communication Privacy: Transmitting Our Messages
  14. Chapter 6 Psychological Privacy: Evaluating Our Thoughts
  15. Chapter 7 Congress, Privacy, and Policy Decisions
  16. Chapter 8 Privacy and the Common Good: Implications for Public Policy
  17. Appendixes
  18. Notes
  19. Index