Книга: Code 2.0

Solutions

Solutions

I’ve identified two distinct threats to the values of privacy that the Internet will create. The first is the threat from “digital surveillance” — the growing capacity of the government (among others) to “spy” on your activities “in public.” From Internet access, to e-mail, to telephone calls, to walking on the street, digital technology is opening up the opportunity for increasingly perfect burdenless searches.

The second threat comes from the increasing aggregation of data by private (among other) entities. These data are gathered not so much to “spy” as to facilitate commerce. Some of that commerce exploits the source of the data (Wesley Clark’s cell phone numbers). Some of that commerce tries to facilitate commerce with the source of that data (targeted ads).

Against these two different risks, we can imagine four types of responses, each mapping one of the modalities that I described in Chapter 7:

• Law: Legal regulation could be crafted to respond to these threats. We’ll consider some of these later, but the general form should be clear enough. The law could direct the President not to surveil American citizens without reasonable suspicion, for example. (Whether the President follows the law is a separate question.) Or the law could ban the sale of data gathered from customers without express permission of the customers. In either case, the law threatens sanctions to change behavior directly. The aim of the law could either be to enhance the power of individuals to control data about them, or to disable such power (for example, by making certain privacy-related transactions illegal).

• Norms: Norms could be used to respond to these threats. Norms among commercial entities, for example, could help build trust around certain privacy protective practices.

• Markets: In ways that will become clearer below, the market could be used to protect the privacy of individuals.

• Architecture/Code: Technology could be used to protect privacy. Such technologies are often referred to as “Privacy Enhancing Technologies.” These are technologies designed to give the user more technical control over data associated with him or her.

As I’ve argued again and again, there is no single solution to policy problems on the Internet. Every solution requires a mix of at least two modalities. And in the balance of this chapter, my aim is to describe a mix for each of these two threats to privacy.

No doubt this mix will be controversial to some. But my aim is not so much to push any particular mix of settings on these modality dials, as it is to demonstrate a certain approach. I don’t insist on the particular solutions I propose, but I do insist that solutions in the context of cyberspace are the product of such a mix.

Оглавление книги