The Digital Person: Technology and Privacy in the Information Age.

Vol. 15 No.2 (February 2005), pp.121-124

THE DIGITAL PERSON: TECHNOLOGY AND PRIVACY IN THE INFORMATION AGE, by Daniel J. Solove. New York: New York University Press, 2004. 288pp. Cloth $29.95. ISBN: 0-8147-9846-2.

Reviewed by Philip A. Dynia, Department of Political Science, Loyola University New Orleans. E-mail: dynia@loyno.edu .

THE DIGITAL PERSON is a study of the privacy issues raised by the rapid development over the past twenty years of technology and digital information, and the law’s sporadic and increasingly inadequate response to this new and continuously evolving information universe. Daniel J. Solove, associate professor of law at the George Washington University Law School (and coauthor of INFORMATION PRIVACY LAW) is well-suited to discuss the current state of the law and the question of what reforms are needed. But if, as most readers of the LPBR would readily acknowledge, there is no law without politics, Professor Solove’s strictly legalistic approach might be faulted for addressing only one facet of an exceedingly complex problem. Still his treatment of this particular facet is thoughtful, thorough, concise, and occasionally laced with humor (a characteristic of legal writing that often appears only in the torturously jocose titles of law review articles).

The information revolution has resulted in an unprecedented proliferation of records and data, and the rise of what Solove refers to as “digital dossiers” constructed through three types of information flow—between large computer databases of private-sector companies, from government public record systems to a variety of private-sector businesses, and from the private sector to government agencies and law enforcement officials. In particular, the Internet “is rapidly becoming the hub of the personal information market.”

Much of the impetus for digital dossiers is market driven. Those who want to sell us something can make more targeted appeals if they have information on our age, ethnicity, incomes, hobbies and interests. Some of this information is already in the public record, and some of it we willingly give when we apply for a credit card, choose an ISP, fill out a product-warranty card, or shop online. This information can be used in benign ways, as when a company you do business with sells your name to another company for targeted advertising. And who, using Amazon.com regularly, has not come to a (perhaps grudging) respect for the often uncanny accuracy of their “recommendations” for new purchases? Not Professor Solove, as he readily admits.

But digital dossiers can also be used in considerably less benign ways. Even the most casual observer knows some of the horror stories. Senator Edward Kennedy was delayed in boarding a commuter flight he took regularly because someone with the same name appeared on a “do not fly” list. Callers on hold are monitored by a firm employed to listen to every second of every call for “quality assurance” purposes. A proposed [*122] government project, Total Information Awareness, would have amassed personal information from private-sector sources into a comprehensive database of dossiers on individuals, and then used profiling technology to analyze it for criminal activity. (Even with its new name – Terrorism Information Awareness – the project proved too much for a usually compliant Congress, perhaps because its most avid promoter was former vice admiral John Poindexter, of Iran-Contra “fame.”) Tiny electronic transmitters are attached to every container of drugs shipped from a pharmaceutical manufacturer, allowing them to be traced from origin through the distribution process and ultimately to the consumer.

“These developments,” Solove tells us, “certainly suggest a threat to privacy, but what specifically is the problem?” How this question is answered is the key to discovering how law might address the problem in the future. In one of the most enjoyable chapters, “Kafka and Orwell,” Solove discusses how we must reconceptualize information privacy to understand both the exact nature of the problem and its possible solutions. In the popular mind, the problem created by databases is often understood in terms of Orwell’s Big Brother. Tellingly, a recent NEW YORK TIMES book review of a work that cites many of the examples Solove does—and many he does not—but that does not appear to go much beyond a graphic parade of horribles, is headlined “Nonstop Scrutiny, As Orwell Foresaw.” Solove, stressing the significant degree to which our thinking about a problem involves the metaphors we use, argues that the goals of data collection are, at the least, far less malignant than the aims of Big Brother. We are being watched by machines (i.e. computers), not by other humans, and this “impersonality makes the surveillance less invasive” (p.34).

Remaining in the realm of dystopian literature, the far more apt metaphor is that of Kafka’s THE TRIAL. Its protagonist, Joseph K., is helpless, frustrated, vulnerable in the face of a large bureaucratic organization that has control over a vast dossier of details about his life. “At any time, something could happen to Joseph K.; decisions are made based on his data, and Joseph K. has no say, no knowledge, and no ability to fight back. He is completely at the mercy of the bureaucratic process.” Even if the bureaucratic purposes are benign, the problem with databases and the often slipshod and cavalier way in which information within them is gathered and assessed, is that they disempower people, making them “vulnerable by stripping them of control over their personal information” (p.41).

The book is divided into three parts. The first explores the digital dossiers about individuals that are being assembled through computer databases and the internet, with a focus on the activities of businesses. Part Two examines the ways in which public records contribute to the content of digital dossiers. The final section addresses the problems created by increasing government access to digital dossiers. When government enters the picture, there is an interplay of the two metaphors (Kafka and Orwell) that captures the key problem—the burgeoning practice of mining data from private-sector sources to profile individuals. “The results of these secret computations have palpable effects on [*123] people’s lives” (p.41). Senator Kennedy would agree.

In each major section, there is a wealth of both historical and contemporary information on the information revolution and the relevant law, mined from a wide variety of sources, ranging from other law professors to historians, sociologists, and an occasional political scientist. Solove’s prose is exceptionally concise and provides a highly readable and accessible primer on the topics covered. One conclusion emerges overwhelmingly: current constitutional, tort, and statutory law are inadequate for dealing with this new technology.

Some question whether law can do anything to address the problem. Solove quotes a CEO of Sun Microsystems: “You already have zero privacy. Get over it” (p.224). Solove also admits that many of the privacy problems he identifies are in fact caused in large part because of the law. Congressional responses to various privacy concerns have been episodic, and, true to the one enduringly effective law—that of unintended consequences—have often created more problems than they solved, nicely crystallized in another recent NEW YORK TIMES headline: “Law to Bar Junk E-Mail Encourages Flood Instead.”

Solove argues that if we understand the full extent of the legal construction of privacy “we will realize that privacy is not passively slipping away but is being actively eliminated by the way we are constructing the information economy through the law” (p.225). He optimistically rejects the glib cynicism reflected in the CEO’s “get over it.” He opts for a regulatory system similar to those that now regulate our food, environment and financial institutions.

With respect to the private sector, Solove posits “a radical proposal.” The law should require that companies collecting and using our personal information stand in a fiduciary relationship with us. And “[j]ust as the Food and Drug Administration (FDA) regulates food and drugs . . . we need a federal agency to regulate the collection and use of personal information” (p.108).

His solution for information in public records is to abandon the “secrecy paradigm” that equates privacy with secrecy and that conversely treats whatever is no longer secret as totally public. Solove believes that “what is public can be private—not in the sense that it is secret, but in the limitation of the uses and disclosures of the information. Privacy is about degrees of accessibility” (p.161).

The greatest problem—government’s expanding access to our digital dossiers—requires a rethinking by the Supreme Court of its Fourth Amendment jurisprudence, statutory regulation of both the government’s acquisition of personal data and its downstream uses of it, and a requirement that government obtain a special court order that combines the benefits of subpoenas and warrants to access personal information stored in a system of records.

One cannot fault Professor Solove’s faith in the law. Nor can one accuse him of political naiveté (though the recent record of the FDA was certainly common knowledge when he wrote the sentence quoted above). Still it is [*124] troubling that he relegates to a footnote a discussion of the close connection between the Census Bureau and marketers. Presidents have frequently appointed former marketers to serve as the head of the Census Bureau. Companies have made special deals with the Census Bureau to ask certain questions and to perform tabulations of census data in ways that will be useful to marketers. “Indeed,” Solove concludes, “the Census Bureau has been accused of being too influenced by the needs and wants of corporate America” (p.230, n27). Indeed. Like Captain Renault, this reviewer is “shocked, shocked” at this discovery. Can such corporate influence be true of Congress, the presidency, the regulatory agencies? The fact is that politics is as much responsible for the tenuous condition of our privacy protection as is the law. One wishes Solove had written more on the politics of privacy law in the information age. And perhaps he will—he himself says that the present book, based in part on several earlier and now revised law review articles, is but a stage in an argument that is unfolding and developing. Certainly the present volume gives us reason to look forward to his future contributions.

REFERENCES:

Kakutani, Michiko. 2005. “Nonstop Scrutiny, As Orwell Foresaw.” THE NEW YORK TIMES, January 25, 2005, p.E1. Review of Robert O’Harrow Jr., NO PLACE TO HIDE, New York: Free Press (2005).

Solove, Daniel J., and Marc Rotenberg. 2003. INFORMATION PRIVACY LAW. New York: Aspen Publishers.

Zeller, Tom, Jr. 2005. “Law Barring Junk E-Mail Allows a Flood Instead.” THE NEW YORK TIMES, February 1, 2005, p.A1.

************************************************************