10 June 2020

Privacy and the four categories of information technology

American Enterprise Institute

Key Points

The term “privacy” is used to refer to many different human values, including control of personal information, fairness, personal security, financial security, peace and quiet, autonomy, integrity against commodification, and reputation.

These values are threatened differently by advancements in each of four distinct categories of information technology: sensing, storage, transfer, and processing.

The interactions between these values and the different types of information technology are complicated, so interventions meant to protect these values will vary in their effectiveness.
With legislation aimed at protecting privacy proposed in many jurisdictions and passed in some, understanding information technology and the values it affects can help policymakers fashion rules that empower people to protect themselves and that protect people directly if necessary.

Executive Summary


People use the word “privacy” to describe many different human values. The strongest sense of privacy is control of personal information, which peo­ple use to fashion their personae and roles in soci­ety. Fairness is an equally important value, as people should get what is due them, even when comput­ers and software are making decisions. Personal and financial security are privacy issues, in a sense, because these values can be threatened by information misuse. Privacy is also the enjoyment of solitude or peace and quiet, simply being left alone.

In the American constitutional sphere, privacy has been used to denote autonomy, particularly in the area of sensitive medical and family issues. For some, pri­vacy is defense against commodification, the reduction of what should be meaningful living to endless com­mercialism. Privacy also relates to protection of repu­tation because false personal information can offend and harm people.

In varying ways and degrees, these values are threat­ened by advancements in four distinct categories of information technology: sensing, storage, transfer, and processing. Sensing is the transformation of real-world information into digital data. Storage is collection of that data in media from which it can be recovered. Transfer is the movement of data across distance. And processing is the use of data. The number of potential uses for data is nearly infinite.

The interactions between these values and these technologies are complicated, and different inter­ventions will respond more or less well to threats. Understanding information technology and the val­ues it affects can help policymakers fashion rules that empower people in their self-protective efforts and that protect them directly.

Introduction

In recent years, contested policies and practices at information-based companies such as Facebook and Google have stirred hot political controversy. A major revision to European privacy regulations called the General Data Protection Regulation has caused compa­nies to revise their data practices and most major web­sites globally to post prominent notices about cookies. Legislation aimed at protecting privacy has been pro­posed in many other jurisdictions and passed in some. These developments may signal a coming wave of reg­ulatory control over the information economy.

A wave is a good metaphor, because debates about technology policy in Washington, DC, and other cap­itals are agitation on the surface of a deep ocean of technological change and related social change. When it comes to understanding and navigating the cur­rents, the ocean is more important than the froth. Continuing advancements in information technology are changing the way information moves in society. They are changing the consequences of interacting online. And they are changing the behaviors peo­ple might take in response. Everyone from ordi­nary consumers to top policymakers would do well to understand these currents, which are sometimes crosscutting.

The capacities of information technology have advanced and will continue to do so in ways that have consequences for privacy and related values. The advances have taken place in four usefully distinct cat­egories: sensing, storage, transmission, and process­ing.1 Sensing is the conversion of real-world analog information into much more powerful and useful dig­ital data. Storage is the recording and maintenance of data in digital formats for later access. Transmission is the movement of data from place to place. And pro­cessing is the automated use of data—in ways that seem limited only by the imagination.

Simple or obvious as the march of progress in these categories sounds, the consequences are both profound and varied. Together, technologies in these four categories are delivering tremendous economic and social progress, including greater wealth and well-being to people worldwide. These benefits are often given short shrift, as the problems technology creates are more interesting. We give the benefits short shrift here, too, focusing on how information technology threatens important values.

Privacy is the enjoyment of control over personal information. It is but one of the values at stake when people go online to learn, interact, be entertained, and trade. Other values, often referred to as “privacy,” include personal security, financial security, fairness, peace and quiet, autonomy, integrity, and reputation.

The intersection between the four categories of information technology and these values is not a clean line. Different information technologies affect each value differently. Sensing and privacy are utterly linked, for example, because the most direct way to control personal information is to prevent it from being digitized. Fairness is more clearly at stake—and threatened—by data processing. Threats to certain types of security are often mitigated by personal data processing that inures against fraud.

Given the differences among technologies’ rela­tionship to values, different interventions might respond more or less well to the threats each type of information technology poses. How best to address the effects of advancing technology on each value is a complex challenge reserved for exploration in a later report. The policy recommendation that springs from this report is simply to avoid trying to address a multiplicity of values in any one effort. That is unfor­tunately the approach of “privacy” legislation and reg­ulation in many jurisdictions.

But understanding information technology at a high level can help people protect their own privacy and all the other values that often go by that name. Greater knowledge can help policymakers fashion rules that empower people in their self-protective efforts and protect people directly. Ideally, what would result is the maximum possible technology implementation that is consistent with citizens’ and consumers’ actual desires, both for their personal circumstances and for the society in which they wish to live.

Technology is interesting and important, but human values are what matter. So I begin by anchor­ing the analysis in privacy and related values. After that, I survey how sensing, storage, transmission, and processing affect privacy, fairness, security, and the other values at stake in the burgeoning online envi­ronment. Many distinct values are at play indeed.

No comments: