A Summary of Solove’s The Digital Person
In The Digital Person, Daniel J. Solove elucidates the societal effects of what he terms the “digital dossier,” compilations of online information that exist about each of us in the hands of multiple businesses and government agencies (1). Solove writes that this growing phenomenon has serious implications for individuals and society and that it must be addressed to mitigate cultural problems now and in the future, such as a loss of individual freedom and self-expression. Solove advocates enacting laws that restructure the “architecture,” or overall patterns, of online information exchange in society (98).
People were beginning to grapple with the issue of online privacy when Solove’s book was published in 2004. Five years later, this issue is even more pressing with the expansion of social networking sites such as MySpace, Facebook, and Twitter (personal observation).
Solove explains that the growth of the Internet created the opportunities for marketers to access information that helped them target-market their products, increasing the return on investment of marketing dollars. Private information about individuals is gleaned from diverse sources, including purchases that people make on Web sites such as Amazon.com, answers to surveys, profiles on social networking sites, and information collected by the government, classified by social security number. This information may include a person’s address, telephone number, income, date of birth, and even such personal things as medical information, a person’s mother’s maiden name, and—of special interest to marketers—one’s preferences for consumer goods. There are companies whose sole business is collecting information about millions of people from online sources and then packaging and selling this to other companies and the government.
A common metaphor for the dissemination of personal information via the Internet is Orwell’s novel 1984 (29). The book describes a society in which an individual’s every move is watched by the government. Any criticism of government policies is forbidden, and those who are believed to be antagonistic to such policies are imprisoned or killed. People censor their every move so as not to appear to be at odds with the government. The catch-phrase of the novel is “Big Brother is watching you.”
Solove argues that viewing the issue of Internet information privacy in terms of a purely Orwellian metaphor misses the true nature and dangers of the problem. He offers an additional analogy in Franz Kafka’s The Trial (36). In this story, a man named Joseph K. is told that he is under arrest, but is never told the reason why. He tries to find out what he did to precipitate this accusation and meets with a nameless, faceless bureaucratic court system that gathers information about individuals without informing them of the process or reasons for the court’s decisions. Joseph is left powerless, with no way to influence the system and decide his fate. To Solove, Joseph’s struggle bears a striking similarity to the dissemination of personal information through anonymous channels on the Internet. The information that is collected about us is done so without our knowledge, and we may never know which parts of our lives are an open book to businesses and government agencies that pay to obtain the information.
Solove explains that, similar to Joseph K.’s situation—but unlike Orwellian totalitarianism—there is generally no malicious intent in online information gathering. Companies purchase our personal information not to blackmail or control us, but to convince us to purchase their products. The nefarious face of online information gathering, according to Solove, is the bureaucratic, data-centric structure underlying how the information is gathered and used. Solove argues that bureaucracies, while useful in their ability to process information and take action on a mass scale, can also lead to a way of treating people that is dehumanizing and robs people of their power to control the repercussions of their decisions (39).
Solove cites a case in which a bank was found to be profiling college students and selectively approving credit for those who had non-humanities majors (50). Ostensibly, this was because people in the humanities ultimately make less money than those in the sciences and, by the company’s reasoning, might be a greater credit risk. This illustrates how people’s private information can be used without their knowledge to make decisions that affect their financial and social welfare.
Solove argues that a market-based solution cannot be counted on to regulate privacy, and thus government intervention is needed (90-92). Companies are in positions of power, and in the parlance of contractual relationships, individuals are the “weaker parties.” The online privacy contracts drafted by companies are worded vaguely. Individuals must either agree to the terms or forego any relationship with these companies. There is no realistic mechanism for an individual to negotiate the contract. Thus, individuals are put in a take-it-or-leave-it position. Solove attributes part of this power imbalance to the bureaucratic nature of large entities (92). Companies do not need the business of any given individual because money flows in from transactions with thousands or hundreds of thousands of customers; however, individuals need the services that online companies offer. People’s individual needs and requests are not necessarily valued by entities that operate as bureaucracies, and thus, as in The Trial, there is little to nothing an individual can do to control the fate of his privacy online.
Legal protection against invasion of privacy encompasses constitutional, statutory, and judiciary law. The Fourth Amendment states that individuals will not be subject to search and seizure without “probable cause” (188). Solove sees the Fourth Amendment as a potential jumping-off point for future legislation that can protect the privacy of personal digital information (190). However, he states that up until now, the courts have not allowed the Fourth Amendment to be used this way. For example, in Olmstead v. United States (1928), the Court ruled that wire-tapping a person’s home is legal because it does not involve physical intrusion into the person’s property (197). It follows from this that the privacy of information of any sort is not considered to be subject to the dictates of the Fourth Amendment. To fill this void, many states have enacted statutes that require a subpoena to be presented before personal information can be obtained for use in a trial. However, Solove notes, a subpoena is relatively easy to come by compared to a warrant, which must be granted by a judge for a probable cause (202). Currently, statutory law does not protect individuals from release of personal digital information by third parties; nor does it prohibit free use of information given to online companies, such as Amazon.com (208).
Solove sees case law as being relatively ineffectual in regulating the effects of digital dossier use. This is because, on the Internet, there is typically no one party that can be held accountable in court. It is legal for a Web site to collect and sell people’s information unless the Web site’s privacy policy specifically forbids this. It is also legal for a company to purchase such information from another party. Currently, information that exists on the Internet is considered in the public domain, so it is available for anyone to collect and use. In most cases, the legality of information dissemination in any particular situation is moot, because the individual does not know that his information is being used and will not seek recourse (75).
A significant danger of digital dossiers is their potential use by government agencies during times of crisis to profile groups and use them as scapegoats (182). Events similar to this occurred in Nazi Germany and also for Japanese-Americans detained during World War II. In both cases, information from government records allowed individuals to be profiled based on their racial/ethnic affiliation. The extensive personal information available on the Internet is being purchased by the U.S. government for use in anti-terrorist profiling and other security measures (168-72). Solove hearkens this to the McCarthy era, when thousands of individuals were accused of being Communists based on personal details gleaned by from both governmental and non-governmental sources.
In addition to the potential for government officials to abuse this information, Solove points out that the existence of personal information in the government’s hands can lead to self-censoring, similar to that in 1984. Individuals may refrain from expressing personal views and affiliating with causes that might be viewed by the government as being subversive, for fear of being accused of having anti-government intentions. Thus, the government’s access to extensive private information about its citizens may interfere with our freedom of expression and creative thought.
Solove argues that what is required to safeguard people’s privacy is an architecture that places the burden of responsibility on entities that disseminate personal information. Solove suggests a system wherein companies who wish to disclose people’s information are held in the position of a trustee, in the same way that doctors are trustees for their patients (102). It would be incumbent upon these entities to place the welfare of their beneficiaries (the people whose information they hold in trust) above their own financial interests. Solove recommends that companies be required to use an “opt-in system”, whereby individuals must specifically consent to a company’s dissemination of their information, rather than the current “opt-out” system, in which the individual must proactively ask that his information not be disclosed (106). Solove sees the rise in identity theft as resulting primarily from poor Internet architecture (115). He writes that greater security measures for guarding people’s information, within both the government and private sector, and easier opportunities for individuals to correct errors in their records, would reduce the occurrence and severity of identity theft (120-123).
In summary, The Digital Person exposes the profligate use of people’s personal online information without their consent. It explains why this practice is currently legal and how the information is currently flowing both ways between industry and government. Solove argues that ameliorating the problem can only be accomplished by addressing the current architecture of privacy, both within the Internet and in society at large. This will require that both the government and the private sector be held as trustees of personal information, and that the burden of privacy and protection be put upon the entities that collect and use personal information. Solove expresses hope that solutions can be achieved if people realize the extent of the problem of unauthorized digital dossier dissemination and the repercussions this has on our culture and our personal sense of freedom.