Privacy and Free Speech

By Karen Coyle
Talk Given at the Association of Law Libraries Ninety-First Annual Meeting in Anaheim, California, July 13, 1998

My handout for this session, available in your registration packet, is a short primer on the Internet and privacy. I wrote this because I think many people have the idea that computers, by their nature, invade our privacy. While it might seem that is so, I have to tell you, as someone who spends most of her waking hours trying to coax these profoundly stupid machines into performing the simplest of tasks, that computers have no interest in who we are and what we think.

The Internet is also often accused of keeping track of our thoughts and actions. In fact, the Internet is what we call a "machine to machine" system: all operations take place between computers. That there is often a human at the computer is of no relevance to the functioning of the Internet.

Yet you are not being paranoid if you have the feeling that your every move on the Internet is being watched. It's true that cookies and clickstream data (which I explain in detail in the handout) do exist, but the data that they gather is about connections between machines and in general there is nothing in this that can identify you personally.

The real threat to privacy comes not from computers but from the interests behind those computers: the owners of Web sites who are interested in gathering detailed information about who visits their site and the demographics of those visitors. It isn't that website owners are just a bunch of snoops; the Web works on an economic model based on advertising revenue, and that model requires a gathering of data about potential consumers.

In this country we are all accustomed to the fruits of direct marketing. We know that when we subscribe to a new magazine that our name will be sold as part of that mailing list and we'll get more junk mail. So why should we be concerned when these same practices move onto the Internet?

It's because computers and networked communications hold a particular potential for an unprecedented invasion of our privacy. In real life points of data gathering are relatively few and uninformative. So, for example, I might be one of many people who subscribes to the New York Times and has it delivered to my door. This puts me in a rather large and amorphous category of newspaper readers.

But if I subscribe to the New York Times online edition, there exists the potential to track how often I access the paper, which articles I click on, and how much time I spent on each one. The result of this is that the profile of who I am -- as a reader, as a concerned citizen, as a social being -- is much more detailed than what can be known about me merely from my subscription to the publication.

The same is true of the difference between my visits to a local bookstore and online book shopping. In an article in the aforementioned New York Times about Amazon.com, a representative of Simon & Schuster waxed enthusiastic about the online bookstore, saying: "What's ... fascinating is that they know who's buying the books and what they like. And that's incredibly valuable to us." Compare this to the effort that Kramerbooks in Washington, D.C. had to go through to find evidence of purchases by Monica Lewinsky to respond to a grand jury request.

Registration to the New York Times online is free, although you do have to give a valid email address and you are asked some demographic questions like your age, sex and household income. This service, and many thousands of others on the Net, is free because you have paid for it with information about yourself. Personally identifiable information is rapidly becoming "coin of the realm" of the online world. Those "free" registrations are a barter of your information for a product.

New protocols, called "privacy protocols" are under development at the World Wide Web Consortium (known as the W3C). These protocols would add a feature to your Web browser that would allow the browser and each Web site that you visit to engage in a dialog about what information about you the site wants and what information you have profiled to be released. This exchange would take place in the background, saving you the effort of re-entering data about yourself as you visit different Web sites. Although this is referred to as a "privacy" protocol, the result of this technology will not be more privacy but an easier way to exchange "value" between you and Web sites; the value being your personal information.

In the future, you can expect more often to be asked to exchange your privacy for access to information.

Libraries and Privacy

It may seem odd to you, but in my experience those of you in the library profession are the only ones who really make the connection between privacy and free speech; who understand that there is not much value in having the protections of the first amendment if people are afraid to read the ideas of others, are afraid to be caught listening. Without privacy, free speech is like the tree falling in the forest, with no one there to hear.

The library profession created its policy on patron confidentiality, that is the guarantee of privacy, in 1975. Just a few years earlier, agents of the Federal Trade Commission had visited libraries to ask for lists of patrons who had checked out certain books. Fortunately, some of the librarians who were approached recognized the danger that this posed to intellectual freedom and brought it to the American Library's Association's Intellectual Freedom Committee. Today, privacy is a standard part of a library's commitment to the freedom to read.

The heart of issue is whether we see information as just another product -- groceries, shoes -- or whether we think information seeking is personal -- more like medical records than like our shopping habits. What we see today is a rush to commodify information, to treat information as "the product of the 90's."

What we are losing is the idea of reading and study as a deeply spiritual, personal quest; the idea that your mind and soul and intellect are yours and yours alone.

Self-regulation

We were each asked to address the concept of self-regulation; this is the idea that companies and customers will arrive at a comfortable level of privacy without the need for government intervention. I see self-regulation as a kind of an ecology, and like all ecologies this means a constant struggle to reach a balance. It also means that it has to be out of balance some of the time. This might be alright if you're talking about receiving junk mail, which is annoying but not dangerous. But with privacy, mistakes can be very harmful, and the damage can last a lifetime.

Our current experience with self-regulation does not speak well for this method. I know no one who likes having their dinner hour interrupted with calls from strangers, yet this happens all too often. If self-regulation worked, there probably would be no telephone soliciting. And few of us desire the level of junk mail that we receive.

What is to be done?

Although we tend to see computers only as invaders of our privacy, I want you to know that we could use computers to protect our privacy in ways we never have before. We can do this and still give vital information to those who depend on marketing information to bring products to the public.

We can decide to protect personal privacy and to continue to protect the right to read and explore ideas in the spirit of the first amendment. It's a choice that we can make, although I have to emphasize that the time to make this choice is now, before it's too late.


©Karen Coyle, 1998
Creative Commons License
This work is licensed under a Creative Commons License.