I have nothing to hide… What is the value of privacy in the age of big data?
What is private to you? What you ate for breakfast? Your financial situation? Your health? Your religion? Political beliefs? Family? Information about your love life? There are things that I would tell my doctor, but wouldn’t discuss with my colleagues, and there are things that I wouldn’t want the government to decide about my life.
There are certain parts of our lives that are not anyone else’s business. But how do we decide what those things are, why do we care about it, and who is ‘anyone else’? These are questions that privacy theorists think about, and in an age of big data, smart cities, and pervasive social media, conceptualising privacy is increasingly important for urban design and development.
The world of ‘smart’ is making tantalising promises for the future of our cities. Smart energy systems promise to manage electricity consumption to balance variable renewable generation, and thus create a sustainable energy system. Smart monitoring systems in lonely elderly people’s homes promise to enable health professionals to detect if someone has stopped following their daily routine and is in trouble. The internet of things promises to tag manufactured objects so that manufacturers can reclaim the materials at end of life and create a circular economy. Data is powerful and valuable to many people.
Smart meter data could be used to detect suspicious energy usage patterns, and identify illegal high energy consuming activities or potential terrorism. Big databases of personal information are already routinely used to target advertising, persuading us to “to spend money we don’t have, on things we don’t need, to create impressions that won’t last, on people we don’t care about”, (Tim Jackson). Historically, punch cards developed by IBM were used to process census data in 1933 Germany, and identify ethnic groups who the Nazis considered undesirable, including Jews and Romani people (gypsies). The use of databases of personal information can quickly become sinister, and once that data exists, we may not be able to control who has it. This is recognised by the UK data protection act, which regulates the creation, processing and storage of personal data, and the stronger EU Data Protection Directive. UK equality legislation makes discrimination on the basis of ‘protected characteristics’, including age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion and belief, sex, and sexual orientation illegal. We never know when the rules of what is legal or illegal will change. As Edward Snowden put it, “Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”
But privacy is not just about big data, government surveillance and corporate data mining. It is also about protecting intimacy and personal relationships, freedom from the judgment of our neighbours and the fear of hate crime, freedom to be different, to be eccentric, to relax, knowing that we are not watched when we lounge in front of the TV, go to the toilet, or pick our noses.
Privacy is seen by Solove (2002) as a means to an end, rather than an end in itself. Protecting privacy is valuable because it supports freedom, autonomy, intimacy, trust, reputation. This includes both questions of personal intimate relationships (respect, love, friendship, and trust), and questions of political freedoms (non-interference, non-discrimination).
Privacy is a right for certain activities and decisions to be the concern of the individual, rather than the concern of others. But which activities should be in the private sphere, and which activities are of public concern? Social norms about what is included in the private sphere change over time, and vary across cultures and subcultures. In mediaeval Europe, it was normal for several adults, including couples and visiting strangers, to all sleep in the same bed. In the Victorian nuclear family, domestic abuse was considered a private matter, with legal protection given primarily to men, whereas now the individual rights of each person in a family are recognised, and situations of domestic abuse are the concern of the state, matters for the public sphere. The feminist movement of the 1970s told us that ‘the personal is political’, blurring the line of the public and private spheres.
In a database driven world, privacy is not just about the risk of totalitarian surveillance by the state, but also about how personal information is monitored and analysed by faceless bureaucracies and companies holding large databases. The issue is not just secrecy, but one of power imbalances, where corporations have the capacity to turn information into knowledge, whereas individuals don’t (Solove, 2001).
I’ve spent a lot of my EngD researching the ways that we define public resources, or commons: whether infrastructure such as energy networks or railways should be in public ownership because they have elements of natural monopolies, they generate positive externalities for society if individuals and businesses have affordable access to them, and they impact on negative externalities such as climate change, congestion, or air pollution. These are all situations where by acting together, we can create a collective whole that is greater than the sum of individual action. This has included writing an academic paper on the potential for community management of peak electricity demand, based on the idea that patterns of consumption of electricity, which affect our shared electricity system, is of some public concern. Electricity consumptions patterns are also deeply personal – who wants others to know when they have a shower, what type of washing machine they own, or whether they have a medical condition that requires them to use above-average amounts of electricity?
The way we value and protect privacy, therefore, is fundamental to questions of commons. This needs to include our relationship to the ‘private sector’, which is not really so private – most of us make our most active contribution to society through our work in private sector businesses, and we protect our right not to disclose certain parts of our identity, lifestyle or activities to our employers. Even if the personal is political, the personal, private realm of home and family, eccentricity, intimacy, and our internal worlds is important for a good life, and needs to be protected.
As we get involved in smart cities and big data projects, perhaps we could simultaneously develop our expertise in privacy engineering, to ensure that our clients are aware of privacy risks, and support the development of privacy resilient cities and societies. This is an opportunity for developing new skills that are needed in this information age, and ensuring that we engage with these developments in a way that is consistent with our values and ethics.
Solove, D. J. (2002) ‘Conceptualizing privacy’, California Law Review, 90(4), pp. 1087–1155.
Solove, D. J. (2001) ‘Privacy and power: Computer databases and metaphors for information privacy’, Stanford Law Review, 53, pp. 1393–1462, [online] Available from: http://www.jstor.org/stable/1229546\nhttp://scholarship.law.gwu.edu/cgi/viewcontent.cgi?article=2077&context=faculty_publications\nhttp://www.jstor.org/action/cookieAbsent.