In years gone by there existed an understanding that one’s personal information surrendered to private companies was a voluntary choice – the “cost,” if you will, to obtaining the benefit of a company’s goods or services. Importantly – and constitutionally – such a “trade off” was far different from the government obtaining personal and private information by way of surveillance or other information-gathering actions undertaken without a warrant.
There was a relatively clear line between private company collection of personal information voluntarily provided, and the government gathering such information without one’s knowledge or consent. Today, that “line” has been blurred to the point of near erasure.
Government officials, of course, have never been short on creative ways to circumvent the Fourth Amendment’s restrictions on unreasonable and warrantless gathering of information. We all are familiar, for example, with the abuses of the Foreign Intelligence Surveillance Act procedures by previous administrations, whereby the federal government was able to unlawfully surveil U.S. citizens’ private communications. Some of us also may recall the FBI’s use of Best Buy’s “Geek Squad” technicians to browse computers for illegal content while on service calls.
But with the digital age have come new opportunities for companies and government agencies alike to spy on citizens.
The rise of social media and other technological advancements — geo-tracking and at-home DNA testing — have led to an explosion of highly personal information shared openly with third parties — and in turn, government agencies as well. Like throwing chum in the water to attract sharks, this treasure trove of data in the hands of private companies has caught the attention of government agencies at all levels; especially law enforcement agencies suddenly freed from the strictures of the Fourth Amendment.
While some companies, like Apple, have at times put up a principled fight against such incursions, despite backlash from the Department of Justice, most others have shown little hesitancy to cooperating with government agencies.
Earlier this year, one of the largest at-home DNA testing companies, FamilyTreeDNA, was outed for voluntarily helping the FBI with criminal investigations, without notifying its customers of how their DNA samples were being used. Just this month, a company called Clearview AI boasted it had scraped three billion facial images from public sources, including from social media, to create a facial-recognition product, which it happily shares with law enforcement.
While users may trust that a company or app will protect their data, recent revelations of the cozy sharing relationship between companies and the government prove that such trust is badly misplaced. Even what many people might consider nominal and unimportant data points, such as photos or geolocation information, can be harvested, bundled, and databased in ways that far exceed what is expected, or known, by the users – data over which the original collection company loses control once shared with other companies or government agencies.
Today’s privacy reality is that it is now impossible to draw a distinction between data harvesting undertaken by the private sector, and that of the public sector. The only realistic assumption must be that any data collected by third parties in the private sector can, and at some point, will, be subjected to law enforcement investigations regardless of when that information was first shared by the consumer, or under what privacy policies.
The willingness of companies in the private sector to cooperate with law enforcement officials has become the new norm. Absent meaningful state or federal statutory protections of consumer data explicitly stating this data is off-limits to law enforcement without a warrant, this trend will only worsen.
Any breach of personal privacy is a danger to individual liberty, but the true threat is the consolidation of these breaches over time, eventually leading to a comprehensive profile of every citizen that includes information such as DNA profile, facial recognition, health and financial histories, online activity, and real-time location. This is, after all, precisely what China is doing with the massive “social credit” system it is quickly implementing for its entire population. You can bet social media companies and internet search engines in our country are paying rapt attention to how that process unfolds, and explains why these companies are opposed to even the most basic legislative reform proposals.