In Part I, I described the anonymity the Internet originally provided. But let’s be clear about something important: That relative anonymity of the “old days” is now effectively gone. Everywhere you go on the Internet, the fact that IP address xxx.xx x.xxx.xxx went there is recorded. Everywhere you go where you’ve allowed a cookie to be deposited, the fact that the machine carrying that cookie went there is recorded — as well as all the data associated with that cookie. They know you from your mouse droppings. And as businesses and advertisers work more closely together, the span of data that can be aggregated about you becomes endless.
Consider a hypothetical that is completely technically possible under the existing architectures of the Net. You go to a web page of a company you trust, and you give that company every bit of your private data — your name, address, social security number, favorite magazines and TV shows, etc. That company gives you a cookie. You then go to another site, one you don’t trust. You decide not to give that site any personal data. But there’s no way for you to know whether these companies are cooperating about the data they collect. Its perfectly possible they synchronize the cookies data they create. And thus, there’s no technical reason why once you’ve given your data once, it isn’t known by a wide range of sites that you visit.
In the section that follows, we’ll consider more extensively how we should think about privacy in any data I’ve affirmatively provided others, such as my name, address, or social security number. But for the moment, just focus upon the identity data they’ve collected as I move around in “public.” Unless you’ve taken extraordinary steps — installing privacy software on your computer, or disabling cookies, etc. — there’s no reason you should expect that the fact that you visited certain sites, or ran certain searches, isn’t knowable by someone. It is. The layers of technology designed to identify “the customer” have produced endless layers of data that can be traced back to you.
Searches
In January 2006, Google surprised the government by doing what no other search company had done: It told the government “no.” The Justice Department had launched a study of pornography on the Net as a way to defend Congress’s latest regulation of pornography. It thus wanted data about how often, and in what form, people search for porn on the Internet. It asked Google to provide 1,000,000 random searches from its database over a specified period. Google — unlike Yahoo! and MSN — refused.
I suspect that when most first heard about this, they asked themselves an obvious question — Google keeps search requests? It does. Curiosity is monitored, producing a searchable database of the curious. As a way to figure out better how to do its job, Google — and every other search engine[4] — keeps a copy of every search it’s asked to make. More disturbingly, Google links that search to a specific IP address, and, if possible, to a Google users’ account. Thus, in the bowels of Google’s database, there is a list of all searches made by you when you were logged into your gmail account, sitting, waiting, for someone to ask to see it.
The government did ask. And in the normal course of things, the government’s request would be totally ordinary. It is unquestioned that the government gets to ask those with relevant evidence to provide it for an ongoing civil or criminal investigation (there are limits, but none really significant). Google has evidence; the government would ordinarily have the right to get it.
Moreover, the government in this case explicitly promised it would not use this evidence for anything more than evaluating patterns of consumption around porn. In particular, it promised it wouldn’t trace any particularly suspicious searches. It would ignore that evidence — which ordinarily it would be free to use for whatever purpose it chose — just so it could get access to aggregate data about searches for porn.
So what’s the problem this example illustrates?
Before search engines, no one had any records of curiosity; there was no list of questions asked. Now there is. People obsessively pepper search engines with questions about everything. The vast majority of these are totally benign ( “mushrooms AND ragout”). Some of them show something less benign about the searcher (“erotic pictures AND children”). Now there’s a list of all these questions, with some providing evidence of at least criminal intent.
The government’s interest in that list will increase. At first, its demands will seem quite harmless — so what if it counts the number of times people ask Google to point them to erotic pictures? Then, when not so harmless, the demands will link to very harmful behavior — searches that suggest terrorism, or abuse. Who could argue against revealing that? Finally, when not so harmless, and when the crime is not so harmful, the demands will simply insist this is an efficient way to enforce the law. “If you don’t like the law, change it. But until you do, let us enforce it.” The progression is obvious, inevitable, and irresistible.
Electronic mail is a text-based message stored in digital form. It is like a transcribed telephone call. When sent from one person to another, e-mail is copied and transmitted from machine to machine; it sits on these different machines until removed either by routines — decisions by machines — or by people.
The content of many e-mail messages is like the content of an ordinary telephone call — unplanned, unthinking, the ordinary chatter of friends. But unlike a telephone call, this content is saved in a searchable form. Companies now invest millions in technologies that scan the conversations of employees that before were effectively private. Both in real time and in retrospect, the content of conversations can become known. On the theory that they “own the computer[5]”, employers increasingly snoop in the e-mail of employees, looking for stuff they deem improper[6].
In principle, such monitoring and searching are possible with telephone calls or letters. In practice, these communications are not monitored. To monitor telephones or regular mail requires time and money — that is, human intervention. And this cost means that most won’t do it. Here again, the costs of control yield a certain kind of freedom.
Controlling employees (or spouses) is one important new use of e-mail technologies. Another is the better delivery of advertisement. Google is again the leader here with its new Gmail service. Gmail can advertise to you as you read your e-mail. But the advance is that the advertisement is triggered by the content of the e-mail. Imagine a television that shifted its advertisement as it heard what you were talking about on the phone. The content of the e-mail — and perhaps the content of your inbox generally — helps determine what is shown to you.
To make this system work well, Google needs you to keep lots of data on its servers. Thus the only thing within Gmail that is difficult to do — and it is really really difficult — is to delete content from a Google Gmail account. Gmail lets you delete one screen at a time. But when you have 20,000 e-mails in your inbox, who has time? Would it be difficult for Gmail to enable a “delete all” function? Of course not. This is Google! Thus, through the clever use of architecture, Google assures more data is kept, and that data then becomes a resource for other
