Privacy is about Policy
The discussion thread on James Joyner’s post on the drug war and phone records reminds me of a simple point that seems to get lost in discussions about privacy and that point is that privacy is as much about policy as it is about technical capabilities.
Specifically: it is often argued that the nature of electronic communication means that it can be easily accessed by third parties. The IT guy at your place of work can read your e-mails, for example. And, indeed, there are lots of third party participants who could, if they so choose, have access to that e-mail. Such facts may make one cautious about what kinds of information one sends.
This is, however, not as new a phenomenon as it is being made out to be. Since the creation of physical mail it has been the case that if I write a letter to a friend and place it in the hands of my local postman that said letter will travel through the hands of any number of third parties who could, with great ease, read that letter.
What prevents them from so doing? The answer is a combination of social norms and the law. In short: it is public policy that the mail cannot be tampered with. Somehow when have managed to send pieces of paper, often with rather sensitive information upon them (SSNs, bank account numbers, amongst other things) with only thin pieces of paper enshrouding them as a means of keeping prying eyes out, and yet maintained a basic expectation of privacy. And if the government, having cause, needs to acquire those pieces of paper, they have to go to the courts to get them.
There is no reasons why we can’t have a similar set of legal expectations for electronic interchanges. Just because it is easier to put electronic communication into a database shouldn’t mean that it is legally easier for the government to access my information.
It is true that the only way to keep something totally private is to not share it with anyone. One cannot, however, live life that way. Privacy, at least in the conversation we are having about things like the NSA and so forth, is wholly about policy and what we allow the government to do and what we forbid them to do. I think that simply saying that e-mail is easy to access and therefore it should be treated like a public conservation is problematic, because there is nothing stopping Congress from passing laws that reinforce basic privacy expectations of citizens engaged in everyday communication.
To sum up: yes, if I send an e-mail it passes through any number of systems that can be accessed by third party actors. This is true, however, of snail mail as well. If we can create a legal regime that protects basic privacy of snail mail, we can for electronic communication as well. It really is about the policy and not the capability.