We have a tendency in the United States, more of a knee-jerk reaction really, when presented with the latest news about government surveillance or a fresh corporate hacking scandal, to shrug our shoulders and remark knowingly that “privacy is dead.”
The trouble with this popular axiom is that it isn’t true. Privacy has certainly taken a beating in the digital age. It may even be circling the drain. But as long as there are vast sums of money to be made selling services to those that wish to keep their communications and data free from prying eyes, privacy will always have a heartbeat. The rather recent commodification of privacy by companies great and small is, in these changing times, privacy’s best hope of surviving the twenty-first century. It is in America’s interest to keep privacy profitable.
Less than a week following the Paris attacks, FBI director James B. Comey addressed a cybersecurity symposium in New York and argued that when terrorists “find somebody who they think might kill on their behalf” potential recruits are directed to “a mobile messaging app that’s encrypted.” Sen. Dianne FeinsteinDianne FeinsteinOvernight Cybersecurity: Hackers hit Brexit petition Senate Intel leader: ISIS using encrypted apps to plan attacks Meet the man who sparked the Democratic revolt on guns MORE (D-Calif.), co-chair of the Senate Intelligence Committee, told MSNBC in November she thinks “Silicon Valley has to take a look at their products” because these devices sometimes allow “evil monsters to communicate.” Going a step further Cyrus R. Vance, the Manhattan district attorney, recently released a 42-page report on smartphone encryption and public safety calling for congress to ban all full disk encryption. Senior law enforcement officials nationwide have called for similar measures.
To be fair, many of these arguments speak for the very real victims of violent crimes for whom justice will be harder to obtain because law enforcement agents cannot access the cell phones of suspected perpetrators. But they also betray a fundamental misunderstanding of the history of American privacy.
Since the 1950s, information privacy in the U.S. has been shaped largely by economics. It was then that the federal government started using mainframe computers to store and process copious amounts of our personal information collected by dozens of New Deal agencies. Throughout the 1960s, that information was sold to and shared with large commercial enterprises such as insurance companies, marketing firms, credit bureaus, and corporate investigators who used the data to run their operations more efficiently and become more profitable.
But without any laws to regulate data sharing, Americans grew livid over how easily their private information could be accessed and exploited by unauthorized parties. After the Watergate scandal, the issue could no longer be ignored. The 1974 Privacy Act was among the first real attempts at a comprehensive law to regulate data sharing in the U.S. And while it went on to define the rights of access to information and placed restrictions on the collection, use, and disclosure of personal information, private companies were excluded from the law entirely. Why? Because special interests gutted the bill by claiming that increased privacy protections and oversight would inhibit efficiency and create an undue economic burden on their organizations.
And so American privacy rights were curtailed in the twentieth century largely because the profit motive was squarely against them.
All of this has changed in the digital age. For the first time in America’s history, threats to personal privacy have grown so powerful in our consciousness that the market has made room for the protection of personal information as a profitable enterprise. To be sure, companies still make billions trading in personal information, but privacy finally has a counter weight capable of providing our society with some much-needed balance.
This year Apple posted the highest single quarter profits of any corporation in history, thanks largely to the continued growth of the iPhone 6 line – a full disk encrypted phone that CEO Tim Cook assured customers, very publically, would be inaccessible to NSA snooping after the Snowden fiasco.
Those familiar with growth of WhatsApp, the most popular messaging app in the world, might also see the writing on the wall. Founded in 2009, the product suffered a number of early setbacks when European hackers exposed weaknesses in its encryption. When Facebook purchased the company for $19 billion in 2014, it made updating WhatsApp’s security a priority so as to better protect its investment. By the end of that year, WhatsApp became the most secure messaging service on Android. Wired called the new platform “practically uncrackable” and The Wall Street Journal noted “even law enforcement won’t be able to decrypt WhatsApp messages.” After the update, WhatsApp CEO Jan Koum announced to customers that “respect for your privacy is coded into our DNA.” A year later, the app boasts 900 million active users worldwide.
The presumption that we must ban any method of digital communication the government cannot access at will is a dangerous one. The protection of personal privacy is one of the foremost challenges facing the United States in the twenty-first century, and if there is any hope for privacy at this crucial historical moment it lies in privacy’s potential as a profitable venture for those with the clout and financial means to effect substantive change. By making full disk encryption illegal we make privacy a less viable commodity, and in doing so threaten this delicate balance the United States has only so recently achieved.
If we've learned anything from the history of American privacy it is that moral arguments and references to Orwell have little impact when positioned against a larger economic interest. We should be harnessing the power of this new economic reality, not calling for its demise.
Cappello is a doctoral candidate at the CUNY Graduate Center and a lecturer at CUNY Queens College, where he teaches a course on the history of privacy in the United States.