By Timothy Tion
Timothy Tion is a Nigerian Lawyer with a passion for the intersection of law and information and communications technology or techno-legal issues and intends to obtain an LLM in Internet Law and Policy in the near future
Introduction
We live in a world today where vast Information and Communications Technology (ICT) infrastructures and extensive flows of information have become natural and unquestioned features of modern life. For instance in when I sat for the Senior School Certificate Examination (SSCE), I registered for the examination via a non-electronic method. Nowadays, candidates for that examination register for it online, in much the same way as candidates for the Universities Matriculation Examinations (UME) and several other examinations. The tremendous growth of online services—everything from social media to ecommerce—has come to define our day-to-day lives in ways we could never have imagined a decade ago. This increasingly pervasive, unpredictable, and rapidly changing interaction between ICT and society poses a great threat to the right to privacy; especially informational privacy. The revelations that the US National Security Agency (NSA), Britain’s Government Communications Headquarters (GCHQ) and other government agencies are spying on or in the case of Nigeria; trying to acquire surveillance equipment to spy on their citizens’ internet communications and the rapid digitization of our routine activities, has brought to the front burner the question whether the right to privacy in the information age is a myth or reality. This article will examine the right to privacy in the information age. It will briefly examine certain laws or instruments providing for the right to privacy and how the right is been threatened or eroded in the information age and it would conclude on whether this right still exists.
Definition of terms:
1. Information age: According to the online Free Dictionary, the information age is:
The period beginning around 1970 and noted for the abundant publication, consumption, and manipulation of information, especially by computers and computer networks.
2. Privacy: Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively. According to a privacy think tank; Privacy International:
Privacy is the right to control who knows what about you, and under what conditions. The right to share different things with your family, your friends and your colleagues. The right to know that your personal emails, medical records and bank details are safe and secure. Privacy is essential to human dignity and autonomy in all societies.
Frank La Rue (Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression) in his report to the 23rd session of the Human Rights Council also defined privacy as:
…the presumption that individuals should have an area of autonomous development, interaction and liberty, a “private sphere” with or without interaction with others, free from State intervention and from excessive unsolicited intervention by other uninvited individuals. The right to privacy is also the ability of individuals to determine who holds information about them and how is that information used.
The law recognizes two types of privacy, namely; informational and physical privacy. Informational privacy basically relates to an individual’s right to control his or her personal information held by others while physical privacy according to the online encyclopedia; Wikipedia: can be referred to as the right to prevent intrusions into ones physical space or solitude. I am more concerned with informational privacy in this article.
Legal framework
The human right to privacy is recognized at the international level by instruments such as the United Nations Universal Declaration of Human Rights. Article 12 of the Declaration states that:
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, or to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
In Europe Article 8 of the European Convention on Human Rights (ECHR) protects the right to privacy in Article 8.
In the US, privacy is protected by their constitution and through a plethora of privacy legislation dealing with specific types of personal information. For example the Family Educational Rights and Privacy Act of 1974, 20 U.S.C. §§ 1221 note, 1232g — protects the privacy of school records. Right to Financial Privacy Act of 1978, 12 U.S.C. §§ 3401–3422 — requires a subpoena or search warrant for law enforcement officials to obtain financial records. Health Insurance Portability and Accountability Act of 1996 — gives the Department of Health and Human Services (HHS) the authority to promulgate regulations governing the privacy of medical records. There are also several ways the US constitution protects privacy; for example the First Amendment right to speak anonymously, the First Amendment freedom of association, which protects privacy of one’s associations, the Fourth Amendment’s protection against unreasonable searches and seizures and the Fifth Amendment’s privilege against self-incrimination.
Section 37 of the 1999 Constitution of the Federal Republic as amended provides that the privacy of citizens, their homes, correspondence, telephone conversations and telegraphic communications is guaranteed and protected.
The right to privacy was affirmed in the case of Medical and Dental Practitioners Disciplinary Tribunal Vs. Dr. John Emewulu Nicholas Okonkwo (2001) 7 NWLR Pt. 711 p. 206 @ 244 Para E.
There are other statutory examples which seem to safeguard the right to privacy. For example section 182 of the Evidence Act, 2011 protects the confidentiality of communication during marriage by providing that no husband or wife shall be compelled to disclose any communication made to him or her during marriage by any person to whom he or she is or has been married; nor shall he or she be permitted to disclose any such communication, unless the person who made it, or that person’s representative consents, except in suits between married persons, or proceedings in which one married person is prosecuted for certain specified offenses.
There are limits imposed by law on a person’s rights to privacy. Examples are laws dealing with taxation which provide for certain specific disclosures by the individual. See also section 45 of the Nigerian constitution.
The right to privacy may also be trammeled where the trammeling activity, including communications surveillance, is justified by a prescribed law, necessary to achieve a legitimate aim, and is proportionate to the aim pursued.
Erosion of the Right to Privacy
Technological innovation and the proliferation of cellphones, tablets, and other basic tools of modern life, has given governments and companies the ability to extract, analyze, and indefinitely archive every single oral communication, text, key stroke, search term, website visit, and any other digital transaction that we make. Despite the widespread recognition of the obligation to protect privacy, governments especially of the western world have been carrying on surveillance activities which severely undermine the right to privacy. The leaks by Edward Snowden, a former contractor for the CIA, which exposed US spy programmes clearly shows that the right to privacy of internet users is seriously been threatened by the US which has prided herself as the defender of civil liberties. President Obama, a lawyer specializing in US constitutional law, was also critical about the restrictions on civil rights and liberties (e.g. The Patriot Act) enacted in connection with President George W. Bush’s “War on Terror.” However, since becoming the president, he has not reversed those restrictions he complained of during the Bush administration. President Obama in his forward to the White House privacy report stated that:
Americans have always cherished our privacy. From the birth of our republic, we assured ourselves protection against unlawful intrusion into our homes and our personal papers. At the same time, we set up a postal system to enable citizens all over the new nation to engage in commerce and political discourse. Soon after, Congress made it a crime to invade the privacy of the mails. Citizens who feel protected from misuse of their personal information feel free to engage in commerce, to participate in the political process, or to seek needed health care. This is why the Supreme Court has protected anonymous political speech, the same right exercised by the pamphleteers of the early Republic and today‘s bloggers.
In spite of this forward by President Obama which seemed as if he had interest in protecting the privacy of Americans his administration still went ahead to eavesdrop on or spy on internet communications of millions of Americans and foreigners alike through spying programs like Prism which allows the NSA to tap directly into the servers of nine internet firms including Facebook, Google, Microsoft and Yahoo to track online communication. The leaks also show that Britain’s electronic eavesdropping agency GCHQ has also been gathering information on the online activities of internet users via Prism.
In defending the NSA surveillance Obama said that the government is only looking at phone numbers and durations of calls, however,by knowing who an individual speaks to, when, and for how long, intelligence agencies can build up a detailed picture of that person, their social network, and more. Combine that information with other data sets being collected, like credit card bills, and you could even deduce when a woman is pregnant before her own family knows, thereby violating her privacy (i.e. the right to control who knows about her pregnancy and under what conditions.)
The right to privacy is also been eroded or undermined by for-profit companies like Google and Facebook which collect our personal data and use them to make profit through targeted adverts. (Targeted advertisements are advertisements that take the data you provide to offer adverts specific to you.) For instance if on your Facebook profile you state that you like jazz music Facebook uses that data or information to provide you with jazz related adverts or if you log onto Facebook and your IP address (a unique series of numbers assigned to every computer or device connected to the internet) shows you are from Nigeria you will be targeted with adverts from Nigerian companies/websites or Nigerian products/services.
As the number of people who use smartphones/tablets increases so does our right to privacy diminishes or dies away. Smartphones have applications that make it easy for privacy to be breached. For example functions like geotagging, which when turned on can show the geographical location at which pictures have been taken thereby revealing your location which you would probably have preferred not to disclose.
Certain smartphone apps (applications) that we install on our phones are known to secretly upload phone contacts (address book) to servers/computers without users’ permission and this resulted in a class-action lawsuit against Facebook, Apple, Twitter and 15 other companies in 2012 for invasion of privacy.
Daniel J. Solove, a leading privacy law expert in his book; “The Digital Person: Technology and Privacy in The Information Age” on pages 23 to 25 details how browsing the web impacts on your privacy. Permit me to quote extensively from his book. He explains thus:
Currently, there are two basic ways that websites collect personal information. First, many websites directly solicit data from their users. Numerous websites require users to register and log in, and registration often involves answering a questionnaire. Online merchants amass data from their business transactions with consumers.
For example, I shop on Amazon.com(since this article is targeted mainly to a Nigerian audience I prefer replacing Amazon.com with konga.com or jumia.com.ng which are two of the leading Nigerian online shops used by many Nigerians; in order to make this explanation more clearer), which keeps track of my purchases in books, videos, music, and other items. I can view its records of every item I’ve ever ordered… When I click on this option, I get an alphabetized list of everything I bought and the date I bought it. Amazon.com uses its extensive records to recommend new books and videos. With a click, I can see dozens of books that Amazon.com thinks I’ll be interested in. It is eerily good, and it can pick out books for me better than my relatives can. It has me pegged.
Websites can also secretly track a customer’s websurfing. When a person explores a website, the website can record data about her ISP(internet service provider), computer hardware and software, the website she linked from, and exactly what parts of the website she explored and for how long. This information is referred to as “clickstream data” because it is a trail of how a user navigates throughout the web by clicking on various links. It enables the website to calculate how many times it has been visited and what parts are most popular. With a way to connect this information to particular web users, marketers can open a window into people’s minds. This is a unique vision, for while marketers can measure the size of audiences for other media such as television, radio, books, and magazines, they have little ability to measure attention span. Due to the interactive nature of the Internet, marketers can learn how we respond to what we hear and see. A website collects information about the way a user interacts with the site and stores the information in its database. This information will enable the website to learn about the interests of a user so it can better target advertisements to the user. For example, Amazon.com can keep track of every book or item that a customer browses but does not purchase.
To connect this information with particular users, a company can either require a user to log in or it can secretly tag a user to recognize her when she returns. This latter form of identification occurs through what is called a “cookie.” A cookie is a small text file of codes that is deployed into the user’s computer when she downloads a web page. Websites place a unique identification code into the cookie, and the cookie is saved on the user’s hard drive. When the user visits the site again, the site looks for its cookie, recognizes the user, and locates the information it collected about the user’s previous surfing activity in its database. Basically, a cookie works as a form of high-tech cattle-branding.
Cookies have certain limits. First, they often are not tagged to particular individuals—just too particular computers. However, if the website requires a user to log in or asks for a name, then the cookies will often contain data identifying the individual. Second, typically, websites can only decipher the cookies that they placed on a user’s computer; they cannot use cookies stored by a different website.
To get around these limitations, companies have devised strategies of information sharing with other websites. One of the most popular information sharing techniques is performed by a firm called DoubleClick. When a person visits a website, it often takes a quick detour to DoubleClick. DoubleClick accesses its cookie on the person’s computer and looks up its profile about the person. Based on the profile, DoubleClick determines what advertisements that person will be most responsive to, and these ads are then downloaded with the website the person is accessing. All this occurs in milliseconds, without the user’s knowledge. Numerous websites subscribe to DoubleClick. This means that if I click on the same website as you at the very same time, we will receive different advertisements calculated by DoubleClick to match our interests. People may not know it, but DoubleClick cookies probably reside on their computer. As of the end of 1999, DoubleClick had amassed millions of customer profiles.
Another information collection device, known as a “web bug,” is embedded into a web page or even an email message. The web bug is a hidden snippet of code that can gather data about a person. For example, a company can send a spam email with a web bug that will report back when the message is opened. The bug can also record when the message is forwarded to others. Web bugs also can collect information about people as they explore a website. Some of the nastier versions of web bugs can even access a person’s computer files.
Companies also use what has become known as “spyware,” which is software that is often deceptively and secretly installed into people’s computers. Spyware can gather information about every move one makes when surfing the Internet. This data is then used by spyware companies to target pop-up ads and other forms of advertising.
Flowing from the above it can be deduced that we have lost our right to privately make purchases or to make certain purchases unnoticed, our right to read a book privately as some books are published only in e-book format and some newspapers only exist online thereby forcing one to read them online where one’s clicks and page views are tracked and companies are doing everything in their power to associate those clicks and page views with one’s names, addresses, demographic information, and other personal information.
Conclusion
Considering the extent to which the right to privacy (and please do remember I am more concerned in this article with the right to informational privacy) is been eroded as has been earlier explained above, it may not be out of place to conclude that the right to privacy in the information age is a myth. However, the extent to which this is correct depends on where you live in the world. People living in countries with less internet penetration rates (penetration is the rate of a country’s population which are internet users) may not have lost their right to privacy as much as people in countries with high internet penetration rates.
The conclusion that the right to privacy in the information age is a myth is somewhat buttressed by Glenn Greenwald, a former constitutional lawyer and now columnist on civil liberties and US national security issues for the Guardian and also author of the book: “With Liberty And Justice For Some: How The Law Is Used To Destroy Equality And Protect The Powerful.” Greenwald while commenting on the NSA’s mass and indiscriminate bulk collection of the internet communications of millions of citizens of Brazil said thus:
That the US government – in complete secrecy – is constructing a ubiquitous spying apparatus aimed not only at its own citizens, but all of the world’s citizens, has profound consequences. It erodes, if not eliminates, the ability to use the internet with any remnant of privacy or personal security.
The conclusion is further buttressed by the documentary: “‘Terms and Conditions May Apply” which exposes what corporations and governments learn about people through internet and cell phone usage, and what can be done about it, if anything. In reviewing the documentary Lloyd Grove of dailybeast.com, hit the nail on the head thus:
With the Facebooks and the AT&Ts of the world hungry to know you better for the bottom line’s sake, and with the government empowered to ask them to pass along what they know without the bother of a Fourth Amendment search- and- seizure test, the goose of privacy has been cooked, sauced and served.
Privacy is a very important right which enables us to exercise and enjoy other rights like freedom of expression which is guaranteed under section 39 of the 1999 constitution of Nigeria as amended. It empowers us to feel that we can speak freely, associate freely, and access information freely.
It is therefore sad that this right appears to be dead as even the tools which exist to ensure privacy online are not user-friendly or common place compared to the ones which do not protect our privacy as explained by Timothy B. Lee in the article: NSA Proof Encryption Exists. Why Nobody Doesn’t Anyone Use It? Tor Browser is good for protecting privacy but can only be used effectively by those who are highly skilled computer users.
You may be wondering why it is sad but the right to privacy also includes the ability of individuals to determine who holds information about them and how is that information used. However, once your personal information is collected by the numerous websites you visit on the internet, you may lose control over how and what they can do with that information. You therefore lose your right to privacy. Remember also that privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively. On the internet it is very difficult to seclude information about yourself and reveal it selectively.
There are certain programmes like Adblock Plus, Ghostery (which blocks the invisible tracking cookies and plug-ins on many web sites, showing it all to you, and then giving you the choice whether you want to block them one-by-one, or all together so you’ll never worry about them again. The best part about Ghostery is that it’s not just limited to social networks, but will also catch and show you ad-networks and web publishers as well) and Do Not Track. These will only protect your personal information from been tracked, collected and analyzed for advertisement purposes but not against secret, overly broad and unlawful surveillance or monitoring by NSA or GCHQ.