By Christopher Wolf
Just because you can “Google” someone, should you? This is a good question for the U.S. Federal Trade Commission, which is re-examining privacy during a series of roundtable events this winter.
One would not expect a Supreme Court Justice to weigh in on the question unless it was presented formally before the Court. But the absence of a case did not stop Justice Antonin Scalia from expressing his opinion that searching online for personal details about someone—him—is wrong. What prompted the Justice’s pronouncement? Fordham University Professor Joel Reidenberg assigned his privacy class to “Google” Justice Scalia and his family (and look at other publicly available sources), as an educational exercise to show just how much information is out there on the Internet about each of us. The search turned up family pictures, home phone numbers, and other Scalia family information not intended for the world at large. Professor Reidenberg was not stalking the Justice. Rather, he launched the educational exercise in response to the assertion by Justice Scalia at a privacy conference in January that he didn’t think “every single datum about my life is private.” (The dossier the Fordham students prepared never was released to the public.)
The Justice was furious, calling the class exercise in Googling a demonstration of bad judgment. Analogizing to the First Amendment, the Justice said that just because the law allows you to do something does not mean you should do it.
At a recent IBM-sponsored program, the issue of privacy and ethics was discussed, with a particular focus on the episode of Scalia Googling. One aspect of the issue was whether, in the Google/MySpace/YouTube era, anyone—especially a public figure—can have an expectation of privacy when it comes to publicly available information that appears online. For sure, information provided in private, or for one particular purpose, is ending up on the Internet for all to see. Does that mean there should be a rule of ethics that even though information is publicly available, one should refrain from looking at it (or downloading it)?
The rules on intellectual property are a lot clearer: Just because copyrighted sound recordings and motion pictures may be available for download on the Internet does not mean we should take them for free. It’s illegal. But there are no legal rules on helping ourselves to freely viewable personal information online. That, as Justice Scalia has put it, is a matter of “judgment.”
To be sure, there are legal restrictions on what personal information can be accessed from credit bureaus and for what purpose it can be used. And other companies that provide personal information to law enforcement and business operate under legal rules. But for the great maw of information available online, it is pretty much “anything goes.”
In his book, Delete: The Virtue of Forgetting in the Digital Age, Viktor Mayer-Schönberger explains that forgetting is a natural human process, but that digital technology and cheap storage make forgetting impossible. So we appear to be approaching the fictional world of the movie Defending Your Life with Albert Brooks and Meryl Streep, in which every episode in one’s life is recorded for later viewing (to pass judgments).
As much as Justice Scalia would like, it is unlikely that society will develop ethical norms about accessing freely available online personal information. So should we just throw up our hands and conclude in the words of former Sun Microsystems Chairman Scott McNealy that “there is no privacy, get over it”?
Actually, privacy is both a matter of giving and taking. Yes, personal information online is free for the taking and that is not likely to change. But we still have lots of ability to control what personal information is taken from us, and for what purpose—the personal information that has the potential to end up online for public view. The legal and ethical problem so far has been on how we are informed about who is taking our information, for what purpose, with whom it is being shared, how long it will be retained and when (and how) it will ultimately be destroyed.
The Federal Trade Commission has gotten a lot tougher recently about the notices that companies give about the collection of online information, and new FTC leadership is focusing hard on that question. Congressman Rick Boucher is proposing new legislation to control online tracking of consumers for targeted advertising. And many think that our “digital natives,” the kids who have grown up with computers and social networking sites, need to be educated about the permanent record that the online world creates. Funny pictures from a fraternity bash or an irreverent “tweet” on Twitter may impede a young person’s educational or job opportunities.
Responsible companies, too, are recognizing, as a matter of law and business ethics, that providing clear and timely notice to consumers about the collection and use of information from them builds trust. In this age where information is the lubricant of commerce, being fair to people about their personal information is not just the right thing to do, it is good business. The Future of Privacy Forum, a think tank focused on privacy issues, is working on new ways online marketers can engage users about how their Web activity is being used for tailored advertising.
So, we may never solve the problem of all of us becoming online voyeurs, accessing and looking at personal information about others because we can. “Googling someone” has entered common parlance precisely because it is common. But as technologies accelerate in their ability to collect information about us, providing each of us with control on the input side of things is imperative.
Mr. Wolf leads the privacy law practice at Hogan & Hartson LLP and is the co-chair of a think tank focused on privacy issues, the Future of Privacy Forum. This article is an adaptation of a recent presentation at the IBM IT Services Legal Summit in New York City.