Computer Ethics, Fall 2010 Week 6

October 18
Corboy Law Room 523
4:15-6:45 Mondays

Privacy
From whom?
AOL leak
RFID

Read: §2.1, 2.2 of Baase on privacy
Read http://cs.luc.edu/pld/ethics/garfinkel_RFID.pdf on privacy

http://youropenbook.org/

http://digitalethics.org

The Lives of Others


Privacy



SCOTUS cases on privacy -- Baase pp 69ff

1928: Olmstead v United States: 4th amendment does NOT apply to wiretaps

1967: Katz v United States
4th amendment does too apply to wiretaps! Privacy may still exist in a public area.
Katz was using a pay phone; the FBI had a microphone just outside the phone booth. To the appellate court, the fact that the microphone did not intrude into the phone booth was significant in finding for the FBI, but the supreme court reversed.

Doctrine of "reasonable expectation of privacy" (REoP) replaced the doctrine of "physical intrusion"

Problem with REoP: as technology marches on, isn't our reasonable expectation diminished? And does this then give the government more license to spy?


1976: US v Miller
information we share with others (eg our bank) is NOT private. Government can ask the bank, and get this information, without a warrant. (However, the bank could in those days refuse.)

1979: Smith v Maryland
Reduction of REoP by the police is not SUPPOSED to diminish our 4th-amendment rights. However, in that case the supreme court ruled that "pen registers" to record who you were calling did NOT violate the 4th amendment.

http://caselaw.lp.findlaw.com/scripts/getcase.pl?navby=CASE&court=US&vol=442&page=735


Application of the Fourth Amendment depends on whether the person invoking its protection can claim a "legitimate expectation of privacy" that has been invaded by government action. This inquiry normally embraces two questions: first, whether the individual has exhibited an actual (subjective) expectation of privacy; and second, whether his expectation is one that society is prepared to recognize as "reasonable."

First, we doubt that people in general entertain any actual expectation of privacy in the numbers they dial. All telephone users realize that they must "convey" phone numbers to the telephone company, since it is through telephone company switching equipment that their calls are completed. All subscribers realize, moreover, that the phone company has facilities for making permanent records of the numbers they dial....

If you want to keep a number private, don't call it!

Note the crucial issue that the defendant voluntarily shared the number with the phone company!

Justices Stewart & Brennan dissented

The telephone conversation itself must be electronically transmitted by telephone company equipment, and may be recorded or overheard by the use of other company equipment. Yet we have squarely held that the user of even a public telephone is entitled "to assume that the words he utters into the mouthpiece will not be broadcast to the world." Katz v. United States

What do you think of this distinction? Is there a difference between sharing your phone number with the phone company and sharing your actual conversation with them?


2001: Kyllo v United States

Thermal imaging of your house IS a 4th-amendment search! This is a very important case in terms of how evolution in technology affects what is a REoP

http://www.law.cornell.edu/supct/html/99-8508.ZS.html

Held: Where, as here, the Government uses a device that is not in general public use, to explore details of a private home that would previously have been unknowable without physical intrusion, the surveillance is a Fourth Amendment “search,” and is presumptively unreasonable without a warrant.

How long into the future will this hold? Could it be that part of the issue was that the general public was not very aware of the possibility of thermal imaging? If thermal imaging were to come into not only general public awareness but also general public use (eg by equipping cellphones with IR cameras), would the situation change?

I believe there was a trial-level civil case in which a judge ruled that eavesdropping on someone else's phone call made on an old-fashioned cordless phone (remember those?) was not an invasion of privacy because no one had a "reasonable expectation of privacy" when using a cordless phone because "everyone" knew that it was easy to listen in to someone else's call simply by playing with the channel button. However, I cannot find this case.


The FBI and cellphone location records
nearest-tower (cell-handoff) records v GPS records
Supposedly the Justice Department gets warrants for GPS data (nearest few feet), but usually does not for nearest-tower data (which positions you to within a few miles at worst, a few hundred feet at best).

Another distinction is between realtime data (where you are now) and "historical" data (where you were).

The federal government has tried to claim that nearest-tower data simply amounted to "routine business records".

Video surveillance -- Baase p 72


This is a big issue in Chicago, where there are both "obvious" and "hidden" cameras.

2001 Super Bowl: Tampa police used facial-recognition software on all 100,000 fans. It didn't work terribly well.

London: heavy camera use to:

London in 2005:
What about the rate of false positives?

Should the London cameras be used to track lesser crimes, such as pickpocketing?


Facebook/MySpace:
 
When did Facebook stop being "closed", ie access was limited to your "network"? Did anyone care?
 
Facebook, MySpace, google, deja news, and dating
 
deja.com (now run by google)
 
Facebook mini-feeds, Baase p 55
Allowed active notification to your friends whenever you change your page. Why is this a privacy issue?

I note that lots of people have left these enabled.

Whatever one says about Facebook as a source of privacy lost, it is pretty clear to everyone that posting material to Facebook is under our control, though perhaps only in the sense that we participate in Facebook voluntarily. Thus, the Facebook privacy question is really all about whether we can control who knows what about us, and continue to use Facebook.


ChoicePoint and Acxiom


Look at the websites. Are these sites bad? (ChoicePoint is now LexisNexis.com/risk (for Risk Solutions)

What if you are hiring a youth worker?

ChoicePoint sells to government agencies data that those agencies are often not allowed to collect directly. Is this appropriate?

ChoicePoint might argue that it is similar to a credit bureau, though exempt from the rules of the Fair Credit Act because they don't actually deal with credit information.

Baase p 60: "At least 35 government agencies are or were clients of ChoicePoint". Some of the data collected (again from Baase):

From the Acxiom website (http://www.acxiom.com/products_and_services/background_screening/faq/Pages/FAQs.aspx)

Must I supply applicants’ dates of birth?

Date of birth is critical to the criminal record search process. The majority of courts use date of birth as a primary identifier, but please note that a handful actually require this piece of information to process requests. However, Acxiom offers alternative options to customers who are unable to supply this information. Our toll-free Applicant Date of Birth Line allows applicants to call and register date of birth information via a touchtone answering system. Acxiom then retrieves this information for use in the search process, subsequently reporting “match” or “non-match” record results to the customer while never divulging the specifics of the date of birth. Additionally, date of birth information may be confidentially submitted via a specially dedicated URL (www.acxiomdob.com) that forwards applicants to an internal 128-bit SSL encrypted website where they are prompted to enter the needed information.

Why is this an issue?

You can not legally ask age in a job interview in the US, if you have four or more employees.
    http://smallbusiness.findlaw.com/employment-employer/employment-employer-hiring/employment-employer-hiring-interview-legal.html

You can ask the candidate to authorize the release of a credit report (you can't get the credit report without asking). However, several states are considering banning this practice (except for jobs involving responsibility for money), on the theory that applicants can't say no, and that it makes it much harder for those who have had credit problems ever to recover.


Baase p 61: case study on federal DB on all US college students. The database would list all courses taken, with grades; it would also include loan and scholarship records.

Good example of a fairly common situation: creation of a new database containing confidential information.

Benefits:

Drawbacks:

Is such a database a good idea?

What if in 2012 a law is passed giving prospective employers access to the data, if the job applicant signs a consent form? What do you think would happen if you refused to sign?

Related "database-matching" issue: should the government be able to link databases of:


Joe the Plumber

aka Samuel Joseph Wurzelbacher

He went to an Obama rally and asked a serious question about Obama's tax plan (in which he apparently confused income with profit). Obama made his "spread the wealth" remark in response. After this was in the press, McCain ran with it, and referred to him multiple times in the debate, as a symbol of middle-america and small businesses.

One reporter (in a print newspaper column I failed to save) argued that Wurzelbacher should have no expectation of privacy. At what point does this become true? Is it true of Obama? Was it true for Palin, or McCain? Wurzelbacher did try to capitalize on his sudden fame, and some might argue that in doing so he lost his expectation of privacy. But suppose he had tried to remain a private citizen?

Allegations about him:
Lucas county clerk of courts: http://apps.co.lucas.oh.us/onlinedockets/Default.aspx

Search for "Wurzelbacher".

Is the availability of this kind of search appropriate?

See also Baase, §2.3.5, on Public Records. Her examples include:

What of the above is legitimate to talk about for a private citizen?
At what point did Wurzelbacher stop being a private citizen?

Wurzelbacher asked Obama a financial question. Does this make W's income and taxes fair game? What about his child-support records?

Aw, to hell with facts: see http://www.slate.com/id/2202480

Search records and computer forensics

In 2002, Justin Barber was found shot four times on a beach in Florida. None of his injuries were serious. His wife April, however, had been shot dead. Barber described the event as an attempted robbery.

There were some other factors though:
Police searched Barber's computer for evidence of past google searches. They apparently did not contact google directly. Barber had searched for information on gunshot wounds, specifically to the chest, and under what circumstances they were less serious. Barber was convicted.

More at: http://news.cnet.com/8301-13578_3-10150669-38.html


Case of Lee Harbert:
Harbert's vehicle struck and killed Gurdeep Kaur in 2005. Harbert fled the scene. When arrested later, his defense was that he thought he had hit a deer. But his on-computer searches were for
    "auto glass reporting requirements to law enforcement"
    "auto glass, Las Vegas" (the crime was in California)
    "auto theft"
He also searched for information on the accident itself. Harbert too was convicted.
   
more at http://news.cnet.com/8301-13578_3-10143275-38.html


Case of Wendi Mae Davidson
Police found her husband's body in a pond at the ranch where Davidson boarded her horse. Police found the ranch itself by attaching a GPS recorder to her car. Davidson also used an online search engine to search for the phrase "decomposition of a body in water".

More at http://news.cnet.com/Police-Blotter-Murderer-nabbed-via-tracking,-Web-search/2100-7348_3-6234678.html


How do such cases relate to the AOL search-data leak, and Thelma Arnold?
While none of those individuals was charged with anything, some of their searches (particularly those related to violent pornography) are rather disturbing.

Case of Antoine Jones
Jones was an alleged cocaine dealer in the Washington, DC area. Police attached a GPS tracker to his car while it was parked in the driveway. By following him over a 30-day period, the police were able to build a strong case against him. But Jones argued that such tracking was unreasonable warrantless search, despite a 1983 Supreme Court ruling that allowed wireless tracking for single trips.

In August 2010, the DC Court of Appeals agreed, and overturned his conviction.

The ninth circuit and the seventh circuit (including Illinois) have ruled otherwise, however.


Where is google-search-history stored on your computer?


Theories of Privacy

Is it obsolete?

See Baase, p 92. Is it true that "young people of today" are not as concerned about privacy?

WHY?

Warren and Brandeis, 1890

(Louis Brandeis later became a supreme-court justice.) They argue for the principle of "inviolate personality" that gives everyone specific rights regarding their personal information. Their primary concern was apparently newspaper gossip columns. Their argument was that repeating "private" information about someone violated a fundamental right. Baase, p 106.

Problems arise here because Warren and Brandeis were not able to formulate precisely what was meant by an "inviolate personality", or to explain at what point your rights to your inviolate personality give way to the Public's Right To Know. For government officials, for example, the right of the voters to know what they are really like might be very important.

Another issue is that WB seemed most concerned with publication of data that violated our privacy. What if it is just made available to a selected few? Employers? People on some committee at our church? Car-rental agencies? People with some self-defined Need To Know, such as our annoying neighbors? This is not normally understood to be publication.

Thomson, 1975

Judith Jarvis Thomson argued against the WB position, claiming that every time a privacy right is violated, there is in fact some other, more concrete, right being violated. Hence, we do not need special privacy rules. One of her examples is the Magazine Scenario: if you don't want people to read it, you can keep it private. If they break into your house, they have broken the law. If someone interrogates you violently and thus obtains private information, the real issue is the violence and not the privacy invasion. If a company reveals information about you in a way that is contrary to their own privacy policy that you accepted, they are violating your contractual rights. A less-clear example is the Shower Scenario: she argues that if someone peeps at you while you shower, they have violated your "right to your person". Is this just a WB-style privacy right, or is the "right to your person" more concrete and limited?

Others have tried to find examples where your right to privacy was violated, but no other rights were. What if someone reads your email? Are there other rights involved besides your right to privacy?

Transactions

On pp 108-109, Baase describes a scenario involving Joe, Maria, and some potatoes. Joe buys the potatoes from Maria; Maria sells the potatoes to Joe. Who owns the information about the transaction? Either party might want the information kept private; does the other party then have an obligation to keep it so? Or does the privacy-concerned party have to add that into the contract up-front, so that if Joe wants it private then he might have to pay more, or if Maria wants it private then she might have to charge less?

Who is the transaction about?

Another example is the making of "connections" visible to Everyone on Facebook: which party is in charge here?

In the real world, sellers are often large corporations. When we as individuals buy things, the balance of power is skewed in favor of the larger seller. Does this change things?

Property Rights to Personal Information

Do we have such rights? What about "negative" information, such as
One immediate issue is the transactions one: is a tenant's late-payment history their property, or the landlord's? Judge Richard Posner argued that personal information that is not "expensive" in the economic sense should receive more protection.


Theories of Privacy 2

Free-market privacy

[Baase 114] The argument here is that our information is something we have a right to sell. We are informed consumers, and if we want to sign up for a Dominick's Preferred Card, we have a right to. Similarly, we have the ability not to share our personal information with websites that do not have good privacy policies, and Baase has argued that many websites have as a result of this become very interested in their privacy policies [Baase p 77, p 104]. Or is it just that companies don't want the bad publicity that comes with a bad privacy policy plus an incident?

This approach to privacy means that we just accept that we can't get the lowest prices and privacy, or we can't get certain websites without advertising, or certain jobs without waiving our rights to certain private information, or use certain social-networking sites without sharing some of our private information with the world.

In terms of protection of our personal data in the hands of corporations, this approach suggests that businesses will protect our data because they don't want the liability that comes with accidental release. Specific regulations are not necessary.

Our right to privacy here is the negative right, or liberty, not to share our personal information.

Question: is it wrong to offer poor people the option of selling away their fundamental rights? We do not, for example, allow poor people to sell their kidneys, and we do not allow them to let their children go to work at age 14. We do not allow workers covered by Social Security to take the money and invest it privately.

But we do allow better-off consumers to "sell" some of their privacy in exchange for lower grocery prices; why should worse-off consumers be denied this? Or should everyone be denied this?

Consumer protection and privacy

[Baase 115] The alternative approach is that we need lots of government regulations to protect ourselves, because we just can't keep track of all the implications of revealing each data item about us. There should be rules against keeping certain data, even with our consent, because society can't be sure such consent is freely given.

A central idea of regulations is that we are denied the right to do certain things (eg sell some of our private information), on the theory that most people will not understand the full scope of the transaction, and there is no practical way of separating those who don't from those who do.

Large corporations with our data have an unequal share of the power. We need fundamental positive rights that say others have an obligation to us not to do certain things with our data (like share it).

This approach is likely to lead to an "opt-in" requirement for use of private data, rather than an "opt-out".

Are we hiding something?

Well, are we? If we do not consent to surveillance of everything we're doing, are we hiding something? The obvious answer is "yes", but are we hiding something that our neighbors or the government have a right to know?

Workplace privacy of email

One fairly basic principle the courts have used is whether or not one has a "reasonable expectation of privacy". However, this doesn't always mean quite what it seems.

Smyth v Pillsbury, 1996

Summary: Michael Smyth worked for Pillsbury, which had a privacy policy governing emails that said Pillsbury would NOT use emails against employees, and that emails "would remain confidential and privileged". Specifically, Pillsbury promised that e-mail communications could not be use against its employees as grounds for termination or reprimand.

Smyth and his boss exchanged emails in which marketing employees were discussed in an unflattering light. The phrase "kill the backstabbing bastards" appeared.

Smyth and his boss got fired, based on the contents of their emails to each other.

Smyth sued for wrongful termination. He lost.

Circumstances when you CANNOT just fire someone:

Does OWNERSHIP of the email equipment matter? No!!

Bourke v. Nissan:

California similar case: Bourke worked for Nissan; email was reviewed, it was highly personal, she got low evaluation. The email probably but not definitively contributed.

Shoars v. Epson: California

Alana Shoars was involved in email training at Epson. She found supervisor Hillseth had been printing and reading employee emails. She objected, and removed some of the printouts from Hillseth's office. She also reported the incident to Epson's general manager. Hillseth then had Shoars fired, allegedly because she had asked for a private email account that was not accessible by Hillseth. Epson had informed employees that email was "private and confidential". California had a law prohibiting tapping of telephone lines. The law may have covered other communications, but that part was dismissed on a technicality: tapping alone didn't constitute eavesdropping, and the eavesdropping issue was never brought up.



One fairly basic principle the courts have used is whether or not one has a "reasonable expectation of privacy". However, this doesn't always mean quite what it seems.

Smyth v Pillsbury, 1996

Summary: Michael Smyth worked for Pillsbury, which had a privacy policy governing emails that said Pillsbury would NOT use emails against employees, and that emails "would remain confidential and privileged". Specifically, Pillsbury promised that e-mail communications could not be use against its employees as grounds for termination or reprimand. Smyth was, however, fired for the contents of his email.

Federal District Court within Pennsylvania, 1996. Case was dismissed after a preliminary hearing (not a trial).
The District Court opinion is at http://cs.luc.edu/pld/ethics/smyth_v_pillsbury.html.

Judge: Charles Weiner

Whatever happened to the CONTRACTUAL issue? Hint: there is a long history of cases upholding "employment at will" doctrine.

How would the case have been different if:

Discussion of Smyth v Pillsbury:

Contract v Tort: Judge held that corporate eavesdropping is not offensive. Duh. (Could it be offensive because the company had promised not to??)

Judge says Smyth lost because email was "utilized by entire company" and Smyth's emails were "voluntary".

Were they? What does this have to do with anything? The use of the word "voluntary" is in contrast to mandatory urinalysis cases.

From the decision:

we do not find a reasonable expectation of privacy in e-mail communications voluntarily made by an employee to his supervisor over the company e-mail system notwithstanding any assurances that such communications would not be intercepted by management.

...
even if we found that an employee had a reasonable expectation of privacy in the contents of his e-mail communications over the company e-mail system, we do not find that a reasonable person would consider the defendant's interception of these communications to be a substantial and highly offensive invasion of his privacy.

"Reasonable expectation of privacy" does not mean the search is "offensive". Only searches that are "offensive" would allow legal action regarding firing of an "at-will" employee.

Judge: Pillsbury's actions did not "tortuously" (that is, in violation of some tort, or general non-contractual duty) invade privacy.

unstated by judge: prevention of sexual harassment as justification. This provides a legitimate "motive" for corporations to read all employee email. The judge did state

Moreover, the company's interest in preventing inappropriate and unprofessional comments or even illegal activity over its e-mail system outweighs any privacy interest the employee may have in those comments.

Arguably, though, the Smyth kind of talk between "buddies", with the self-image projected to fit that context, is EXACTLY what some interpretations of privacy are about. Not all context is "professional".

What if Pillsbury recorded spoken water-cooler or bathroom conversation?

What the heck is a "reasonable expectation of privacy"??? "In the absence of a reasonable expectation of privacy, there can be no violation of the right to privacy."

Could Smyth have sued for DAMAGES, instead of reinstatement? Could Smyth have sued for contractual obligations?

Footnote to judge's ruling: ["estoppel" is eh-STOP-uhl]

FN2. Although plaintiff does not affirmatively allege so in his Complaint ... the allegations in the Complaint might suggest that plaintiff is alleging an exception to the at-will employment rule based on estoppel, i.e. that defendant repeatedly assured plaintiff and others that it would not intercept e-mail communications and reprimand or terminate based on the contents thereof and plaintiff relied on these assurances to his detriment when he made the "inappropriate and unprofessional" e-mail communications in October 1994. The law of Pennsylvania is clear, however, that an employer may not be estopped from firing an employee based upon a promise, even when reliance is demonstrated. [emphasis by pld] Paul v. Lankenau Hospital, 524 Pa. 90, 569 A.2d 346 (1990).

Jurisdiction problems: what if one party to an email lives in a state that grants statutory privacy protections? This problem comes up all the time with phone calls:

Worldcom case: Plaintiffs were Kelly Kearney and Mark Levy; they worked for a company acquired by Worldcom. Their calls were recorded in Georgia, but plaintiffs were calling from California, which forbids recording without notification of ALL parties.

Massachusetts case: jurisdiction depends on where wiretapping physically took place, not where the speakers were. How does telephony relate to email? What is our expectation of privacy? 

What about use of, say, a personal gmail account while at work? If employer monitors transactions with gmail.com? If employer obtains email from google directly?

Loyola policy: luc.edu/its/policy_email_general.shtml (discussed below)

Persistence: email sticks around, although people USE it as if it were like the phone.


Paul v Lankenau Hospital
    524 Pa. 90, 93, 569 A.2d 346,348 (1990) 
    (PA court Atlantic Reporter reference 2nd Series, vol 569 Starts page 346, actual reference on page 348)

Dr Parle Paul, MD, would take home discarded hospital equipment. He would sell it or send it to clinics in Yugoslavia, his homeland. He got permission to take five discarded refrigerators. Unfortunately, he apparently did not have the RIGHT permission.

Oops.

He was fired, and filed suit in state court for reinstatement and for defamation.

A jury trial resulted in a verdict in Paul's favor, both for damages and reinstatement. Superior court affirmed. The appellate court reversed the reinstatement order.

From the appellate decision:

Equitable estoppel is not an exception to employment at-will. The law does not prohibit firing of an employee for relying on an employer's promise.

Exceptions to the [at-will firing] rule have been recognized in only the most limited circumstances, where discharges of at-will employees would threaten clear mandates of public policy. [some such: racial/ethnic discrimination, whistleblowing, refusal to commit illegal acts, unionizing, ...]

Look at this another way. Smyth and his lawyers knew that he could be fired for any reason, regardless of Pillsbury's promises to the contrary.

Smyth was asking for application of the TORT of invasion of privacy to be applied. A "tort" is essentially a common-law right that has been breached, as opposed to a contractual right. Tortuous invasion of privacy exists, but the standards are high and privacy must be a reasonable exception.

In court cases, you can't add 30% of an argument for equitable estoppel and 70% of an argument for tortuous invasion of privacy to get 100% of a case. ONE argument must be 100% sound.


Who decides when we have a "reasonable expectation of privacy"? If most people think email privacy is easy to breach, does it lose protection? Is this case about the judge not "getting it" that email privacy is not about "whoever owns the equipment can do what they want"? Is email any easier to spy on than the phone?

Review of Smyth v Pillsbury:

Bottom line, there is "no reasonable expectation of privacy for work email" and they can read it even if they promise not to.

That last part fits in with longstanding law regarding employment-at-will.

The main issue is really the "no reasonable expectation" part, since that blocks civil tort suits. Even if "reasonable expectation" is highly subjective.