Colin Bennett, in his recent text The Privacy Advocates: Resisting the Spread of Surveillance, does a nice job creating a developing a typography for privacy advocates. Of a minor controversy, his text doesn’t include data protection commissioners as ‘privacy advocates’, even if they self-identify as such, on the basis that he wants to reflect on the roles that actors from civil society now play. Privacy, when understood in terms of regulatory capacity and relevant actors, cannot be sensibly talked about just in terms of ‘official’ advocates (e.g. data commissioners) because civil society is often deeply involved in the actions, reactions, and positions that the commissioners are forced to assume. In essence, privacy advocates are sometimes friends of, foes of, or ambivalent towards the privacy commissioners (I’d use another typography for this relationship, but I’ll wait for it to be publicly presented before talking about it here. It’s really snazzy though.).
Privacy advocates, in Bennett’s terms, are classified as such:
- Advocate/Activist: These advocates do not balance privacy against competing interests, but instead adopt an uncompromising attitude because they know that competing arguments will always be made by individuals and groups with more resources than the advocates (see the UK’s issues with Phorm as a spectacular case in point). Principles are what motivates activists.
- Advocate/Researcher: This is where most academics (broadly understood as students, lecturers, faculty, post-docs, etc) sit; these advocates are involved in considering particular issues and deeply grounding their positions in various literatures. Such positions may be grounded in philosophy, law, sociology, political science, and so forth, but positions are clearly well researched, sometimes assume compromise situations, and are not necessarily grounded primarily on principle.
- Advocate/Consultant: There are four sub-classifications of these advocates; “[t]here are real differences among taking money first to advise clients, second to educate clients, third to represent clients, and fourth to do research for clients” (Bennett 2008: 80). In some cases, consultancy offers a deeper understanding of the practicalities involved in particular privacy management practices, and sometimes consultants (try) to wear a variety of hats (Simon Davies, Privacy International, and 80/20 quickly come to mind).
- Advocate/Technologist: These are the ‘geeks’ of the privacy community. Some hold that technologies hold social and political values, and that the very structures of social and political power bias how particular technologies will be deployed. Given their ‘boffin’ status, they are able to develop highly articulate reasons for why particular technologies are problematic, though the worry is that because they are so technically minded they cannot communicate ‘dangers’ in an accessible manner to a wider public community.
- Advocate/Journalist: These individuals are interested in covering privacy breech stories, but at the same time their own drive to learn the most possible about stories threatens to put them in tension with other privacy advocates and their respective positions. Journalists “tend to err more on the side of disclosure and access” and thus must sort out public/private issues and debates on a case-by-case basis (Bennett 2008:89).
- Advocate/Artist: While often overlooked, these individuals can often translate a social danger into a rapidly accessible language and/or medium. Art can set the conditions under which individuals think about surveillance practices.
As should be quickly evident, there is a range of pragmatic and idealistic positions assumed by members of the privacy advocacy community; save for activists, Bennett does not suggest that other groups are necessarily against the notion of ‘balancing’ privacy and other issues. Privacy problems are seen ever more ‘pragmatically’ when you turn to the privacy commissioners who have limited political capital and must spent it incredibly wisely. It is on this point that advocates and commissioners often come into conflict – when a highly efficient data processing system, with strong security provisions, is introduced does a commissioner vehemently resist the system or do they instead try to reform it to include as many privacy protections as is possible?
The danger that is latent in a reforming process is that the commissioners are in danger of being compromised (from an advocate’s position) because they are not perceived to be ‘properly’ serving the public’s interest. I will admit that I, myself, am often skeptical that some of the commissioners’ positions suitably ‘understand’ the danger of particular practices to basic constitutional rights – I tend to hope that the commissioners will take strong stances on particular issues and expend their capital to resist particularly invasive new technological deployments. These hopes are often dashed (Ontario and Quebec’s respective commissioners and Enhanced Drivers Licenses come to mind).
Beyond particular issues, however, advocates nip at the heels of commissioners, often (in Canada) forcing the commissioners to clarify their positions. At the same time, there are very significant problems in Canada with how such ‘clarifications’ take place. In Canada, there is a listserv that various parties who are deeply invested in privacy are members of. At least one of the commissioners is also on the list. When an advocate takes issue with the commissioner’s position, the commissioner typically will respond and offer their reasoning. This is good. What isn’t good, is that the listserv is damnably hard to find – it’s kept very private, and is effectively just word of mouth. This leaves the public out of the discussion, and leaves advocates and commissioners in a bubble that the public should at least be able to find via Google.
This is a serious problem, and (to my mind) speaks of a bizarre, and a potentially problematic, relationship between advocates and officials. Given that there is a seeming trust (or so it feels) that what is disclosed on the listserv will not be publicly rebroadcast to the world at large, the advocate/activist is left in an awkward position. Should things be kept ‘private’, so that disputes can be played out behind digital curtains, or should advocates break ranks and reveal the list and its contents? Should the consultant working for the government toe the party line, or should they advocate their own position? Can the journalist take what a commissioner says in a semi-informal space and publish it?
In essence, what relationship exists? Moreover, in ‘going public’ is the advocate responsible for violating a privacy trust – is the advocate being placed in an untenable situation? Many of the most prominent privacy advocates in this country are well known to the commissioners, and know the commissioners fairly well in turn. Adversarial relationships exist, at times, but the advocacy community (appears) well aware of the fact that commissioners can often be motivated to assist advocates in their work – do they limit their arguments, their vehemence, in an effort to garner their own capital to subsequently be ‘cashed in’ with a commissioner’s office??
In the case of the advocate/researcher, what does it mean for the Office of the Privacy Commissioner of Canada to offer substantial research funds every year for privacy-related projects? Are these advocates gentler towards the OPC on the basis that harsh treatment might close one of the few funding doors that are available to them?
I should note that, in my own case, that this very posting isn’t what I really want to publish. I want to vehemently respond to something that one of the commissioners has recently stated – this post was initially titled ‘Pragmatics versus Privacy’ and was incredibly critical of a commissioner. I don’t actually feel like that’s something I can publish, however, because as a researcher I’m always desperate for funding, and as someone who wants to keep all my job prospects open I don’t want to write something that could prevent me from being hired by a commissioners’ office in the future. Maybe I’m being too sensitive. Maybe I’m just internalizing Ann Cavoukian’s recent comment that “Forget embarrassment, it can affect your ability to get a job … The reality is that nothing you put online is private.”