Reason Magazine

Suspected Terrorist

Multimillionaire John Gilmore is suing the government to remain anonymous. Is this the last stand for privacy?

Brian Doherty from the August/September 2003 issue

(Page 3 of 6)

TIA's precise parameters and proposed goals remain uncertain. That may change when the program becomes fully operational -- or it may not. Either way, it hasn't stopped privacy and security mavens from gathering at learned conferences and debating whether it will be Big Brother reified or a sensible security tool.

Strengthening the state's ability to instantly check every bit of information ever recorded about us in a computer -- potentially including insurance claims, credit records, magazine subscriptions, travel plans, and on and on -- certainly intrudes on our privacy. But why -- especially in a post-9/11 world -- should Americans particularly care, after balancing the costs with potential benefits? Why does John Gilmore worry about an airline knowing who he is? Why should you worry if the federal government knows what's in your credit report or whether you've paid your municipal fines?

All these questions might be moot. Some privacy theorists have concluded -- in sorrow if not necessarily in anger -- that privacy, defined as the ability to keep information about ourselves to ourselves, is already dead and buried.

Science-fiction writer David Brin, in his influential non-fiction book The Transparent Society (1999), posited that it's impossible to keep most facts about ourselves private. We could sit and whine about it, he declares, or we could smarten up and realize that the most precious aspect of our very wealthy, very free Western world has never been privacy, secrecy, or anonymity. Rather, it has been a freewheeling openness, with information flowing everywhere. Brin believes that data must flow in all directions: not just from the bottom up but from the top down, not just to the state but about the state, not just through our bedrooms but from our courtrooms.

Brin argues that the endless fight to preserve civil rights by trying to close the government's eyes is futile. We can watch government, but we can't blind it. "I tell people to go to the zoo and climb in the baboon cage," he says. "Take a sharp stick and try to poke out the eye of the biggest baboon. He won't let you. But he may reluctantly let you look at him."

Plans like TIA don't surprise Brin a bit. "There is no way on God's green earth to keep elites from seeing," he says. The technologies of surveillance and information-gathering and processing are getting smaller, more efficient, and more ubiquitous. Miniaturized cameras, recording devices, and global-positioning satellite (GPS) technology -- to name just some of the relevant technologies -- mean the bogeyman of cheap, universal tracking is already here.

Brin insists that freedom and civil rights, even for dissidents, will be able to survive in such a world. In fact, he provocatively suggests that they might even thrive, as surveillance technologies are used to keep the powers-that-be in check (remember Rodney King?). In any case, given our tribal past, Brin argues that anonymity of the sort Gilmore craves is unnatural for human beings. He offers a thought experiment in his book to show how transparency can aid, not quash, the outré and dissident: "If you see a person engaged in some bizarre activity in your neighborhood -- perhaps performing a strange dance, or erecting a mysterious device, or just mumbling to himself" -- what will make you feel at ease, less likely to investigate or suppress the behavior? If it is a "total stranger" wearing "a ski mask and a heavy overcoat" who refuses to tell you anything about himself, or if it is someone "whose life history is familiar, who readily answers questions?"

For his part, Gilmore is "glad David started this conversation" on what privacy can mean. "But I part company on his policy proposals. His answer to it being easier to wiretap is to give everyone the capacity to wiretap everyone all the time. That's repugnant to the principles of this country, and while it's a neat rhetorical way to get rid of the problem, it's not compatible with our society."

Privacy War Quislings

John Gilmore is not the only person to run afoul of airline security recently. The ID demand dates back to an earlier airline terrorism scare in 1996, and has remained cloaked in secrecy and opposing claims over whether it was airline policy or government mandate. Both the feds and the airlines wanted the policy, and each wanted to blame its creation on the other. Freedom of Information Act requests have failed to ferret out the truth; as noted above, even federal judges making decisions about the regulation can't be trusted to know what it is. Many people have written their congressmen with complaints about being singled out for special scrutiny because their names are similar to names on the already existing watch lists or "no-fly" lists.

CAPPS II is, like TIA, still in flux; a legally required privacy-act notice filed on the program in January made it sound alarming indeed, and blithely stated that information gathered could be released more or less to anyone for any purpose, including the news media. For "individuals deemed to pose a possible risk to transportation security" (under unstated standards), the records would be kept for 50 years; for all others, supposedly purged at the end of your flight.

Since then, Transportation Security Administration (TSA) representatives have met with representatives of the privacy rights community and discussed a less-thorough tracking program. While no one at TSA said this explicitly, it is possible that the early warning system of privacy-conscious interest groups and media might actually rein in CAPPS II. Lara Flint of the Center for Democracy and Technology, one of the activists who met with TSA representatives, reports that TSA now says that commercial databases will only be checked to help verify identity in most cases -- and that further examination of the databases will involve only those who don't check out in that first identity-verifying inspection (to, for example, see if there is a previous paper trail of this name living at this address). And according to a TSA press release, "TSA will not see the data used to generate those scores" that mark you as free to go or subject to further scrutiny.

Still, despite lacking explicit congressional authorization, TSA made a deal with Delta airlines to start test runs of CAPPS II at selected airports this spring, which led to a ferocious Web-based boycott campaign against the airline, one that generated lots of anger and e-mail even if it hasn't brought Delta to its knees. "Do you really want to trust Delta with your bank account, SSN, mother's maiden name, or credit rating?" asks Boycott Delta majordomo Bill Stennett at boycottdelta.org. "By their own admission, Delta's computer servers are attacked over 500 times a day."

While others have had complaints about airline ID requirements, Gilmore is unique in making them a federal case. Most Americans, it seems, don't really care very much about their privacy. There are plenty of Americans "who would give away their life story for a Big Mac," observes Sonia Arrison, who studies privacy issues for the Pacific Research Institute and who prefers market solutions over regulatory ones for consumer privacy concerns.

If government in our representative democracy is supposed to respond to people's stated concerns, then government punctiliousness about privacy might actually be exceeding the public's demands. Consider for example: