Reason Magazine

As you enter the airport, you pass security screening devices that check the RFIDs -- radio frequency identification devices -- that are built into almost every consumer item in your car, including your tires. The information is checked against a database that includes who bought each item, where and when they purchased it, and for how much. As you park, security cameras run your face scan against a database of known or suspected criminals.

As you check in, your biometrically encoded national ID (a perennial legislative favorite, though not in active play at the moment) is scanned and your identity is checked against every available database the government can access, public and private. This will likely include, among many others:

• the DNA database (which the Bush administration is now trying to expand from convicted adult criminals to all arrested suspects and juvenile criminals);
• the "deadbeat dad" database (a poster child for the inevitable mission creep of all government databases, it has already expanded in just a few years to be used to track down student loan deadbeats and unemployment cheats);
• the National Criminal Information Center database (39 million criminal records right now, and the Justice Department in March declared that it no longer had to worry about the former statutory duty to make sure the information in it was accurate);
• gun buyer and sexual predator databases;
• various state databases on users of certain controlled prescription drugs; and
• the centralized health database made possible through the Health Insurance Portability and Accountability Act's single health identifier number. This last is officially law, though because Congress has zero-funded it every year it is not yet in operation. Rep. Ron Paul (R-Tex.) glumly predicts that it might be funded this year, thus ending the current practical obscurity that keeps our medical privacy relatively safe.

With all that information, the airline could judge whether you pose a health threat or a security threat, or whether you should have a long talk with a law enforcement officer.

Do we want to live in a world where getting on a plane depends on having every single drive, debt, trip, interaction with a doctor, and violation of a statute scrutinized -- even if we think we aren't "guilty" and thus have "nothing to fear"? The ultimate privacy fear is of course the reductio ad hitlerum: Imagine Hitler with a database that told him who and where all the Jews were. The full range of what guilty can mean in a database nation suddenly seems more sinister.

Rounding up the Jews is not going to happen in America, but there may be many worrisome things that the government might want to know about you and might want to keep on record, a record that will follow you everywhere you go and be a factor in everything you try to do: drug-use history, gun-use history, membership in or aid-and-support of certain organizations that may in the future be considered subversive or terrorist. Ask the peace activists kept off planes by the no-fly list -- probably (though no one is sure) because Secret Service watch lists were thrown into the mix. Every missed payment on every bill and ticket, every old debt, and with RFIDs, every object we have on our person and where we bought it could easily be known by any government official who wanted to know -- for whatever reason.

Do only the guilty have reason to fear? That is your old unpaid traffic ticket, right? Maybe it isn't. Data management consultant Larry English of Information Impact stresses just how shoddy the data management and confirmation practices of many commercial databases are. No one knows how many mistakes are out there, but there are certainly plenty. And the consequences of such bad information in a TIA and CAPPS II environment can be severe.

Who Owns "Private" Information?

As the "we are all guilty" argument suggests, the concerns of some privacy activists are about preserving old definitions of privacy in the face of new technology. The ability to delve ever deeper into our lives will force us to grapple with continually new questions about technological possibility and social acceptability. "Genetic privacy" defenders, for example, insist there should be laws keeping insurance companies from knowing your genetic details, since they could use them to assess more accurately any genetically based health risks and charge you more for insurance.

Yet why is it OK for an insurance company to know, say, that I am a 34-year-old male with a particular car and driving record, so it can calculate my car insurance rate, but not know things about my genes in order to calculate my life insurance rate? Should all insurance be generic, with the company knowing nothing about our relative risks? Is there a right -- or at least a socially established principle -- that we should be able to keep certain data secret in our dealings with our insurance companies, merely because knowing such things was once difficult or impossible?

Unknotting privacy dilemmas from first principles can be tricky, or at least lead to results that don't jibe with most people's felt intuitions. There is a respectable libertarian pedigree for the argument that you don't have any rights over any information about yourself that might be floating around. That notion is based on the principle that to the greatest extent possible, rights should be seen as property rights: the right to do what you will with what is rightfully yours, starting with your own body.

From those Lockean beginnings, one can decide that once information enters other people's heads (or databases) without any force or fraud, it now belongs to them to do with what they will. Legal attempts to stymie this process would be free-speech violations -- attempts to limit what people can do with what they know. This principle would undercut most of the concerns of the official privacy activist community, who tend to look askance at commercial database collection for the purposes of marketing and deciding what to charge people.

There is a tension in the privacy activist community between the perception of government as the great violator of privacy and the perception of it as our champion against the depredations of rapacious marketers. But ultimately all marketers want to do with information about you is pitch products more effectively. The real threat that private databases pose is limned by TIA -- that they can and will be accessed by the government for its own purposes. Businesses can and will market obtrusively, but in the end they need their customers' good will and are at least in theory amenable to contract to regulate what they do with the information they collect. Government can and will jail you -- and unless you happen to be part of a significant voting bloc, it doesn't particularly care what you think about it.

Once a technology is out of the box, it can't be taped back up and returned to the manufacturer. People will do what people are able to do. But they won't necessarily do it all the time. Good sense, kindness, and decency can be surprisingly potent weapons against unchecked human power and ambition, as can convention and even new technologies. Answering machines and call-muting, for example, evolved to manage the privacy-shattering powers of the telephone, a device that allows strangers to set off alarms in your house simply by punching a few numbers on a remote keypad. Technology's eyes and ears are spreading, as are the "brains" to process the signals that ceaselessly pour in from them. But will these sensors inevitably be everywhere?

The technological know-how that leads to privacy-destroying devices could also lead to mechanisms to disable those devices, or to render unnecessary some innovations potentially hazardous to privacy. For example, the VeriChip -- essentially an RFID implanted in your body -- could contain all your medical records. No outside database would be needed; any doctor could access your vital data from the chip.