Privacy

Suspected Terrorist

Multimillionaire John Gilmore is suing the government to remain anonymous. Is this the last stand for privacy?

|


It's January, and I'm entering the federal courthouse in San Francisco to attend the opening hearing in the case of Gilmore v. Ashcroft, et al. John Gilmore, a computer industry multimillionaire and libertarian activist, is suing the federal government and two airline companies because the airlines demanded to see his ID before they would let him on a plane.

An affable courthouse guard asks me to show him an ID. I comply automatically.

"Did you see the ZZ Top-looking fellow who came through earlier?" the guard at the door says to another one manning the X-ray machine. "When I asked him to show me his ID, he asked me to show him one."

"Did you?" I call back from the other side of the metal detector.

"Sure, why not?"

Why not, indeed? The world does not indulge those who refuse to flash identification when asked. Earlier that week, I was purchasing my first cell phone. Bursting with bile over such intrusive requests because I'd been researching the Gilmore case, I frostily walked out of one Cingular store after the clerk demanded my Social Security number and couldn't even tell me why. She just blandly, coldly repeated: "It's a necessary part of the form."

After 40 more minutes of driving around Los Angeles and another such demand, I finally found an easygoing young man in a cell phone store who at least had an answer. "We need it for the credit check."

OK. They'd all probably have to do a credit check, right? Wouldn't want my own record mixed with some deadbeat Doherty. I just wanted a cell phone. I went through the familiar ritual: recited the number. Didn't even transpose a couple of digits like I sometimes do. After all, I'm asking them to give me a free phone and start trusting me to pay monthly bills for services already rendered. It doesn't really burden me, and it's necessary.

Just like showing an ID to get on an airplane. At least that's what the federal government is trying to convince Federal District Judge Susan Illston today.

Privacy Dogfight

Gilmore enters the courtroom, exuding what they used to call positive vibes. He's wearing a bright color-splashed tie and Dr. Seuss socks in open-toed sandals. His hair and beard are long and wispy. He hugs some friends and greets the "ZZ Top-looking fellow" who puckishly challenged the guards. That would be Edward Hasbrouck, a professional travel writer also trying to sever the tightening data webs in which the government is planning to enmesh travelers.

John Gilmore is here today because on July 4, 2002, representatives of Southwest Airlines in Oakland and United Airlines in San Francisco refused to let him board a plane to Washington, D.C., when he wouldn't show them an ID. He wished to fly, he says, in order to personally petition his elected representatives for a redress of grievances. Gilmore thinks the airlines' ID policy is based on a secret demand from the federal government. He committed his act of civil disobedience against the security state on July 4 explicitly for the symbolism.

Gilmore can afford to be here because he made a great deal of money in the 1990s as employee No. 5 of Sun Microsystems and as a one-third owner of Cygnus Solutions, a company sold for what Gilmore vaguely remembers was "around $675 million." (The vagueness comes across as oddly charming, not airily plutocratic.) Gilmore is used to quixotic fights against the legal system. A dedicated libertarian, he spends some of his free time and money agitating for medical marijuana rights, though he is a hardcore abolitionist about all drug laws.

While Gilmore remembers 9/11, when 19 villains used airplanes to murder 3,000 innocent people, he maintains that showing ID before getting on a plane is just a way to make the rubes feel safer. Anyone can flash a card with his or her picture (or someone who looks like him) and a name and address.

Real security, he believes, comes from making sure travelers don't have weapons or explosives on them and having people on planes ready to fight would-be hijackers. Thus, the ID demand—apparently the result of the still-secret government mandate—serves no necessary state purpose and violates his right to travel, his rights to peaceably assemble and to petition his government for redress of grievances, and his Fourth Amendment right to be free of unreasonable searches.

The government wants the case thrown out of court. It wants to convince Judge Illston that the ID regulation in question is "sensitive security information" and must remain secret. It also argues that precedent has established that burdens on just one mode of transportation do not limit the constitutional right to interstate travel, and that ID requests aren't really "searches" under Fourth Amendment law.

Judge Illston is exasperated when she can't figure out exactly what it is Gilmore is complaining about. His case appears to mix his specific claim of injury from the ID demand with complaints and fears about "no-fly" lists and passenger screening systems—both the existing Computer Assisted Passenger Prescreening System (CAPPS) and the proposed, more thorough, CAPPS II.

It's all about public safety, Justice Department lawyer Joe Lobue tells the judge. The no-fly list is to identify people known to be a threat to aviation security. Systems like CAPPS II provide pattern clues that indicate people who might represent such a threat. We need to know who we are dealing with to make those security programs work.

The judge is equally tough on Lobue. Gilmore's lawyers claim that this mysterious regulation about ID is "void for vagueness," since citizens can't know precisely what the law requires. Lobue insists that it isn't:

Judge: What is the rule, if at all, concerning identification?

Lobue repeats why the government thinks that asking for ID is vital for safety purposes.

Judge: I understand, you said all of that. You were saying the rule is not void for vagueness and we can move on. I just want to know what the rule is that isn't void.

Lobue: If you are asking me to disclose what's in the security directives, I can't do it.

Privacy vs. Openness

The Justice Department hoped it would ground Gilmore's suit. But Illston doesn't accept its motion to dismiss on the spot. As of this writing (late May), she is still contemplating whether the case will go any further, and in what manner. Gilmore's lawyer, Bill Simpich, is confident the case will continue, and is prepared to appeal any decision to dismiss.

After the hearing Gilmore is passing out little buttons with an image of a plane and the slogan "suspected terrorist." Charmed, I pin it to my suit coat. Leaving Gilmore later after lunch in the courthouse cafeteria, I take it off and bury it in the inner pocket of the coat, where I make sure it remains until I've safely flown home to Los Angeles.

Gilmore's efforts will almost certainly prove futile. Even if he reveals the government's secret ID demands and has them rescinded, it won't prevent what happened to him from happening again. The most likely outcome will be airlines declaring that, even absent any federal regulation, it's their policy that everyone shows a government-issued ID before getting on a plane. If that happens, Gilmore is prepared to sue the airlines. He doesn't think such a policy could legitimately be considered separate from a state demand in such a heavily regulated industry.

Gilmore thinks most Americans aren't nearly tenacious enough in defense of their freedoms. "The biggest threat [to privacy] is public complacency," he tells me. Indeed, most Americans—trained to flash ID as naturally as smiles—would find Gilmore's crusade eccentric if not dangerously nuts. He hopes his fight will prove educational for them, even if he fails. "Then the society that results will educate people. But it will be a shame, because it will be harder to win that ground back," he says.

Gilmore is on the front lines of a battle to decide just what privacy will—or can—mean in 21st-century America. The federal government is working on at least two huge programs designed to gather enormous quantities of computer-available data and run algorithms to decide how individuals will be treated. One is CAPPS II, Gilmore's special concern. This program builds on the aforementioned Computer Assisted Passenger Prescreening System, which uses only information in the airlines' reservation system plus a secret government-supplied algorithm to choose who gets set aside for special screening. CAPPS II is intended to use a wider range of commercial and governmental databases to help decide who gets directly on a plane, who gets set aside for special inspection, and who gets the cops called on him forthwith.

The other program, more wide-ranging and ominous, was originally known as Total Information Awareness but is now being called Terrorism Information Awareness (TIA). Although Congress demanded an explanation of the program's intent and privacy effects and forbids its actual deployment pending legislative approval, TIA's parent agency, the Defense Advanced Research Projects Agency, is gleefully forging ahead, paying private contractors to begin developing the system. Shrouded in rumor and panic, TIA is apparently meant to mine data from the full body of available information, from both public and private sources, in order to find patterns that hint at nefarious goings-on.

TIA's precise parameters and proposed goals remain uncertain. That may change when the program becomes fully operational—or it may not. Either way, it hasn't stopped privacy and security mavens from gathering at learned conferences and debating whether it will be Big Brother reified or a sensible security tool.

Strengthening the state's ability to instantly check every bit of information ever recorded about us in a computer—potentially including insurance claims, credit records, magazine subscriptions, travel plans, and on and on—certainly intrudes on our privacy. But why—especially in a post-9/11 world—should Americans particularly care, after balancing the costs with potential benefits? Why does John Gilmore worry about an airline knowing who he is? Why should you worry if the federal government knows what's in your credit report or whether you've paid your municipal fines?

All these questions might be moot. Some privacy theorists have concluded—in sorrow if not necessarily in anger—that privacy, defined as the ability to keep information about ourselves to ourselves, is already dead and buried.

Science-fiction writer David Brin, in his influential non-fiction book The Transparent Society (1999), posited that it's impossible to keep most facts about ourselves private. We could sit and whine about it, he declares, or we could smarten up and realize that the most precious aspect of our very wealthy, very free Western world has never been privacy, secrecy, or anonymity. Rather, it has been a freewheeling openness, with information flowing everywhere. Brin believes that data must flow in all directions: not just from the bottom up but from the top down, not just to the state but about the state, not just through our bedrooms but from our courtrooms.

Brin argues that the endless fight to preserve civil rights by trying to close the government's eyes is futile. We can watch government, but we can't blind it. "I tell people to go to the zoo and climb in the baboon cage," he says. "Take a sharp stick and try to poke out the eye of the biggest baboon. He won't let you. But he may reluctantly let you look at him."

Plans like TIA don't surprise Brin a bit. "There is no way on God's green earth to keep elites from seeing," he says. The technologies of surveillance and information-gathering and processing are getting smaller, more efficient, and more ubiquitous. Miniaturized cameras, recording devices, and global-positioning satellite (GPS) technology—to name just some of the relevant technologies—mean the bogeyman of cheap, universal tracking is already here.

Brin insists that freedom and civil rights, even for dissidents, will be able to survive in such a world. In fact, he provocatively suggests that they might even thrive, as surveillance technologies are used to keep the powers-that-be in check (remember Rodney King?). In any case, given our tribal past, Brin argues that anonymity of the sort Gilmore craves is unnatural for human beings. He offers a thought experiment in his book to show how transparency can aid, not quash, the outré and dissident: "If you see a person engaged in some bizarre activity in your neighborhood—perhaps performing a strange dance, or erecting a mysterious device, or just mumbling to himself"—what will make you feel at ease, less likely to investigate or suppress the behavior? If it is a "total stranger" wearing "a ski mask and a heavy overcoat" who refuses to tell you anything about himself, or if it is someone "whose life history is familiar, who readily answers questions?"

For his part, Gilmore is "glad David started this conversation" on what privacy can mean. "But I part company on his policy proposals. His answer to it being easier to wiretap is to give everyone the capacity to wiretap everyone all the time. That's repugnant to the principles of this country, and while it's a neat rhetorical way to get rid of the problem, it's not compatible with our society."

Privacy War Quislings

John Gilmore is not the only person to run afoul of airline security recently. The ID demand dates back to an earlier airline terrorism scare in 1996, and has remained cloaked in secrecy and opposing claims over whether it was airline policy or government mandate. Both the feds and the airlines wanted the policy, and each wanted to blame its creation on the other. Freedom of Information Act requests have failed to ferret out the truth; as noted above, even federal judges making decisions about the regulation can't be trusted to know what it is. Many people have written their congressmen with complaints about being singled out for special scrutiny because their names are similar to names on the already existing watch lists or "no-fly" lists.

CAPPS II is, like TIA, still in flux; a legally required privacy-act notice filed on the program in January made it sound alarming indeed, and blithely stated that information gathered could be released more or less to anyone for any purpose, including the news media. For "individuals deemed to pose a possible risk to transportation security" (under unstated standards), the records would be kept for 50 years; for all others, supposedly purged at the end of your flight.

Since then, Transportation Security Administration (TSA) representatives have met with representatives of the privacy rights community and discussed a less-thorough tracking program. While no one at TSA said this explicitly, it is possible that the early warning system of privacy-conscious interest groups and media might actually rein in CAPPS II. Lara Flint of the Center for Democracy and Technology, one of the activists who met with TSA representatives, reports that TSA now says that commercial databases will only be checked to help verify identity in most cases—and that further examination of the databases will involve only those who don't check out in that first identity-verifying inspection (to, for example, see if there is a previous paper trail of this name living at this address). And according to a TSA press release, "TSA will not see the data used to generate those scores" that mark you as free to go or subject to further scrutiny.

Still, despite lacking explicit congressional authorization, TSA made a deal with Delta airlines to start test runs of CAPPS II at selected airports this spring, which led to a ferocious Web-based boycott campaign against the airline, one that generated lots of anger and e-mail even if it hasn't brought Delta to its knees. "Do you really want to trust Delta with your bank account, SSN, mother's maiden name, or credit rating?" asks Boycott Delta majordomo Bill Stennett at boycottdelta.org. "By their own admission, Delta's computer servers are attacked over 500 times a day."

While others have had complaints about airline ID requirements, Gilmore is unique in making them a federal case. Most Americans, it seems, don't really care very much about their privacy. There are plenty of Americans "who would give away their life story for a Big Mac," observes Sonia Arrison, who studies privacy issues for the Pacific Research Institute and who prefers market solutions over regulatory ones for consumer privacy concerns.

If government in our representative democracy is supposed to respond to people's stated concerns, then government punctiliousness about privacy might actually be exceeding the public's demands. Consider for example:

  • Americans' near-universal willingness to embrace the convenience of credit cards and ATM cards even though they create permanent records of what you buy and when and where you buy it, and when you obtain cash and in what amount.
  • The widespread use of car transponders that create permanent records of each time your car passes a toll booth, just so you can avoid stopping and rifling through your pockets for change. (Where available, these devices tend to win the patronage of over half of motorists, according to Peter Samuel, editor of Toll Roads Newsletter.)
  • The popularity of supermarket club cards that collate permanent records of your grocery spending just so you can get 12-packs of Diet 7-Up on the cheap.
  • A recent poll showing that three-fourths of a polled group of frequent business fliers would be "very" or "extremely" willing to undergo fingerprint scans and 61 percent equally thrilled to have a national ID card with thumbprint if only they could move faster through those goddamn airport security lines.

In practice, the overwhelming majority of us are more than happy to accept the conveniences that make tracking and database building possible. We thus have a lot of databases for a TIA to choose from—more than anyone (or any database) has even tallied.

Only the Guilty Have Reason to Fear

Still, we don't have a fully functioning database nation yet. Private investigators and database management spokesmen point out that we do not yet live in a world where someone can pop your name into a computer and have a fat dossier come shooting out of the LaserJet with your name, address, income, bad checks, and old girlfriends in a convenient list, even though private—and government—databases do continue to multiply.

D.C.-area private investigator Ken Cummins sounds like David Brin when he points out that databases are of enormous help in totally legitimate tasks—making people pay their debts, finding fleeing miscreants. Obscurity is indeed the friend of much of the world's evil, as Brin insists when he rails that "financial privacy" concerns are just camouflage for drug dealers and tax evaders. But even in this high-tech world, private eyes often have to find things out through phone calls, physical tracking, and digging through garbage, just like in the old days.

It's also clear from examining the techniques of private eyes that laws restricting who has access to government databases don't mean much—the real danger comes from those with a legitimate reason to use them. Sometimes the best way to get information from privileged databases is to apply persuasion to those who have professional access to them. As many real-world cases show, any system with a human element is inherently insecure. As James Lee, marketing chief of ChoicePoint, tells me, most of what professional database companies pull together for their clients comes from tedious collation of public records—in other words, from the government.

Not that the government provides no protection for your privacy. Specific public controversies have led to specific privacy laws. Robert Bork had his video rental record made public, and we got the Video Privacy Protection Act of 1988. Actress Rebecca Schaeffer got murdered by a stalker who found her address through state motor vehicle records, and we got the Drivers Privacy Protection Act of 1994. It's doubtful, though, in the post-9/11 environment, that any personal embarrassment or tragedy that accompanies things like CAPPS II will lead to crisis laws to protect travelers' privacy.

When it comes to protecting information about ourselves—our privacy or, as John Gilmore wishes, our anonymity—what can we do about it? What right do we have to do anything about it?

Many privacy concerns are more a matter of sensibility than of objective injury. It is probably true that in most cases a lot more trouble will come from refusing to show an ID than would ever come of showing it. When I talk to people about this story, those who aren't professional privacy activists often ask me, Why the hell is Gilmore fighting about this? Still, some people do consider it an affront that anyone would demand private information from them that they have no good reason to obtain.

Most objections to Gilmore's beliefs about anonymity and privacy can be reduced to the familiar slogan: Only the Guilty Have Reason to Fear. Why, if you have nothing to hide, do you care who knows who you are, your credit and medical records, or what you've been reading in the library and renting from the video store?

That slogan may be silly, but it's important. Not because it settles any arguments, but because it delineates boldly what's at stake. It also makes possible a similarly bold, clearly widely believed, yet rarely voiced response: We are all guilty, and we don't want to live in a world where there is no room to get away with being guilty.

As the Pacific Research Institute's Arrison says, "We all make errors and mistakes, and if we are constantly slapped for every single thing we do, it would make a really terrible place to live. A society that expects us all to be infallible is unnatural."

Secure Beneath Watchful Eyes

Imagine an airplane flight in a very plausible future in which John Gilmore's fight has been lost. While not everything in it is happening now, there are few technological or legal barriers to keep this scenario from becoming real in the near future.

On your way to the airport, you are passing tollbooths while your transponder makes a record of where you are. Your cell phone is GPSed, and your phone records could identify where your phone is or was at any time. Your car is also equipped with a transponder-triggered traffic-law enforcement device that spits a speeding ticket out of your dash every time you exceed the speed limit for more than a minute, the sum precisely calibrated to the level of your crime. (You got a problem with that? Only the guilty have reason to fear!)

As you enter the airport, you pass security screening devices that check the RFIDs—radio frequency identification devices—that are built into almost every consumer item in your car, including your tires. The information is checked against a database that includes who bought each item, where and when they purchased it, and for how much. As you park, security cameras run your face scan against a database of known or suspected criminals.

As you check in, your biometrically encoded national ID (a perennial legislative favorite, though not in active play at the moment) is scanned and your identity is checked against every available database the government can access, public and private. This will likely include, among many others:

  • the DNA database (which the Bush administration is now trying to expand from convicted adult criminals to all arrested suspects and juvenile criminals);
  • the "deadbeat dad" database (a poster child for the inevitable mission creep of all government databases, it has already expanded in just a few years to be used to track down student loan deadbeats and unemployment cheats);
  • the National Criminal Information Center database (39 million criminal records right now, and the Justice Department in March declared that it no longer had to worry about the former statutory duty to make sure the information in it was accurate);
  • gun buyer and sexual predator databases;
  • various state databases on users of certain controlled prescription drugs; and
  • the centralized health database made possible through the Health Insurance Portability and Accountability Act's single health identifier number. This last is officially law, though because Congress has zero-funded it every year it is not yet in operation. Rep. Ron Paul (R-Tex.) glumly predicts that it might be funded this year, thus ending the current practical obscurity that keeps our medical privacy relatively safe.

With all that information, the airline could judge whether you pose a health threat or a security threat, or whether you should have a long talk with a law enforcement officer.

Do we want to live in a world where getting on a plane depends on having every single drive, debt, trip, interaction with a doctor, and violation of a statute scrutinized—even if we think we aren't "guilty" and thus have "nothing to fear"? The ultimate privacy fear is of course the reductio ad hitlerum: Imagine Hitler with a database that told him who and where all the Jews were. The full range of what guilty can mean in a database nation suddenly seems more sinister.

Rounding up the Jews is not going to happen in America, but there may be many worrisome things that the government might want to know about you and might want to keep on record, a record that will follow you everywhere you go and be a factor in everything you try to do: drug-use history, gun-use history, membership in or aid-and-support of certain organizations that may in the future be considered subversive or terrorist. Ask the peace activists kept off planes by the no-fly list—probably (though no one is sure) because Secret Service watch lists were thrown into the mix. Every missed payment on every bill and ticket, every old debt, and with RFIDs, every object we have on our person and where we bought it could easily be known by any government official who wanted to know—for whatever reason.

Do only the guilty have reason to fear? That is your old unpaid traffic ticket, right? Maybe it isn't. Data management consultant Larry English of Information Impact stresses just how shoddy the data management and confirmation practices of many commercial databases are. No one knows how many mistakes are out there, but there are certainly plenty. And the consequences of such bad information in a TIA and CAPPS II environment can be severe.

Who Owns "Private" Information?

As the "we are all guilty" argument suggests, the concerns of some privacy activists are about preserving old definitions of privacy in the face of new technology. The ability to delve ever deeper into our lives will force us to grapple with continually new questions about technological possibility and social acceptability. "Genetic privacy" defenders, for example, insist there should be laws keeping insurance companies from knowing your genetic details, since they could use them to assess more accurately any genetically based health risks and charge you more for insurance.

Yet why is it OK for an insurance company to know, say, that I am a 34-year-old male with a particular car and driving record, so it can calculate my car insurance rate, but not know things about my genes in order to calculate my life insurance rate? Should all insurance be generic, with the company knowing nothing about our relative risks? Is there a right—or at least a socially established principle—that we should be able to keep certain data secret in our dealings with our insurance companies, merely because knowing such things was once difficult or impossible?

Unknotting privacy dilemmas from first principles can be tricky, or at least lead to results that don't jibe with most people's felt intuitions. There is a respectable libertarian pedigree for the argument that you don't have any rights over any information about yourself that might be floating around. That notion is based on the principle that to the greatest extent possible, rights should be seen as property rights: the right to do what you will with what is rightfully yours, starting with your own body.

From those Lockean beginnings, one can decide that once information enters other people's heads (or databases) without any force or fraud, it now belongs to them to do with what they will. Legal attempts to stymie this process would be free-speech violations—attempts to limit what people can do with what they know. This principle would undercut most of the concerns of the official privacy activist community, who tend to look askance at commercial database collection for the purposes of marketing and deciding what to charge people.

There is a tension in the privacy activist community between the perception of government as the great violator of privacy and the perception of it as our champion against the depredations of rapacious marketers. But ultimately all marketers want to do with information about you is pitch products more effectively. The real threat that private databases pose is limned by TIA—that they can and will be accessed by the government for its own purposes. Businesses can and will market obtrusively, but in the end they need their customers' good will and are at least in theory amenable to contract to regulate what they do with the information they collect. Government can and will jail you—and unless you happen to be part of a significant voting bloc, it doesn't particularly care what you think about it.

Once a technology is out of the box, it can't be taped back up and returned to the manufacturer. People will do what people are able to do. But they won't necessarily do it all the time. Good sense, kindness, and decency can be surprisingly potent weapons against unchecked human power and ambition, as can convention and even new technologies. Answering machines and call-muting, for example, evolved to manage the privacy-shattering powers of the telephone, a device that allows strangers to set off alarms in your house simply by punching a few numbers on a remote keypad. Technology's eyes and ears are spreading, as are the "brains" to process the signals that ceaselessly pour in from them. But will these sensors inevitably be everywhere?

The technological know-how that leads to privacy-destroying devices could also lead to mechanisms to disable those devices, or to render unnecessary some innovations potentially hazardous to privacy. For example, the VeriChip—essentially an RFID implanted in your body—could contain all your medical records. No outside database would be needed; any doctor could access your vital data from the chip.

In many significant areas of life, the legal and technological fight for privacy appears to be over. Your employer pretty much has the right—and the ability, thanks to aforementioned technologies and things like keystroke-recording software—to snoop on everything you do, say, and write while on his property. It is an irony little appreciated by those who call on the government to protect your privacy from your boss that the biggest job-privacy concerns are caused by government policies. These include the tax laws that link health insurance to your job and thus make all your choices—even in private life—part of the boss' bottom line, and the occupational safety and discrimination laws (and lawsuits) that drive most employer record-keeping.

Courts have declared that being visually snooped on in public spaces is just fine, since you have no meaningful presumption of privacy there. Thus the awesome proliferation of video surveillance cameras. No one seems to know exactly how many are out there—national estimates range from 2 million to 11 million. In New York, the Surveillance Camera Players, a guerrilla theater group, is trying to change the social consensus about these cameras. Members count cameras and, when they find them, map them on the World Wide Web. Such grassroots activism and information-sharing might do more to help individuals make their own choices about how much privacy means to them than will any national legislation.

I Love to Fly and It Shows

At the root of most privacy complaints, whether aimed at marketers or at the state, is the desire not to be bugged, in the term's common colloquial sense: not to be bothered, not to be harassed. That people know certain things about us can creep us out—but should that mean we should restrict them from seeking out and spreading such knowledge, if done peacefully? We don't want e-mails or phone calls or mail we didn't ask for. (Except that some of us do at least some of the time, which shows why imposed legislative solutions to privacy concerns can't be optimized for everyone.) One of the benefits of modernity and urbanity over traditional life, as David Brin acknowledges, was that they allowed us to escape the village realities where everyone knew everything about us and judged us based on that knowledge. We came to the city to immerse ourselves in a soothing bath of anonymity.

The privacy rights movement doesn't talk about this much, but this very search for anonymity was the foundation of the modern database nation. Credit, for example, was originally based on merchants' personal knowledge of you and their judgment of your probity. But to enable a world where credit institutions can guarantee you everywhere on the planet, national institutions need to collate and check information easily. There's a reason the credit business—and the credit report business—has been steadily consolidating over the past 100 years. It is a very helpful, easy, convenient world. It is also a database world. Yet in some senses, it's a more private world because each individual merchant doesn't have to know a damn thing about you as long as the Visa system vouches for you.

The laws that supposedly defend our privacy are confused at best. Government right now certainly seems more intent on tearing down, not strengthening, the flimsy curtains we draw around our lives. Technology is doing the same. However, for every public surveillance camera, as one anti-camera activist has pointed out, there can be a laser pointer that temporarily disables it. And, perhaps more importantly, a clown to point it out and mock it.

David Brin, that prophet of a transparent society, laments the passing of the world he has verbally buried. It was fun while it lasted, this historical interregnum between the lack of privacy in the village and the lack of privacy in the bustling techno-metropolis. But lonely, too, he guesses.

The anti-Brins in this argument—best exemplified by the tireless John Gilmore—argue that we can fight and win ground. If our rights to anonymity and privacy mean anything to us at all, they say, we have to be willing to inconvenience ourselves for them, to pay for them, as Gilmore has done. I may doubt Gilmore's ability to win a meaningful victory, but his struggle strikes me as heroic. Still….

While working on this story, I needed to get to Atlanta. I found a surprisingly cheap ticket, at a perfectly convenient time.

It was on Delta, the airline that so raises the ire of privacy advocates because of its willing collaboration in testing the heinous CAPPS II system. I knew everyone concerned about privacy was supposed to be boycotting Delta. I'd even heard the anti-Delta spiel directly from the fellow who runs boycottdelta.com.

But I felt confident there was no information in any database anywhere that would keep me from getting on the plane. Only the guilty have reason to fear. And the ticket was more than 35 percent cheaper than anything else I could have gotten for that time. We'll give away our life story for a Big Mac.

I bought the ticket.