Taking part in the digital economy comes with a basic demand: expose yourself. The more you share, the more you avail yourself of its wondrous conveniences and benefits. We hardly give it a thought any more. Each year on January 28, civil libertarians honor World Data Privacy Day to call attention to this dire state of affairs. As one international data protection group states, “the objective of this day is to sensitize individuals and disseminate privacy practices and principles. It encourages everyone to own their privacy responsibilities to create a culture of privacy.”
For those who celebrate it, World Data Privacy Day is a day of great urgency, one when their rallying cry might rise above the din, urging us to halt the merciless pillaging of our private data—pillaging that, the reasoning goes, we tacitly condone and facilitate. Digital citizens and consumers must be wakened from their slumber, privacy advocates believe, and give thought to the security of their personal information, and how they are surrendering themselves to the power of their spies.
Emphasizing our agency and responsibility, this captures the general approach of privacy advocates the world over. But it is misguided, for, it puts too much emphasis on individuals as the focus of the fight. No matter how sensitized we are to the loss of privacy, lone individuals are no match for the sophisticated and powerful spies that prey upon our personal information.
Consider the European Union’s privacy regulations, which have been praised the world over (and which many in the U.S. would like to emulate). Principle measures in the General Data Protection Regulations include requiring companies to explain to consumers why they are collecting their data, how long they will hold the data, and how they will protect it. Consumers are prompted to consider such documentation before opting in to a company’s website (in the U.S., we may only opt out, after already visiting a website). Effectively, the GDPR aims to make data collection foremost in the minds of consumers as they navigate the digital universe.
The problem is, data analysis is increasingly esoteric. It is beyond our capabilities to parry or rebuff; we simply cannot comprehend what our spies look for, how they get it, and what they plan to do with the information.
One retailer, for example, has determined that purchasing “felt pads to keep our furniture from scuffing the floor” is a key indicator of creditworthiness. Did you know that? Could you have guessed that in advance? Did you also know that we are less creditworthy, data analysts have concluded, if loan applications are filled out in all capital letters, or include words like “promise,” “will pay,” and “hospital”?
These indicators make some sense, as unfair as they are. Harder to fathom, however, is how analysts determine creditworthiness from mining our smartphone behavior. They can study how often we change our phone battery, how many messages we receive, whether we are solicitous in returning calls, and how many contacts our phones contain, technology scholar Shoshana Zuboff explains. What exactly are they looking for? How does this behavior inform about our creditworthiness? That is all a mystery to us. Nor do we know if this manner of analysis is habitual, rare, or commonplace. What is clear, however is that our spies don’t need our data to know us well. Apparently, metadata (the data of our data) will do fine—and they do not need our consent to collect our metadata. Indeed, we don’t know when they tap into it.
Analysts can identify us by the way we hold our cellphones—at what angle—and how we swipe the screen. And Zuboff also tells how insurance companies can determine your premium not on the basis of “what you write about, but how you write it. It is not what is in your sentences, but in their length and complexity, not what you list, but that you list, not the picture but the choice of filter and degree of saturation, not what you disclose, but how you share or fail to.”
There is little chance of parity between us and our digital spies. We simply cannot fathom how they operate. Privacy regulations that suggest such parity can exist do us disservice. They offer a false sense of security—they lull us to sleep while our spies are busy pillaging our information in unfathomable ways. More importantly, however, they disempower us as democratic citizens.
Privacy regulations focus on the individual, and what we as individuals can do to protect our data. That effort is likely vain, given the immense power and rapid innovation of our spies—the tech firms that are among the richest in history. The threat to privacy is real; our plight is dire, before rapacious spies who may hope to influence our behavior with the data they acquire. Focusing on individual privacy protections isolates and atomizes us, however, while power rests in collective bodies.
“No man and no mind was ever emancipated merely by being left alone,” the American philosopher John Dewey states. Individual citizens are not the foundation—or bastion—of democratic freedom. The freedoms we enjoy, including privacy, are secured by associations, as Dewey puts it—associations that meet and mobilize in the public realm. History has borne this out repeatedly.
In the 1960s, civil rights activists in the American south were subjected to constant persecution. They never knew any privacy in which to plan out their difficult work in peace and security. They prevailed thanks to transformative protests carried out in public. Like the college students who occupied segregated lunch counters, endured food poured on their heads, insults hurled, and physical violence. Or the resilient Black citizens of Montgomery, Alabama, who, through diligent effort and coordination, organized a private taxi service among the residents during a months-long bus boycott against segregation. Or the famed Children’s Crusade in Birmingham, where singing children poured out of churches in peaceful, exuberant marches to occupy the segregated business district downtown.
Consider the labor movement, too. In the 1930s, General Motors ruled Flint, Michigan, with an iron fist, aiming to quash worker dissent. As one employee explained, GM “so completely run[s] this town and have it so well propagandized to their own good that one doesn’t even talk here. You have no liberties at all. You couldn’t even belong to a union and breathe it to a soul. That soul would probably be a spy.” Nevertheless, workers orchestrated one of the most remarkable strikes in labor history, launching sit-ins at their factories, occupying them for over a month. Despite ominous threats, the workers persisted through coordinated action, and prevailed.
Privacy is insufficient of its own to secure our liberty—if privacy can be managed at all, given the threat before us. Now more than ever, we must recall that to preserve our personal freedom, ironically, we must reach out, branch out, and form powerful bonds with one another. We are best protected by the collective bodies we form, and the civic arts of organizing.