Privacy and Its Big Brother, #internet50

A giant blue eye with lines of binary code written over it

By Kent Wada. In case you missed it, the people of the State of California have voted to include privacy as an inalienable right. Go look for yourself: it’s right there in Article 1, Section 1 of the California Constitution:1

CALIFORNIA CONSTITUTION, ARTICLE 1 DECLATION OF RIGHTS, SECTION 1. All people are by nature free and independent and have inalienable rights. Among these are enjoying and defending life and liberty, acquiring, possessing, and  protecting property, and pursuing and obtaining safety, happiness, and privacy.

Those of you who voted for Prop 112 in 1972, thereby adding privacy alongside safety and happiness, take a bow. Your prescience meant it took a mere three years from the Internet’s birth in 1969 to recognize its implications for the decades to come – and to act on it.


To be clear, I might chuckle at my little joke since the two events were unconnected,3 but not at the people who made this Constitutional amendment a reality almost fifty years ago. And privacy and the Internet have grown up so intertwined as to make for one wicked problem. It’s like climate change, with the major difference being that many people couldn’t tell you what privacy is to begin with.

Plus ça Change…

While moderating a data privacy day panel a couple of years ago, I made the comment that you are your data. If it was horrifying to some at the time, it’s only worse now: the number of contexts keeps expanding in which decisions are made about us based solely on data about us. In some cases, it’s a choice we can make (at least for now): e.g., a life insurance policy that offers discounts based on your sharing of fitness data.4 For all of the weaknesses of the FICO score, we know it exists, how it’s used (to a degree), and can demonstrably affect it by our own behavior (even if our circumstances don’t permit that behavior). But what about AI that scores your job interview based on your facial movements and speech?5 Or one that scores your likelihood of reappearing in a courtroom and having that score displayed to the sentencing judge before a sentence is decided upon?6 And then there are all of those invisible data brokers whose scores are used to make so many other decisions about you. You have no idea they even exist,7 or about the data they use as a proxy for you.

This is possible, of course, because our digital exhaust is radiant. Each time we search for something, pay for something, indulge in some cat videos, take a walk, take a drive, or say something in our smart homes,8,9 we add to the record … our record. Our digital radiance becomes positively spectacular when anonymous or anonymized information about us can be re-identified.10,11 The effect is further amplified as the body of data to correlate against grows … and let’s not even talk about the heaps of fully identified data about us out there due to breaches.

So What?

Yes, yes, you say: I knew all of this, or could have guessed it. It doesn’t change anything. I have nothing to hide.

There is an authoritative response to this,12 but I will just say: Seriously? Let’s turn this around. If you were a telepath and could read others’ thoughts13 — and everyone knew this — do you believe your relationships would maintain status quo?14 What if you could read people even more deeply, not just their current thoughts, but into their past — being able to see every memory, every experience, everything that’s made a person who they are? Take a step further and think what it would mean, privacy-wise, to be able to change people’s memories. I don’t think this is so far from helplessly watching a victim of dementia lose their identity as their memories are stolen from them. Sci-fi? Hardly. We already have technology purporting to recognize emotion15 and even “read” minds;16 and surely at some point they, too, will serve as proxies seen to be good enough to be considered the equivalent of an empath or telepath.

There’s a wonderful quote by N. M. Richards and W. Hartzog in their article, “Taking Trust Seriously in Privacy Law:”

“Trust is beautiful. The willingness to accept vulnerability to the actions of others is the essential ingredient for friendship…and virtually every…activity that involves other people…. Trust is everywhere, but particularly at the core of the information relationships that have come to characterize our modern, digital lives:17

The word trust is often found in the orbit of the word privacy, as it should be: it should require agency to grant trust to others. It is not inconsistent with Frost’s “good fences make good neighbors.” Indeed, privacy is about self, and others’ respect for it: the right to be let alone,”18 as it were, in a moment of unbearable grief at the loss of a loved one. Privacy at its core exists entirely independently of technology or data.

It’s Not Just about You, It’s about Us

If you still feel you have nothing to hide, cherish it. Social norms change just as technologies do, and just as personal circumstances do. Someone who is financially secure never has to think about their FICO score; those with a poor score are treated equally whether resulting from spendthrift behavior or a medical emergency without good health insurance. You may never have to face an interview algorithm because you aren’t applying for an entry-level help desk job with a thousand people vying for 5 positions: but your kids might; and they won’t have the benefit of asking the hiring manager how they might do better next time. What happens to your discounts for good health when your health status changes? We all age, after all. And at least for now, facial recognition is generally understood to be less accurate with women and people of color.19 Use of such technologies must be carefully considered if an organization wants to assert that diversity, equity, and inclusion are important to it.

In this vein, let’s be thoughtful if we choose to point fingers. Certainly, we must each act responsibly about how we offer our data and our trust to others. But it’s equally important not to blame the victim20 when structural inequalities so often put effective control beyond our reach. What does it even mean to “act responsibly” when we have been reduced to a binary space: endless, complicated privacy options that serve more to annoy than to help meaningfully pierce the opacity of risk on the one hand; or a free-for-all on the other? The benefits we enjoy from privacy laws are foundational, but they are a proxy for safeguarding privacy writ large.

The Conversation Must Continue

The implications of being awash in a world of data about ourselves are tremendous, from surveillance and government control or private-sector discriminatory behavior,21 to online manipulation of global online communities,22 to the wholesale loss of anonymity and all that implies. (What would you do if you were an undercover spy, knowing that airport after airport is implementing facial recognition?23) A certain degree of global agreement will have to be part of the solution.24 And as with so many wicked problems, it’s easy to be overwhelmed into paralysis as individuals. What difference will the actions of one person make, anyway?

Okay, reel me back down to ground level. I’ve barely scratched the surface, but this is not meant to be a one-sided diatribe in a space of nuance and complexity. Instead, let this be a call to action, to being informed, for the marvels wrought by endless innovation are certain to simultaneously push endlessly on our social norms. As a colleague always reminds me: baby steps. Pick something relevant to you. If you have a tween, see what’s behind a popular social media app.25,26 If your daughter or son is a student-athlete in college, become acquainted with the promise and perils of cutting-edge technology.27 If you travel internationally, learn about the unique properties of border crossings.28 If you host dinner parties, practice transparency and disclose to each guest that you have a digital personal assistant in your home that will be listening to your conversations; and see where that takes you.29

As we head into the millennium’s third decade and the Internet’s sixth, I know higher ed will continue to have an important voice in the conversation, whether as scholars, practitioners, or institutions. And call me biased, but I’m delighted California continues to be a privacy leader.30 Now all that’s missing is you.

Kent Wada, director, policy and privacy and chief privacy officer at UCLA.Kent Wada is director, policy and privacy and chief privacy officer at UCLA.







  1. Declaration of Rights. Vol Article 1. Accessed December 30, 2019.
  2. Kelso JC. California’s Constitutional Right to Privacy. Pepp L Rev. 1992;19(2):159.
  4. Chen A. What happens when life insurance companies track fitness data? The Verge. Published September 26, 2018. Accessed November 30, 2019.
  5. Harwell D. A face-scanning algorithm increasingly decides whether you deserve the job. The Washington Post. Published November 6, 2019. Accessed December 2, 2019.
  6. Thompson D. Should We Be Afraid of AI in the Criminal-Justice System? The Atlantic. June 2019. Accessed January 1, 2020.
  7. Hill K. I Got Access to My Secret Consumer Score. Now You Can Get Yours, Too. The New York Times. Published November 5, 2019. Accessed November 30, 2019.
  8. What Happens on the Internet Every Minute (2019 Version) [Infographic]. Brayve Digital. July 2019. Accessed November 24, 2019.
  9. Desjardins J. What Happens in an Internet Minute in 2019? Visual Capitalist. Published March 13, 2019. Accessed November 27, 2019.
  10. Thompson SA, Warzel C. Twelve Million Phones, One Dataset, Zero Privacy. The New York Times. Published December 19, 2019. Accessed January 1, 2020.
  11. Rubenking NJ. TrackOFF Basic. PCMAG. June 2017. Accessed January 12, 2020.
  12. Solove DJ. “I’ve Got Nothing to Hide” and Other Misunderstandings of Privacy. San Diego Law Review. 2007;44:745. Accessed November 3, 2017.
  13. Rauhofer J. Doomed? Invisible privacy harms and the balance of power in the information age. Presented at the: Seventh Annual Privacy Law Scholars Conference; June 6, 2014; George Washington School of Law. Accessed January 14, 2020.
  14. Sookie Stackhouse. True Blood Wiki. Accessed January 13, 2020.
  15. Ikeda S. Amazon Claims Facial Recognition Service Can Now Read Fear on Human Faces, Amplifying Privacy Concerns. CPO Magazine. August 2019. Accessed September 3, 2019.
  16. Kaplan J. The Machines That Will Read Your Mind. Wall Street Journal. Published April 5, 2019. Accessed January 27, 2020.
  17. Richards NM, Hartzog W. Taking Trust Seriously in Privacy Law. Stan Tech L Rev. 2015;19:431-472. doi:
  18. Warren SD, Brandeis LD. The Right to Privacy. Harvard Law Review. 1890;4(5):193-220. doi:10.2307/1321160
  19. Schneier B. AI Has Made Video Surveillance Automated and Terrifying. Vice. June 2019. Accessed September 3, 2019.
  20. Barrett L. Our collective privacy problem is not your fault. Fast Company. January 2020. Accessed January 2, 2020.
  21. America Under Surveillance. UCLA Hammer Museum; 2015.
  22. Starbird K. The Surprising Nuance Behind the Russian Troll Strategy. Medium. October 2018. Accessed November 18, 2019.
  23. McLaughlin J, Dorfman Z. “Shattered”: Inside the secret battle to save America’s undercover spies in the digital age. Yahoo! News. Published December 30, 2019. Accessed December 30, 2019.
  24. Hill K. The Secretive Company That Might End Privacy as We Know It. The New York Times. Published January 18, 2020. Accessed January 21, 2020.
  25. TikTok: A guide for clueless parents. NBC News. Accessed November 30, 2019.
  26. Citarella J. Adventures in TikTok, the Wildly Popular Video App Where Gen Z Rules. Artsy. Published December 3, 2018. Accessed November 27, 2019.
  27. Shultz A. Why Is This Wearable-Tech Company Helping College Teams Track How Often Athletes Sleep, Drink, And Have Sex? Deadspin. April 2017. Accessed November 30, 2019.
  28. Cope S, Kalia A, Schoen S, Schwartz A. Digital Privacy at the U.S. Border: Protecting the Data On Your Devices and In the Cloud. Electronic Frontier Foundation; 2017. Accessed January 13, 2020.
  29. Dara R. Should you warn dinner guests about your digital personal assistant? Published December 27, 2019. Accessed January 1, 2020.
  30. Privacy Legislation Enacted in 2018. State of California – Department of Justice – Office of the Attorney General. Published 2020. Accessed January 6, 2020.

Leave a Comment

Your email address will not be published.