Recently we learned that Google’s Street View vehicles gathered people’s private communications on their home WiFi networks as they drove by snapping photos. Initially, Google denied it was collecting or storing any payload data, but later admitted that it had, in fact, collected private information that it should not have, information clearly beyond what any reasonable person who expect a street mapping service to collect.
Google’s explanation was that this privacy invasion was a mistake, and happened because some code inadvertently made its way into the Street View vehicles’ software. While I trust Google that this was a mistake, and that the data wasn’t used for anything, it reveals a significant lack of control over what its fleet of vehicles are doing — and what they are capable of doing without Google apparently knowing. It also reveals yet another example of how Google failed to recognize and address possible privacy issues related to the the fact they are deploying an army of vehicles to harvest information about the physical (and now wireless) terrain.
But not to be left out of the recent spate of dotcom executives making ignorant statements about online privacy, Eric Schmidt, Google’ CEO, had this response when asked about possible EU charges against Google for the WiFi privacy invasion:
“no harm, no foul”
“Who was harmed? Name the person.”
it was “highly unlikely” that any of the collected information was “useful” and that there appeared to “have been no use of that data.”
So, once again, we have the person in charge of a dominant Web company, a company in control of huge amounts of personal data about millions of users, defining privacy concerns solely in terms of the potential (or real) harm that could occur.
Schmidt’s harm-based conception of privacy supposes that so long as the data can be protected/prevented from being used to cause harm, the privacy of the subjects is maintained. Since no one was hurt, Schmidt appears to say, then what’s the big fuss?
Such a position ignores the broader dignity-based theory of privacy. This view recognizes that one does not need to have a tangible harm take place in order for there to be concerns over the privacy of one’s personal information. Rather, merely having one’s information stripped from the intended sphere (personal WiFi network), and amassed by passing vehicles operated by the world’s largest search engine becomes an affront to the subjects’ human dignity and their ability to control the flow of their personal information.
But Schmidt doesn’t see things this way. Why? My theory is because he’s an engineer, not an ethicist. To an engineer, if the data has no obvious use-value, and no one was hurt, then all is good with the world. To an ethicist, harvesting personal information from the spheres of one’s personal WiFi network (whether the network was open or closed) is a privacy violation.
Until the computer scientists and engineers running the companies that possess so much of our personal information start to understand online privacy from contextual and dignity based frameworks, our privacy remains in peril.