The Perks and Risks of National ID System

In an article published by Rappler (2018), the National ID system law in the Philippines has been
digested to its reason, purpose, and basic system:

What is the Philippine Identification System or PhilSys? It's a system that centralizes all personal
information of Filipino citizens and resident aliens and generates a Philippine ID (PhilID) and PhilSys
Number (PSN) that will be used to authenticate their identity in all government and private sector
transactions. This includes applications for drivers' license, passport, tax-related transactions, voters'
registration, application to schools, and bank transactions.

How does that affect lives of Filipinos, resident aliens? This means there will be no need to provide
government offices or private establishments with multiple IDs (license, passport, TIN ID, etc) just to
prove your identity. Providing your PhilID or PSN will be deemed as sufficient proof of identity, subject
to verification.

How do I enter the system? One year from the effectivity of this law, citizens and resident aliens can
register in person with any of the offices below. Registration is not mandatory. To speed up processing,
you can provide a birth certificate (for citizens) or proof of residence (for resident aliens).

 PSA Regional and Provincial Offices

 Local Civil Registry Offices
 Government Service Insurance System (GSIS)
 Social Security System (SSS)
 Philippine Health Insurance Corporation (PhilHealth)
 Home Development Mutual Fund (HDMF)
 Commission on Elections (Comelec)
 Philippine Postal Corporation (PHLPost)
 Other government-owned and controlled corporations assigned by the Philippine Statistics
Authority

What if I live abroad? Register with the Philippine embassy in your area or any registeration center
designated by the Department of Foreign Affairs.

What type of information will I be asked to provide?

 Full name
 Sex
 Date of birth
 Place of birth
 Blood type
 Address
 Whether you are a Filipino or resident alien
 Front facing photograph
 Full set of fingerprints
 Iris scan
 Other identifiable features as may be determined by the law's implementing rules and regulations
 Optional information: marital status, mobile number, e-mail address
Will my personal information, data be secure? The law imposes penalties of fines or imprisonment for
any person who illegally discloses any PhilSys information or uses it for unauthorized purposes. Personal
data may only be disclosed to enforcement or security agencies in the interest of public safety and only
upon court order. In such a case, the owner of the information must be notified within 72 hours of the
disclosure.

Who's in charge? The Philippine Statistics Authority (PSA) is the government agency tasked with
implementing the law with the technical assistance of the Department of Information and
Communications Technology (DICT). A council composed of officials from the National Economic and
Development Authority, budget department, finance department, foreign affairs department, and more
will create the policies.

Something to note: It's important to point out that the PhilSys will also record every instance you use
your PhilID or PSN in a transaction, aside from any modification of personal information. Privacy experts
have said this could lead to "dataveillance" or a comprehensive surveillance system that tracks a person's
activities over an extended period.

Marcos Administration

How its implementation was attempted: Former president Ferdinand Marcos, one year into Martial
Law in 1973, signed Presidential Decree No. 278, which mandates the creation of a "national reference
card system".

Why they tried to implement it: The decree cited insurance of national security, the increased ease of
conducting transactions requiring government ID, and the need to consolidate all distinct ID systems.

What were the key points: All Filipino citizens and foreign nationals living in the Philippines were to be
assigned a reference number for identification. No details were given on what information was to be
collected, and how the privacy of this information was to be secured.

What came out of it: Marcos in 1980 released Executive Order 630 which established a national
identification system committee to work on how to properly implement PD 278.

Ramos Administration

How its implementation was attempted: Former President Fidel V. Ramos signed Administrative Order
No. 308 in December 1996, mandating the creation of a computerized national ID system.

Why they tried to implement it: It cited the need to increase the ease of availing basic services, social
security, and other government provisions. It also indicated how a national ID system would be able to
reduce the number of fraudulent transactions by people abusing government services.

What were the key points: Perhaps recognizing the times, Administrative Order (AO) No. 308
specifically called for a national ID system that was to be computerized, with biometric data as part of the
information collected.
A new ID number, called the Population Reference Number, was also to be generated by the National
Statistics Office (now under the Philippine Statistics Authority). Beyond this, scarce details were
provided in AO No. 308 on the particulars of the mandated national ID system. Instead, the administrative
order called for the creation of an inter-agency committee, to which the responsibility of devising the
guidelines and details of the system was deferred.

What came out of it: After the order was signed by Ramos, a petition was filed with the Supreme Court
by then senator Blas Ople, contending that the administrative order violated the right to privacy enshrined
in the 1987 Philippine Constitution and that the creation of a national ID system required a legislative act.

The High Court ruled in favor of the petition in July 1998.

Penning the majority decision, then associate justice Reynato Puno agreed that the provisions of the order
were beyond the powers of the executive branch so that legislation was needed. Puno also affirmed that
the national ID system, as described in the order, encroached on privacy rights protected by the
Constitution and Bill of Rights.

Thus, even if the provisions of AO 308 fell within the purview of executive powers, the government
needed to show both that there existed compelling state interest for the order, and that its implementation
was narrowly defined in addressing the said interest. Puno argued the national ID system, as outlined in
the order, severely failed to achieve the latter, opening up the possibility of abuses of power against
constitutional rights.

Arroyo Administration

How its implementation was attempted: Former president Gloria Macapagal Arroyo signed Executive
Order No. 420 in April 2005, calling for all government services to consolidate their identification
systems.

Why they tried to implement it: The order cited the high costs of redundant ID systems in government,
and the inconvenience it imposed on individuals. It also pointed to greater ease in conducting private
business, the increased accountability and reliability of government services, and the ability to thwart law
violations related to false identities.

While not expressly stated in the executive order, many government officials at the time also cited the
threat of terrorism as an important consideration.

What were the key points: The executive order limited the information gathered to 14 types of
information, of which the first 5 that were enumerated and the individual’s fingerprints were to appear on
the unified ID card.

EO 420 did not mandate the inclusion of all Filipino citizens in the new ID system: only those already in
possession of an ID card of any sort were to be affected.
The executive order outlined several guidelines meant to safeguard the privacy rights of individuals; of
these, the most significant were the provisions that only the 14 types of information collected were to be
stored by the government, and that all data was strictly confidential.

What came out of it: The Arroyo administration implemented EO No. 420 through its creation of the
Unified Multi-Purpose ID system in 2010.

UMID is a currently accepted ID system available to members of SSS, GSIS, PhilHealth, and the Pag-
IBIG fund. However, as Senator Ping Lacson noted in his sponsorship speech for a national ID system
bill waiting for President Rodrigo Duterte's signature, less than 20% of the population is currently
enrolled in the program.

But Kilusang Mayo Uno and other concerned parties filed a petition with the Supreme Court arguing on
the unconstitutionality of the executive order. In April 2006, the Supreme Court ruled against the petition,
upholding the constitutionality of EO No. 420.

As opposed to AO No. 308, SC Associate Justice Antonio Carpio argued that the executive order was not
a usurpation of legislative power because it did not require the appropriation of funds. Its provisions only
affected executive agencies and those already in possession of some form of ID, and the data collected did
not extend beyond what was routinely sought.

He pointed out that the order was ultimately a standardization of executive ID systems, and not a true
national ID system. Carpio also did not believe that the executive order violated any privacy rights,
arguing that the 14 kinds of information to be collected were routine, and were even a reduction when
compared to other government ID systems.

Unlike other measures proposed or at least backed heavily by law enforcement authorities and national
security agencies, a national ID debate is more difficult to traverse for rights advocates given its ability to
boast of some inherent virtues that are markedly absent among its peers. The more commonly cited
benefits include the following:

1. Better delivery of and access to government services. That a good universal ID system can
improve efficiency and reduce cost both to the government and citizens of the delivery of and
access to public services remains the most invoked reason for supporting such a system. There is
no denying that an identification problem can exclude one from much-needed social service
programs.
2. Financial Inclusion. Economic experts and other authorities also note the potential of having an
ID system address the country’s financial inclusion challenges. Here in the Philippines, it has
been suggested that a national ID could enable unemployed Filipinos who typically do not have
access to other IDs to avail of financial and banking services.[13]
3. Law enforcement. Governments also see ID systems important when fighting terrorism and
various crimes like illegal immigration and identity fraud. In 2016, when a commercial bank
became involved in an $81M money laundering case, government agencies echoed calls for the
establishment of a national ID system in order to prevent similar incidents in the future.[14]
4. Public Safety. A centralized database can also prove useful during national emergencies,
calamities, and other public safety concerns. When the MERS (Middle East respiratory
syndrome) virus broke out in 2014, the Department of Health found it difficult to track down the
other passengers of an airliner that had a Filipino who tested positive for the virus. The Health
 Secretary then stated it would have been easier if they had an extensive database of Filipinos to
help them in their search.[15]
5. Social Inclusion. National IDs are also believed to promote social inclusion by providing official
identification for individuals that usually have no access to such documents.[16]

Resistance to the introduction of an ID system also proceeds from a number of issues. The backlash
surrounding similar proposals in other jurisdictions has sometimes been so great that countries like
Australia, New Zealand, and the US steer away from introducing national ID cards at least in the near
term. Other concerns include:

1. Surveillance and Privacy Rights Violations. A national ID system gives any government
unprecedented access to a huge cache of its citizens’ personal data. That is quite possibly the
greatest danger it poses in any given society, no matter how strong the safeguards a country’s
constitution or statutes offer against its potential abuse or misuse. For the American Civil
Liberties Union (ACLU), use of an ID system inevitably leads to the normalization of the
surveillance of citizens, and this will almost always promote discrimination and harassment in the
long run.[17]This point is all too real for local rights advocates and activists who are afraid that
such a system could be used to compile information on political opposition and other parties
critical of the administration.[18]At the House of Representatives, the seven lawmakers who
opposed the current proposal highlighted how the system poses a threat to the right to privacy of
Filipino citizens. Representative Emmi de Jesus, in particular, cautioned against the provision
allowing for the collection of other information determined by participating government
agencies, to wit:

“This is alarming, especially in the context of the non-stop extrajudicial killings among peasants, political
activists, indigenous peoples, and even the current controversial murder of poor Filipinos in the name of
the war on drugs. An unlimited expanse of personal data placed in the hands of a regime that relies
heavily on dictatorship and fascist methods can only mean intensified surveillance and state profiling,
which might even lead to more killings […] Enabling a fascist, big brother state to collect and centralize
sensitive personal information about its citizens will never solve the basic ills of social services
delivery.”[19]

2. Infringements of Other Civil Liberties. Privacy violations are usually a precursor to graver human
rights abuses. Accordingly, any government with the ability to keep tabs on its population via an
ID system will necessarily have the ability to shift to other more oppressive acts, such as cracking
down on free speech, freedom of assembly, and other related rights.
3. Doubts over Effectiveness Against Crime and Terrorism.A national ID system is just one item in
a familiar wishlist readily given by governments when asked what they need to help contain or
eradicate crime and threats against the State. Time and again, however, they fail to produce
substantial evidence showing just how effective these measures are. Here in the Philippines, a
2005 report by the Senate Economic Planning Office noted the absence of any proof that a
national ID system increases security against terrorism. Citing a report by Privacy International, it
admitted that 80% of the 25 countries affected by terrorism from 1986 to 2004 actually had
identity card systems in place, with a third of them employing biometrics technology.
4. Function Creep. Described earlier as the use of a tool or system for purposes beyond those
originally declared, function creep will always pose a risk to the privacy of individuals registered
in an ID system. In the draft bill currently pending at the Philippine Senate, the protection against
unlawful disclosure of registered information do not apply when the additional use is required by
the “interest of public health or safety”. Who gets to make such determination is not stated,
 making it prone to abuse by any number of government agencies or officials with their own
vested interests.
5. Costs. A key concern, particularly for government agencies expected to shoulder the
responsibility of implementing an ID system, is cost. Many observers believe that identity
management programs are inherently expensive and require significant financial commitment
from the government in order to work. For 2018, the Philippine government has allotted PhP2
billion to the Philippine Statistics Authority to prepare for the rollout of a domestic ID
system.[20]
6. Data Security. Another issue often raised relates to the ability of the government to protect data
under its control or custody. In the local scene, the Comelecincident only served to reinforce
public perception that the government is incompetent or poorly equipped to manage and maintain
a secure information system. If it is incapable of protecting a voter registration database, how can
it be expected to fare better when handling a bigger and more complex system?
7. Technical Complexity and Logistical Issues. Apart from cost, a number of other factors make an
ID system difficult to implement. This is particularly true in countries where IDs and other
documents can be fraudulently acquired quite easily (i.e., the Philippines).These factors
include:(a) migration; (b) distance from and access to registration centers by citizens and
residents; and (c) ill-equipped and unprepared registration centres.

Conclusion

National ID systems everywhere are always immersed in controversy. This trend is poised to continue
given the growing interest by governments in their potential uses. For the different stakeholders, the
challenge has always been finding the proper balance between upholding legitimate State interests and
those of the individual—the right to privacy being only one of them.

To those keeping a close watch on the impact of ID systems on privacy rights, one positive development
these past few years here in the Philippines has been the passage of the country’s first comprehensive data
protection law: Republic Act No. 10173, also known as the Data Privacy Act of 2012 (DPA). The law
provides numerous legal safeguards that ensure the security and protection of personal data.

With the DPA, all debates surrounding an ID proposal must now be properly guided by the principles and
standards enshrined in the law. The need for such a system must now be pitted against the dangers its
poses and the data security measures prescribed by the DPA. More importantly, if the proposal were to
garner Congressional approval, adopting a “privacy by design” approach and appropriate accountability
mechanisms naturally becomes imperative.

That said, one cannot simply rely on the DPA to keep any national ID system in check. Any privacy
advocate worth his or her salt knows that a significant degree of caution is called for especially during
these troubling times. One should be constantly wary of any effort or measure that aims to give more
power to an administration that already has a stranglehold over all three branches of government. Giving
it also an identity management scheme to tinker with may already be one measure too many.
SUPPLEMENTS

“Big Data” are two small words with enormous societal meaning.1×1. See DAVID
BOLLIER, THE PROMISE AND PERIL OF BIG DATA (2010), https://www.emc.com/collateral/analyst-
reports/10334-ar-promise-peril-of-big-data.pdf [https://perma.cc/CD6F-ACYZ].Show More The words
signify a complex phenomenon that has come to define the second decade of
the twenty-first century. Big Data is the vast quantities of information amenable
to large-scale collection, storage, and analysis. Using such data, companies and
researchers can deploy complex algorithms and artificial intelligence
technologies to reveal otherwise unascertained patterns, links, behaviors,
trends, identities, and practical knowledge. The information that comprises Big
Data arises from government and business practices, consumer transactions,
and the digital applications sometimes referred to as the “Internet
of Things.”2×2. The popular term “Internet of Things” designates the result of connecting everyday tools and
appliances — like heating systems, refrigerators, and FitBits — to the internet to improve their accessibility and
function. See Jacob Morgan, A Simple Explanation of “The Internet of Things,” FORBES (May 13, 2014, 12:05
AM), http://www.forbes.com/sites/jacobmorgan/2014/05/13/simple-explanation-internet-things-that-anyone-can-
understand/#4a6ee29b6828.Show More Individuals invisibly contribute to Big Data
whenever they live digital lifestyles or otherwise participate in the digital
economy, such as when they shop with a credit card, get treated at a hospital,
apply for a job online, research a topic on Google, or post on Facebook.
Representing the push to collect massive amounts of analyzable data for the
purpose of discerning valuable information, Big Data presents major challenges
to the ideal of personal privacy, which includes rights of limited access to
personal information and control over personal information.3×3. See
generallyPRESIDENT’S COUNCIL OF ADVISORS ON SCI. &TECH., REPORT TO THE
PRESIDENT: BIG DATA AND PRIVACY: A TECHNOLOGICAL
PERSPECTIVE (2014), https://www.whitehouse.gov/sites/default/files/microsites/ostp/PCAST/pcast_big_data_an
d_privacy_-_may_2014.pdf [https://perma.cc/JE9Y-BJ3B] (discussing privacy concerns stemming from the rise of Big
Data and issuing policy recommendations).Show More Privacy advocates and civil
libertarians say Big Data amounts to digital surveillance that potentially results
in unwanted personal disclosures, identity theft, and discrimination in contexts
such as employment, housing, and financial services.4×4. See, e.g., MARC
ROTENBERG ET AL., ELEC. PRIVACY INFO. CTR., COMMENTS OF THE ELECTRONIC
PRIVACY INFORMATION CENTER TO THE OFFICE OF SCIENCE AND TECHNOLOGY
POLICY: REQUEST FOR INFORMATION: BIG DATA AND THE FUTURE OF PRIVACY 2–6
(2014), https://epic.org/privacy/big-data/EPIC-OSTP-Big-Data.pdf [https://perma.cc/ZQJ9-L8EW].Show
More These advocates and activists say typical consumers and internet users do
not understand the extent to which their activities generate data that is being
collected, analyzed, and put to use for varied governmental and business
purposes.
I have argued elsewhere that individuals have a moral obligation to respect not
only other people’s privacy but also their own.5×5. See Anita L. Allen, An Ethical Duty to Protect
One’s Own Information Privacy?, 64 ALA. L. REV. 845 (2013).Show More If the experience of
privacy is important to human dignity and wellbeing, it is something individuals
with a choice should not choose to carelessly discard or give away. We must
protect our own data to the best of our abilities. Our often-overlooked ethical
responsibility to do so could entail circumspect use of social media and credit
cards, along with diligent use of passwords, encryption, and security software
to limit access to devices. Here, I wish to comment first on whether there is an
ethical obligation to protect one’s own privacy; second, on whether the notion
that individuals have a moral obligation to protect their own information
privacy is rendered utterly implausible by current and likely future Big Data
practices; and finally, on whether a conception of an ethical duty to self-help in
the Big Data context may be more pragmatically framed as a duty to be part of
collective actions encouraging business and government to adopt more robust
privacy protections and data security measures.

II. AN ETHICAL OBLIGATION TO

PROTECT ONE’S OWN PRIVACY

Philosophically speaking, protecting data privacy should be understood as an

ethical responsibility of good governments, businesses, and individuals. Ideals
of rights, justice, and moral respect pervasively call upon us to regulate access
to personal information. Federal and state privacy laws appropriately aim at
such ends. Indeed, privacy is so important that good government is warranted
in protecting forms of privacy that some individuals do not
themselves value.6×6. See generally ANITA L. ALLEN, UNPOPULAR PRIVACY: WHAT
MUST WE HIDE? (2011) (exploring the plausibility of paternalistic privacy policies within liberalism).Show
More While much of moral life relates to how we treat other people, it also
relates to how we treat ourselves. The Kantian deontic moral tradition, for
example, asks us to respect our own humanity, for we are owed respect as
rational beings with moral autonomy. My views about moral duty are
influenced by this tradition. The German philosopher Immanuel Kant derived
duties to others and to oneself from a general moral law — a categorical
imperative — to “act that you use humanity, whether in your own person or in
the person of any other, always at the same time as an end, never merely as
a means.”7×7. IMMANUEL KANT, GROUNDWORK OF THE METAPHYSICS OF
MORALS4:429 (1785), reprinted in PRACTICAL PHILOSOPHY 37, 80 (Mary J. Gregor ed. & trans., 1996).
In an alternative formulation, Kant advanced that a person should “act only in accordance with that maxim through
which [the person] can at the same time will that it become a universal law.” Id. 4:421, at 73 (emphasis omitted).Show
More Extrapolating from Kant’s categorical imperative, I have elsewhere
argued that “[d]uties to oneself are duties of self-care and self-respect” to act
“with self-regard, dignity, and integrity,” and “to promote one’s rational
interests in security, freedom, and opportunity.”8×8. Allen, supra note 5, at 854. I believe
duties to the self of self-care and self-respect entail reservation and
circumspection when it comes to sharing potentially sensitive information and
the intimacies of identity and personality.9×9. See id. at 863–65 (arguing that the concept of
duties to the self are plausible and conceivably include duties to protect one’s own privacy).Show More And
while the case for protecting one’s own privacy can be made in Kantian terms,
one could also build a case for limiting disclosures of information about oneself
on moral utility grounds, stressing moral interests in protecting reputation and
future opportunity, and on moral virtue grounds, pertaining to modesty,
reserve, and temperance as important character traits. Thus, while business and
government owe us privacy, we also owe ourselves privacy.
There are serious practical limits to protecting our own privacy. The methods
of data collection and analysis associated with Big Data represent challenges to
individuals’ capacity to make meaningful privacy-protective interventions.
Typical individuals among us, even the well-educated, are technologically
unsophisticated, and the cultural and economic pressures to engage in
transactions that call for information disclosures are great. Moreover,
individuals do not and cannot effectively negotiate over privacy-related “terms
and conditions” to ensure privacy advantages. What then, in the Big Data era,
might be the content of any moral responsibility to protect one’s own privacy?
It looks empty. Protecting our own information privacy seems like a
manageable task when we focus on such commonplace activities as being more
reserved in conversation, using passwords on electronic devices, installing
security software, encrypting, and moderating use of social media. Easy self-
protection also includes not opting out of our employers’ institutional firewalls
that monitor internet traffic to repel known threats. Those kinds of activities
have a role but are not capable of delivering robust information privacy. Big
Data is an ethical game changer since there can be no ethical duty to do the
impossible.

III. TAKING RESPONSIBILITY: TO

EMBRACE OR TO FIGHT BIG DATA?

At present, Big Data can feel like Big Brother, a natural enemy of personal
privacy and free choice. Ascribing an obligation of protecting our privacy seems
to require something exceedingly difficult or impossible: the eschewal of
activities that contribute to the production of massive data sets and analysis.
Individuals are generously feeding Big Data. Currently, Big Data analytics
involve unknown and nonconsensual uses of data generated by individual
conduct that may reveal behaviors and identities to individuals’ detriment. Two
possibilities merit exploration: that Big Data ought not to be constrained by
individuals and that Big Data cannot be constrained by individuals.

One possibility is that any moral responsibility to protect one’s own privacy
does not include an obligation to constrain Big Data because Big Data’s
beneficial uses for commerce, security, and public health and safety override
privacy concerns. The claim that technology is a net privacy boon is a familiar
one. In the early days of the internet it was common to point out that technology
could increase privacy. For example, it was argued that with the internet, one
would be able to shop without going out into town, read a new book without
visiting a brick and mortar library or retailer, and communicate with friends
and strangers anonymously. Today we know that we are not invisible as we
shop, read, and converse online and that we can be held accountable.10×10. See,
e.g., Doe I v. Individuals, 561 F. Supp. 2d 249, 257 (D. Conn. 2008) (ordering the unmasking of an anonymous
AutoAdmit.com discussion board poster who defamed and invaded the privacy of female Yale Law School
students).Show
More The internet of the 1990s was not quite the privacy boon it
first appeared to be. Yet maybe Big Data is different. Perhaps Big Data, the
“greatest tsunami of information that humans have ever seen,”11×11. Juan
Enriquez, Reflections in a Digital Mirror, in THE
HUMAN FACE OF BIG DATA 18, 21 (Rick Smolan &
Jennifer Erwitt eds., 2012).Show More will net major privacy-related benefits.
While collecting detailed information about us, Big Data might lead to the
discovery of new ways to limit access to persons and personal information and
create opportunities for an enhanced and less accountable personal life.
Focusing on medicine and health as an example, self-tracking made possible by
Big Data could improve preventive medicine, increase autonomy, and keep us
away from hospitals, therapists, and the like.12×12. Id. at 34. For instance, if Big
Data analytical results show that less expensive home care is superior to
expensive hospital stays for certain classes of patients, that could be a boon to
privacy and could lead to cost savings. Similarly, Big Data results could uncover
ways to give people with disabilities more personal independence. In a different
context, it potentially would allow police departments to identify police officers
at risk of serious misconduct and impose interventions. Furthermore, some of
the things we do in our private lives may be better done someday because of Big
Data: choosing a partner, buying a new home, planning a long vacation, and
passing our native languages along to our children, to name a few. In being
constructively critical of Big Data’s threats to our privacy, we should also be
aware of these potential advantages and encourage government and business to
foster uses of Big Data that may support important privacy interests. Big Data
feels like a threat to privacies we should care about, such as medical and
financial privacies, but perhaps Big Data could — or even already does — have
a net positive effect on privacy. Technological developments may compromise
privacy and security, but technological innovation might also contribute to a
greater degree of privacy in the long run.
From this point of view, individuals would actually harm themselves and others
if they succeeded at putting Big Data on a serious diet by generating less data to
sustain it. In this vein, one commentator argues that “[t]here’s an ‘obsession
around the issue of privacy’ that has sometimes ‘derailed’ efforts to use data to
address critical issues such as combating child abuse, improving education and
life-saving medical research.”13×13. Dibya Sarkar, “Obsession” Around Privacy Said to Affect Big Data
Collection but Some Say It’s Warranted, COMM. DAILY (June 23,
2016), http://www.communicationsdaily.com/article/view?s=117058&p=1&id=497461 (quoting Daniel Castro, Vice
President of the Information Technology and Innovation Foundation).Show
More Are there
“communities where not enough data — or not enough good quality data — is
being collected”?14×14. Id. (discussing Castro’s demographic concerns regarding the impact of Big Data on
Hispanic Americans and the LGBT community, whose data are not collected as well or often as that of other
groups).ShowMore
Yet absolute deference to the common good is inconsistent with the Western
morality of individual rights and responsibilities. Being a moral person with
rights stems from a conception of human dignity whereby we are not utterly at
the disposal of others, existing for their use and to serve their ends. We are
subjects, not mere objects; we are entitled to have our own ends take priority
over others’ in a robust range of circumstances needed to respect our autonomy
and welfare. The goal should thus not be to deny privacy but rather to find the
sweet spot between public and private good and to understand the extent to
which privacy is itself also a public, communal good.

A second possibility is that our privacy claims are not all overridden by the
promise of Big Data to make the world better and that we have a moral
obligation to try our best to constrain Big Data for the sake of our privacy. Our
moral efforts might begin with more careful reflection on our habitual daily
practices at home or at work and their deep ethical significance, both personal
and communal.15×15. See, e.g., GIORGIA LUPI & STEFANIE POSAVEC, DEAR DATA(2016)
(recounting authors’ yearlong exchange of postcards detailing minute aspects of daily life such as purchases and
emotions that in aggregate reveal important aspects of personality and identity); see also David Silverberg, The Minute
Data of Everyday Life on 52 Postcards over 52 Weeks, WASH. POST(Aug. 27,
2016), https://www.washingtonpost.com/entertainment/books/the-minute-data-of-everyday-life-on-52-postcards-over-
52-weeks/2016/08/24/39e2b4d6-689e-11e6-ba32-5a4bf5aad4fa_story.html [https://perma.cc/23FT-ML6F] (“We live in
a world obsessed with big data. Algorithms and apps detect and aggregate every bit and byte of information passing
through our online and offline interactions. Analytics increasingly inform us about user behavior in real time. But ‘Dear
Data’ harks back to a more nostalgic era when we deliberated over the information we took in and offered to others.
Let’s call it Slow Data. ‘To draw is to remember,’ the authors write, and their book reminds us that physical documents
can be a time capsule we continually pore through long after Facebook and Instagram have made way for the next
Internet flavor of the month.” (quoting LUPI&
POSAVEC, supra)).Show More Yet third-party
collection and use of data is mostly invisible to ordinary people. Moreover, it is
one thing to put up a curtain in one’s bedroom and limit use of social media, but
it is something else to be savvy about the ways in which contemporary lifestyles
and business practices generate tiny bits of data, some seemingly insignificant,
that can be collected, aggregated, and analyzed to reveal patterns, preferences,
and identity. The capacity of individuals qua individuals to take steps in daily
life to limit Big Data’s ability to capture data is limited by deficits of knowledge
and practical alternatives. Holding individuals responsible for something they
can do nothing about makes little sense, raising the specter that Big Data leaves
us helpless to meaningfully protect our own privacy and secure our own
information.
 IV. ACTING INDIVIDUALLY, ACTING
COLLECTIVELY

Individuals can act collectively to constrain and improve Big Data practices. The
moral obligation to protect one’s own privacy remains a meaningful concept so
long as one recognizes that the obligation requires participating in the political
process and supporting consumer activism and advocacy, as well as making
adjustments in one’s own individual behavior and family education.
Collectively, individuals can push for reforms and be critical of government.

There is much of which to be constructively critical. In response to a legislative

draft of a Privacy Bill of Rights promulgated by the White House, Jeff Chester
of the Center for Digital Democracy opined that in a world in which “[t]here’s
no meaningful consumer control of . . . data” nor of “intimate details about
people’s lives,” the White House draft just “makes big data even bigger as it
allows the current collection of data to continue.”16×16. Katie Rucke, House Privacy Caucus
Panel Debates White House Consumer Privacy Bill of Rights Legislative Draft, COMM. DAILY(Mar. 18,
2015), http://www.communicationsdaily.com/article/view?s=117061&p=1&id=462588 (discussing Chester’s concerns
regarding the bill).ShowMore The recommendations in a recent White House report
on addressing Big Data challenges do not call for major new
legislative agendas.17×17. See EXEC. OFFICE OF THE PRESIDENT, BIG DATA: A
REPORT ON ALGORITHMIC SYSTEMS, OPPORTUNITY, AND CIVIL
RIGHTS (2016), https://www.whitehouse.gov/sites/default/files/microsites/ostp/2016_0504_data_discrimination.pdf
[https://perma.cc/H7JQ-N2T3] (presenting case studies in the use of Big Data, which focused on potentially beneficial
uses in credit, employment, higher education, and criminal justice).Show
More There is the mere hint
that government and private sector rules are called for, along with
other solutions.18×18. See id. at 22–24 (calling for research, education, training, design, and standards). But
see EXEC. OFFICE OF THE PRESIDENT, BIG DATA: SEIZING OPPORTUNITIES,
PRESERVING VALUES 60
(2014), https://www.whitehouse.gov/sites/default/files/docs/big_data_privacy_report_may_1_2014.pdf [https://perma.
cc/A7Y9-QUGS] (recommending, inter alia, advancing a Consumer Privacy Bill of Rights, national data breach
legislation, and antidiscrimination measures, and amending the Electronic Communications Privacy Act).Show
More Some of the most vocal critics of Big Data call for much more, from an
entire EU-style overhaul of current national privacy law,19×19. E.g., Joel R.
Reidenberg, Yes: Our Experiment with Self-Regulation Has Failed, in Should the U.S. Adopt European-Style Data-
Privacy Protections?, WALL STREET J. (Mar. 10, 2013, 4:00
PM), http://www.wsj.com/articles/SB10001424127887324338604578328393797127094 [https://perma.cc/A59X-
RZNH].ShowMore to changes in existing sectorial statutory frameworks like the
Health Insurance Portability and Accountability Act20×20. See HITPC
PRIVACY& SEC. WORKGROUP, HEALTH BIG DATA RECOMMENDATIONS 15–20
(2015), https://www.healthit.gov/sites/faca/files/HITPC_Health_Big_Data_Report_FINAL.pdf [https://perma.cc/9ZEZ-
TJ2M] (recommending, inter alia, amendments to HIPAA privacy and security rules).Show More (HIPAA)
or structures of regulatory agency responsibility for
consumer protection,21×21. Cf. Rucke, supra note 16. such as protection by the FTC or
the FCC.22×22. Dibya Sarkar, Consumer Control, Consent on Privacy Not Outdated, Ramirez Tells TPI, COMM.
DAILY (Aug. 23, 2016), http://www.communicationsdaily.com/article/print?id=501993. Show
More Meriting praise is a recommendation of the federal Big Data Research and
Development Strategic Plan for more “Big Data ethics research” comparable to
the ethical, social, and legal implications research that has been a part of the
government’s genomics and nanotechnology initiatives.23×23. THE
NETWORKING &INFO. TECH. RESEARCH& DEV. PROGRAM, THE FEDERAL BIG DATA
RESEARCH AND DEVELOPMENT STRATEGIC PLAN 27
(2016), https://www.whitehouse.gov/sites/default/files/microsites/ostp/NSTC/bigdatardstrategicplan-nitrd_final-
051916.pdf [https://perma.cc/QT8K-XGP9].Show More
There are many other voices and initiatives that are worth supporting in the
collective effort to protect individual control over privacy. An emerging
perspective that seeks to reconcile privacy and Big Data argues that Big Data
will not achieve its aims unless something can be done at this point in time to
assure individuals that their personal privacy is protected. According to FTC
Chairwoman Edith Ramirez, “[t]here is a risk we won’t really be able to
innovate, we won’t really be able to make full use of big data . . . unless we really
do make sure that consumers feel that they have control.”24×24. Sarkar, supra note 22
(quoting Ramirez’s response to a question from N.Y.U. economist Larry White).Show More The most
certain way to create the feeling that consumers have control is to actually
confer control through privacy-by-design, algorithmic transparency, and
privacy-sensitive corporate policies and government regulations well-
communicated to a digitally educated public. To “unleash the full potential of
big data,” according to Ramirez, “the principles of transparency and choice that
undergird privacy laws around the world — as well as the best practices the FTC
advocates — [must] continue to play an important role in protecting
consumer privacy.”25×25. Id. (quoting Ramirez). Participation in this debate, and
encouragement of the development of novel and creative methods of returning
privacy controls to the individual, can be a powerful way to engage ethically
within the current framework.
 V. CONCLUSION

While individuals have a moral responsibility to protect their own privacy, Big
Data represents a challenge that points to the need for collective and political
approaches to self-protection rather than solely individual, atomistic
approaches. Fortunately, although business and government are “all in” with
Big Data, privacy concerns are getting some of the attention they deserve from
policymakers and researchers. As we push business and government to address
the complex threat to privacy posed by Big Data, we can also look forward to
ways Big Data may improve the experience of privacy and private life.

The Dangers of Surveillance

Symposium Article by Neil M. Richards
MAY 20, 2013
126 Harv. L. Rev. 1934

From the Fourth Amendment to George Orwell’s Nineteen Eighty-Four, and

from the Electronic Communications Privacy Act to films like Minority
Report and The Lives of Others, our law and culture are full of warnings about
state scrutiny of our lives. These warnings are commonplace, but they are rarely
very specific. Other than the vague threat of an Orwellian dystopia, as a society
we don’t really know why surveillance is bad and why we should be wary of it.
To the extent that the answer has something to do with “privacy,”• we lack an
understanding of what “privacy”• means in this context and why it matters.
We’ve been able to live with this state of affairs largely because the threat of
constant surveillance has been relegated to the realms of science fiction and
failed totalitarian states.
RELATED

 Addressing the Harm of Total Surveillance: A Reply to Professor Neil Richards by Danielle Keats Citron & David
Gray
But these warnings are no longer science fiction. The digital technologies that
have revolutionized our daily lives have also created minutely detailed records
of those lives. In an age of terror, our government has shown a keen willingness
to acquire this data and use it for unknown purposes. We know that
governments have been buying and borrowing private-sector databases, and we
recently learned that the National Security Agency (NSA) has been building a
massive data and supercomputing center in Utah, apparently with the goal of
intercepting and storing much of the world’s Internet communications for
decryption and analysis.

Although we have laws that protect us against government surveillance, secret

government programs cannot be challenged until they are discovered. And even
when they are, our law of surveillance provides only minimal protections.
Courts frequently dismiss challenges to such programs for lack of standing,
under the theory that mere surveillance creates no harms. The Supreme Court
recently reversed the only major case to hold to the contrary, in Clapper v.
Amnesty International USA, finding that the respondents’ claim that their
communications were likely being monitored was “too speculative.”•
But the important point is that our society lacks an understanding of why (and
when) government surveillance is harmful. Existing attempts to identify the
dangers of surveillance are often unconvincing, and they generally fail to speak
in terms that are likely to influence the law. In this Article, I try to explain the
harms of government surveillance. Drawing on law, history, literature, and the
work of scholars in the emerging interdisciplinary field of “surveillance
studies,”• I offer an account of what those harms are and why they matter. I
will move beyond the vagueness of current theories of surveillance to articulate
a more coherent understanding and a more workable approach.

At the level of theory, I will explain why and when surveillance is particularly
dangerous and when it is not. First, surveillance is harmful because it can chill
the exercise of our civil liberties. With respect to civil liberties, consider
surveillance of people when they are thinking, reading, and communicating
with others in order to make up their minds about political and social issues.
Such intellectual surveillance is especially dangerous because it can cause
people not to experiment with new, controversial, or deviant ideas. To protect
our intellectual freedom to think without state over-sight or interference, we
need what I have elsewhere called “intellectual privacy.”• A second special
harm that surveillance poses is its effect on the power dynamic between the
watcher and the watched. This disparity creates the risk of a variety of harms,
such as discrimination, coercion, and the threat of selective enforcement, where
critics of the government can be prosecuted or blackmailed for wrongdoing
unrelated to the purpose of the surveillance.

At a practical level, I propose a set of four principles that should guide the future
development of surveillance law, allowing for a more appropriate balance
between the costs and benefits of government surveillance. First, we must
recognize that surveillance transcends the public/private divide. Public and
private surveillance are simply related parts of the same problem, rather than
wholly discrete. Even if we are ultimately more concerned with government
surveillance, any solution must grapple with the complex relationships between
government and corporate watchers. Second, we must recognize that secret
surveillance is illegitimate and prohibit the creation of any domestic-
surveillance programs whose existence is secret. Third, we should recognize
that total surveillance is illegitimate and reject the idea that it is acceptable for
the government to record all Internet activity without authorization.
Government surveillance of the Internet is a power with the potential for
massive abuse. Like its precursor of telephone wiretapping, it must be subjected
to meaningful judicial process before it is authorized. We should carefully
scrutinize any surveillance that threatens our intellectual privacy. Fourth, we
must recognize that surveillance is harmful. Surveillance menaces intellectual
privacy and increases the risk of blackmail, coercion, and discrimination;
accordingly, we must recognize surveillance as a harm in constitutional
standing doctrine. Explaining the harms of surveillance in a doctrinally
sensitive way is essential if we want to avoid sacrificing our vital civil liberties.
I develop this argument in four steps. In Part I, I show the scope of the problem
of modern “surveillance societies,”• in which individuals are increasingly
monitored by an overlapping and entangled assemblage of government and
corporate watchers. I then develop an account of why this kind of watching is
problematic. Part II shows how surveillance menaces our intellectual privacy
and threatens the development of individual beliefs in ways that are
inconsistent with the basic commitments of democratic societies. Part III
explores how surveillance distorts the power relationships between the watcher
and the watched, enhancing the watcher’s ability to blackmail, coerce, and
discriminate against the people under its scrutiny. Part IV explores the four
principles that I argue should guide the development of surveillance law, to
protect us from the substantial harms of surveillance.