|
Article Excerpt
Abstract. This paper discusses privacy and the monitoring of e-mail in the context of the international nature of the modern world. Its three main aims are: (1) to highlight the problems involved in discussing an essentially philosophical question within a legal framework, and thus to show that providing purely legal answers to an ethical question is an inadequate approach to the problem of privacy on the Internet; (2) to discuss and define what privacy in the medium of the Internet actually is; and (3) to apply a globally acceptable ethical approach of international human rights to the problem of privacy on the Internet, and thus to answer the question of what is and is not morally permissible in this area, especially in light of recent heightened concerns about terrorist activities. It concludes that the monitoring of e-mail is, at least in the vast majority of cases, an unjustified infringement of the right to privacy, even if this monitoring is only aimed at preventing the commission of acts of terrorism.
Key words: E-mail, International Bill of Rights, Justified Infringement of Rights, law enforcement, right to privacy, terrorism, Universal Declaration of Human Rights
Introduction
The rapid growth of the Internet as a tool of trade, research, and entertainment has led to a good deal of discussion about the impact of this widespread use of computers on people's privacy. Governmental responses to recent acts of terrorism in Western democracies, particularly responses that seem to limit or impose on the rights of citizens of these countries, have only served to intensify that discussion. Much of the discussion of privacy on the Internet has focussed on legal conceptions of what the right to privacy might entail, and thus deals primarily with the issue of what legal protection users of the Internet (particularly American users of the Internet) might be entitled to.
Such an approach seems to me to be somewhat wrong-headed, and so in this paper I want to look at this problem in a different way. I hope to achieve three main aims: (1) to highlight the problems involved in discussing an essentially philosophical question within a legal framework, and thus to show that providing purely legal answers to an ethical question is an inadequate approach to the problem of privacy on the Internet; (2) to discuss what privacy in the medium of the Internet actually is; and finally (3) to attempt to apply a globally acceptable ethical approach to the problem of privacy on the Internet, and thus to answer the question of what is and is not morally permissible in this area.
I should make it clear from the start that the entire issue of privacy on the Internet is a broad one, and so I expect the points that I make in this discussion will apply to a wide range of Internet practices. However, in this discussion I wish to pay special attention to the ways in which the right to privacy may be infringed during the transmission of e-mail; most notably through the monitoring of email by employers, and through the interception of e-mail by law enforcement agencies, particularly as a response to threats of terrorism.
The legal approach to privacy on the Internet
In investigating the issue of privacy on the Internet, one common approach has been to focus on legal principles that apply in certain situations in the real world, and then to attempt to apply these same principles to the virtual world. While some of these discussions have focussed purely on legal issues that may arise out of apparent breaches of privacy on the Internet, others have attempted to draw ethical conclusions out of the legal principles that are examined.
An example of this is the work of Robert McArthur, who has taken the concept of "reasonable expectation of privacy" from the real world, and then used this principle to examine two forms of Internet activity; browsing the World Wide Web, and sending and receiving e-mail. (1) McArthur suggests that there are two essential principles against which any apparent breach of privacy in the real world must be judged, and if either one of these two principles apply, then there has been no legal breach of privacy. McArthur calls these the "Mischance Principle" and the "Voluntary Principle".
The Mischance Principle -- we cannot reasonably expect to maintain
privacy over that which another person could discover, overhear, or
come to know without concerted effort on his/her part to obtain this
information. (2)
The Voluntary Principle -- If I choose to decrease the relative amount
of privacy for myself and information under my control by exposing it
to view, I thereby decrease the reasonableness of any expectation that
this privacy will be observed. (3)
In his discussion of browsing the World Wide Web, McArthur suggests that since it is now widely known that the one's web browsing history can be tracked through the use of cookies and other software, browsing the World Wide Web is essentially a public activity, and thus falls foul of the Voluntary Principle. Unless I take specific measures to conceal my identity or to block the tracking software, then I have chosen to reveal this information about myself. Thus it is, according to McArthur, unreasonable to expect privacy in this domain and it is not a breach of my privacy for someone to collect this click-stream data.
In his discussion of sending and receiving e-mail, McArthur suggests that it is common knowledge that this medium of communication is not secure. As evidence of this he points to the fact that many major companies have put in place programs to monitor their employees' e-mail, (4) that many e-mail messages are erroneously intercepted by the technology that is employed by law enforcement agencies to intercept the e-mail of suspected criminals, (5) that backup tapes that may contain e-mails are not securely stored, and so on. McArthur again draws on the Voluntary Principle to assert that it is unreasonable to expect privacy in e-mail; if I entrust material to an e-mail while knowing that the global e-mail system is not secure, then I have chosen to reveal this information, and my privacy has not been breached if the material in that e-mail becomes public.
McArthur's assertions about what is and is not legal in regard to privacy in the use of computers can be criticised on several grounds. Take, for example, McArthur's suggestion that it is common knowledge that e-mail is not a secure medium of communication. While it may be the case that some (perhaps even many) people who communicate by e-mail are aware that this medium of communication is not fully secure, one might question whether this really counts as 'common knowledge'. It could also be argued that many methods of communication are not fully secure; mail can be intercepted and opened, telephones can be tapped, conversations can be monitored with listening devices, and so on. It is usually the case that any interception of such communications is considered to be a breach of privacy, and requires legal justification. If intercepting and reading someone's mail is considered to be a breach of privacy, then there would seem to be at least prima facie reason to believe that intercepting and reading someone's e-mail would also be a breach of privacy.
McArthur's claims about the lack of privacy in e-mail also seem to ignore one of the principles that he himself quotes. The Mischance Principle suggests that my privacy has not been breached if another person could come to know that information without concerted effort on their part. Yet intercepting and reading e-mail seems to be something that does actually require concerted effort, especially in the case of law enforcement agencies attempting to intercept the e-mails of suspected criminals. If it is only as a result of concerted effort that another person comes to...
|
