Why We Need a Digital Bill of Rights.
The Problem we face today.
As it stands the institutions that have the most significant control over the free exercise of speech are private entities that hold minimal obligations regarding the protection of privacy and assurance of equal access. This problem represents a clear hurdle in the fight for the maintenance of our civil liberties. As it stands, the American people are living in a climate with far less privacy than our founding fathers fought to guarantee to future generations, and in my opinion, we should not allow ourselves to go back any further. We put privacy protections in place for good reasons; without privacy political challengers and oppressed minorities are at an increased risk of harassment from the state and systemic exclusion from the public. Since new technology has made this an ongoing problem, we must act now to restore our right to privacy in the digital age.
We know that government agencies have already asked for tools from Apple to unlock anyone's iPhone. We know that law enforcement agencies like ICE have used Facebook to target activists. We know that the NSA has tracked the calls of countless Americans without a warrant. When you consider the fact that growing technology of smart homes and personal assistants are logging all the minutiae of daily life, it seems inevitable that without intervention this technology will be used by governments to invade the privacy of even our most intimate moments. While tracking the minute by minute location of any and every individual in the country may seem like an unreasonable violation of privacy, as it stands our courts have done very little to acknowledge that seemingly obvious fact.
What we can do to protect privacy moving forward.
There are several primary standards by which I believe we should guarantee the right to digital privacy. The first is to assure that Americans have a right to their data with "destructive control with reasonable expediency." Meaning that individuals would be able to see and selectively destroy all data that is collected about them by any private institution, and the destruction would be irreversible, such that even the private entity could not reconstruct the data.
The next standard is the "best efforts implementation of data privacy and security standards."Meaning that institutions are using proven methods with the assistance of professionals to ensure that data is maintained private through effective use of encryption standards and that access is controlled securely.
We also need to maintain that people have "reasonable anonymity in aggregate data." No person should be identifiable from narrowing down a set of aggregated data. This may mean some datasets cannot be narrowed down to anything more specific than 1000 possible individuals. For other datasets, it may mean just a handful of individuals with unique characteristics. Ultimately there should always be a reasonable doubt as to who might be in any particular dataset.
Lastly, we need to address the sharing of data with 3rd parties. A standard of "explicit individual consent" should be applied to guarantee that no data is shared directly with any institution without the explicit consent from the individual, for every individual institution with which the data will be shared. Without this, data could be broadly distributed, and the other protections would be null.
By taking these steps to contain the way private companies use and share your data, we can prevent the exposure of your personal information to government agencies without a warrant. While this is not all inclusive, I offer this as a starting point to introduce the idea that we should develop a new bill of rights for the digital age, so that our constitution can continue to maintain the level of privacy that previous generations have had, or at very least, so we won't slip backward any further.