Congress's watchdog, the Government Accountability Office, reviewed US privacy law and found that citizens generally do not have the right to control the scope of information collected about them or limit its use, even when it pertains to their health or their finances. And if the information is incorrect—something you might never find out—there's no US law that requires data aggregators to correct it.
Paul Ohm, a policy advisor to the Federal Trade Commission, calls these immense troves of personal information "databases of ruin." He worries that, over time, these databases will include new waves of data—maybe from your conscious home or location information from commercial sensors—and so become ever more consolidated. Soon, he fears, "these databases will grow to connect every individual to at least one closely guarded secret. This might be a secret about a medical condition, family history, or personal preference. It is a secret that, if revealed, would cause more than embarrassment or shame; it would lead to serious, concrete, devastating harm."
Sooner or later, with smart devices seamlessly using sensors and Big Data provided by data aggregators, it will be possible to pick you out of a crowd and identify you in complex ways in real time. If intelligent surveillance cameras armed with facial recognition technology have access to social media profiles as well as the information stored by data aggregators, a digital dossier of your life could be called up on-demand whenever your face is recognized. Imagine the power retailers and companies will exert over your life if they not only know who you are and where you are, but what your weaknesses are—whether that's booze, cigarettes, or the appealing mortgage rate with the sketchy small print. Are we looking at a future where the car salesman really does know what he has to do to put us in that car?
Big Data is creating the possibility of a far more entrenched, class-based surveillance society that discriminates using our perceived successes and preys on our weaknesses.
The Great Outdoors
Recently, Newark Liberty International Airport upgraded lighting fixtures at one of its terminals to a more eco-friendly alternative known as LEDs. It turns out, however, that energy efficiency wasn't the only benefit of the purchase. The fixtures also double as a surveillance system of cameras and sensors that the Port Authority of New York and New Jersey is using to watch for long lines, identify license plates, and—its officials claim—spot suspicious behavior.
With all the spying going on these days, this may not seem particularly invasive, but don't worry, the manufacturers of such systems are thinking much bigger. "We see outdoor lighting as the perfect infrastructure to build a brand new network," said Hugh Martin, CEO of Sensity Systems, a Sunnyvale, California-based company interested in making lighting smart. "We felt what you'd want to use this network for is to gather information about people and the planet."
Pretty soon, just about anywhere you are, when you look up at that light pole, it is likely to be looking back down at you. Or into your home or car.
Other surveillance technologies are heading for the heavens. Persistent Surveillance Systems has developed a surveillance camera on steroids. When attached to small aircraft, the 192-megapixel cameras record the patterns of the planetary life they fly over for hours at a time. According to the Washington Post, this will give the police and other customers a "time machine" they can simply rewind when they need it. Placed strategically at the highest points of any town or city, these cameras could provide the sort of blanket surveillance that's hard to avoid. The inventor of the camera, a retired Air Force officer, helped create a similar system for the city of Fallujah, the site of two of the most violent battles of the US occupation of Iraq. It's just one example of how wartime surveillance technologies are returning home for "civilian use."
Private surveillance technology is also destroying one of America's iconic freedoms: the open road. License plate readers are proliferating across America. These devices snap a picture of every passing car. One company, Vigilant Solutions, already holds 1.8 billion license plate records in its data warehouse, known as the National Vehicle Location Service (NVLS). Anyone with access to this information could easily find out where a person has driven simply by connecting the plate to the car owner. And keep in mind that it's up to the companies gathering them to determine just who can access the information—data of immense interest to private investigators and anyone else curious to track another person's movements.
Like many businesses that trade in Big Data or construct massive databases, Vigilant is in regular contact with government agencies craving access to its meaty stores of information.
If You Build It, They Will Come
In February, the Department of Homeland Security's Immigration and Customs Enforcement (ICE) put out a solicitation to obtain access to a private license plate reader database for the purpose of "locating criminal aliens and absconders." ICE claims that it wants to enhance officer safety by making it easier to arrest suspects away from their homes. When the mainstream media took notice and privacy advocates like the ACLU objected, new Homeland Security Secretary Jeh Johnson pulled the plug on the project.
A big win? Don't count on it, because police departments already have easy access to commercial license plate repositories. In the past, Vigilant has, for instance, allowed ICE to test its service free of charge. Police often pony up the cash to access such databases. As a quick experiment, go to Vigilant's NVLS registration page, click on the drop-down menu beside "Agency name," and scroll down. Trust us, you'll get bored by the staggering list of police departments before you reach the bottom.
Which brings us to an axiom of our digital age: law enforcement will exploit any database built, if it makes it easier to figure out what the rest of us are up to. Lucky for them, there's a wealth of data out there and available. Experian, one of the largest data aggregators, told the Senate Commerce Committee that "government agencies" regularly purchase information from them.
Often, those agencies don't even have to pay for the privilege of accessing our data. In many cases, such an agency can simply issue its own subpoena (not seen by a judge) and compel companies to turn over our sensitive data. The culprit here is known as the "third party doctrine," which some courts have aggressively (and wrongly) interpreted to mean that any information disclosed to a third party isn't really private.
The danger of the rise of Big Data and the Internet of Things is straightforward enough. Whenever data is perpetually generated, collected, and stored, the result is going to be a virtual ATM of user information that government agencies can withdraw from with ease. Last year, for instance, local, state, and federal authorities issued 164,000 subpoenas to Verizon and more than 248,000 subpoenas to AT&T for user information, while issuing nearly 7,500 subpoenas to Google during the first half of 2013.
The Internet of Things means that, soon enough, the authorities will have yet more ways to learn yet more about us.
Big Data, Little Democracy?
Here are two obvious questions for our surveillance future: Who controls the data generated by our devices? Without doing anything except buying and installing them, do we somehow consent to having every piece of data they generate shared with Big Business and sometimes Big Brother? No one should have to isolate themselves from society and technology in the ascetic mold of Henry David Thoreau—or more ominously, Ted Kaczynski—to have some semblance of privacy.
In the future, even going all Jeremiah Johnson might not have the effect intended, since law enforcement could interpret your lack of a solid digital footprint as inherently suspicious. This would be like a police officer growing suspicious of a home just because it was all dark and locked up tight.
When everything is increasingly tracked and viewed through the lens of technological omniscience, what will the effect be on dissent and protest? Will security companies with risk assessment software troll through our data and crunch it to identify people they believe have the propensity to become criminals or troublemakers—and then share that with law enforcement? (Something like it already seems to be happening in Chicago, where police are using computer analytic programs to identify people at a greater risk of violent behavior.)
There's simply no way to forecast how these immense powers—disproportionately accumulating in the hands of corporations seeking financial advantage and governments craving ever more control—will be used. Chances are Big Data and the Internet of Things will make it harder for us to control our own lives, as we grow increasingly transparent to powerful corporations and government institutions that are becoming more opaque to us.
Catherine Crump is a staff attorney with the ACLU's Speech, Privacy, and Technology Project. She is a non-residential fellow with the Stanford Center for Internet and Society and an adjunct professor of clinical law at NYU. Her principle focus is representing individuals challenging the lawfulness of government surveillance programs. Follow her on Twitter at @CatherineNCrump.
Matthew Harwood is senior writer/editor with the ACLU. A TomDispatch regular, his work has been published by Al-Jazeera America, the American Conservative, the Columbia Journalism Review, the Guardian, Guernica, Reason, Salon, Truthout, and the Washington Monthly. He also regularly reviews books for the Future of Freedom Foundation. Follow him on Twitter at @mharwood31.
Follow TomDispatch on Twitter and join us on Facebook and Tumblr. Check out the newest Dispatch Book, Ann Jones's They Were Soldiers: How the Wounded Return From America's Wars—The Untold Story.To stay on top of important articles like these, sign up to receive the latest updates from TomDispatch.com here.