That led me to wonder why it is that we're so accepting of the contemporary surveillance regime, and unquestioning of any further encroachments it might make on our privacy rights. I thought back to the diagram with the four overlapping "modalities," and it occurred to me that no account was taken of how they evolve and are in flux with one another. Instead, it depicted a static equilibrium for the sake of explanatory power. What I see happening, especially in the context of the third-party doctrine taking effect on cyberspace, is that our laws and norms alike haven't adapted to keep sufficient pace with modern technology. More disturbingly, and this is what I'll take up in the remainder of the post, we have idly stood by as norms too often take the backseat to laws.
Ideally, norms and laws should be in communication with--and responsive to--each other. But that is a far cry from what we've seen in much of the case law authorizing pen registers, wiretapping, and other invasive measures. In the two-part Katz test used in Smith v. Maryland, the second criterion is that "society" be prepared to recognize the individual's expectation of privacy as "reasonable." This is circular and self-justifying reasoning, with the effect of codifying a norm where none yet exists. Granted, part of the function of laws is to give rise to norms when appropriate. However, it seems presumptuous in Smith, when justifying the seizure of dialed numbers, to invoke a norm that hasn't been time-tested.
The CNET article, about the government's dubious collusion with mobile phone companies in pinpointing bank robbers, does speak to the question of whether laws precede norms, or vice versa. But these so-called norms, as the article acknowledges implicitly, are less the product of public opinion than of Hollywood prophecy.
Despite the prevalence nowadays of government-sanctioned monitoring as a trope in popular culture, my guess is that most Americans either fail or don't care to apprehend the extent to which their privacy is truly at stake, especially on the Internet. Such apathy is largely due to the idea that if you aren't a wrongdoer, there isn't any need to worry about your sensitive information being compromised. Then again, one troubling implication of the Pen Register Act, which risks being construed as applying wholesale to online correspondence, is that your information may still be gathered even if it's tangential to an investigation.
So far I've talked about the failure of privacy-protective norms to take root organically. This may be because the courts have determined what they are preemptively, or because the public hasn't bothered to suss them out. Where norms have cropped up, by contrast, is in the procedural side of things. It's extremely disturbing to me that some 59% of all wiretap orders are granted in just 8% of the states, indicating the onset of a norm of investigation when in doubt, and only 20% of the communications collected ultimately prove of use to investigators.
What I would like to see, down the road, is not merely transparency but also accountability for the results of this information-gathering. Before this loathsome practice gets out of hand, as the escalating numbers on the state level do suggest, a countervailing norm should be set up that deters the authorities from carrying it out except when necessary. One possibility for dis-incentivizing is to compensate those individuals who have been surveilled wrongfully. (Contrast this with the status quo dating back to the Patriot Act's revision of the SCA, providing for civil action against "willful" damages, yet also putting the onus on the affected individual). Or, to a lesser extreme, penalties could be handed down to those agencies with low success rates.
If society is ill-equipped or unwilling to assert, by way of norms, a "reasonable" expectation to privacy, then I'm in favor of burdening the authorities who, by way of law, are chipping away at that expectation without the society even realizing it.
I think you've identified an interesting issue in the relationship between law and norms. Should the law simply reflect current norms, or should it shape them? How do we deal with the lag time it takes for norms to be established around new technologies? What should courts do in the meantime?
ReplyDeleteWith respect to wiretapping, I want to push back a bit on your suggestion that the state-level statistics of "useful" vs. non-useful information collected. How are police supposed to know a conversation is relevant to their investigation without listening to at least part of it? Much of the "non-useful" air time might be the sum of the first thirty seconds of lots of non-relevant conversations. How can we prohibit the police from listening to the beginning of non-relevant conversations without making wiretapping (a useful investigatory technique for law enforcement) completely impossible? Do you have a solution?