Privacy vs transparency
After the Snowden affair, the rise of social media and the sharing economy, some corporations and governments would like us to believe that ‘privacy is dead’. Privacy should not and cannot be dead as that would mean that security is also dead. It is technically impossible to construct a secure information system without privacy as a precondition. And, conversely, it is impossible to guarantee privacy without security as a precondition.
The right to privacy has been articulated in international law and in some national laws. The right to transparency – freedom of information – while unavailable in international law has increasingly become encoded in national laws as a means of holding governments to account and tackling the imbalance of power between states and citizens.
Independent and autonomous transparency regulators have been established. Corporations as well as state bodies are required to be more open. India’s 2013 Companies Act, for example, requires transparency from the private sector. Accompanying the rise of open data has been the growth of the Open Access and the citizen science movement.
There is no public interest in reducing privacy for the powerless – but huge benefits in increasing transparency of the powerful
So the question is: are these two rights – the right to transparency and the right to privacy – incompatible? Do we have to sacrifi ce one right to enforce the other? Unfortunately, many privacy and transparency activists think this is the case.
I suggest that these rights are completely compatible if you address the question of power. These rights do not have to be balanced against one another. Privacy protections must be inversely proportionate to power and, as Julian Assange says, transparency requirements should be directly proportionate to power.1
In most privacy laws, the public interest is an exception to privacy. If public interest is being undermined, then an individual’s privacy can be infringed upon by the state, by researchers, by the media, and so on. In transparency law, if the privacy of an individual could be infringed, transparency would not be required unless it is in the public interest. In other words, the ‘public interest’ test allows us to use privacy law and transparency law to address power asymmetries rather than exacerbate them.
Around 10 years ago, the transparency movement gave birth to the open government data movement. The tension between privacy and transparency is most clearly seen here. The open government data movement in some parts of the world is dominated by ahistorical and apolitical technologists, and some of them seem intent on reinventing the wheel. In India, ever since the enactment of the Right to Information Act 2003, every year around 30 transparency activists are either killed, beaten or criminally intimidated. This figure is from media coverage alone. Many more suffer in silence. Transparency is without a doubt one of the most dangerous sectors within Indian civil society that you could choose to work in. In contrast, not a single open data activist has ever been killed, beaten or criminally intimidated. I suspect this is because open data activists do not sufficiently challenge power hierarchies.
When a traditional transparency activist asks a question, that is usually enough to get them into trouble. When an open data activist publishes an answer – a dataset nicely scrubbed and machine readable, or a visualization, or a tool – they are often frustrated because nobody seems interested in using it. Often even the activist is unclear what the question is. This is because open data activists work where data is available and are obsessed with big datasets, which are easier to find at the bottom of the pyramid. They seem obsessed only with tools and technologies, rather than power asymmetries and injustices.
Finally, a case study to make my argument easier to understand. Aadhaar or UID is India’s ambitious centralized biometric identity and authentication management system. In its current avatar, the Aadhaar project hopes to assign biometric-based identities to all citizens. The hope is that corruption within India’s massive subsidy programmes will be reduced. This, in my view, might marginally reduce retail corruption at the bottom of the pyramid. It will do nothing to address wholesale corruption that occurs as subsidies travel from the top to the bottom of the pyramid.
I have advocated over the last two years that we should abandon trying to issue biometric identities to all citizens to make them more transparent to the state. Let us instead issue Aadhaar numbers to all politicians and bureaucrats and make the state more transparent to citizens. There is no public interest in reducing privacy for ordinary citizens – the powerless – but there are huge public interest benefits to be secured by increasing transparency of politicians and bureaucrats, who are the powerful.
The Indian government recently introduced a biometric-based attendance system for all bureaucrats and a portal that allows Indian citizens to track if their bureaucrats are arriving late or leaving early. This unfortunately is just bean counting – being corrupt and being punctual are not mutually exclusive. What bureaucrats do in office, who they meet, and which documents they process, is more important.
Instead of primarily going after small-ticket corruption at the bottom of the pyramid, maximization of public interest requires us to focus on the top. For example: constructing a digital signature based on audit trails that track all funds and subsidies as they move up and down the pyramid. These audit trails must be made public so that ordinary villagers can be supported by open data activists, journalists and others.
I hope open data activists, data scientists, and big data experts will draw inspiration from the transparency movement in India. I hope they will turn their attention to power, examine power asymmetries and then ask how the Aadhaar project can be leveraged to make India more rather than less equal.