Technology and Privacy: The New Landscape (review)

Technology and Privacy: The New Landscape. Edited by Philip E. Agre and Marc Rotenberg. Cambridge, Mass.: MIT Press, 1997. Pp. vi+323; figures, tables, notes/references, index. $25.

This volume brings together a fine collection of essays exploring the issues of privacy stemming from the great expansion of computer networks, electronic databases, and the internet. Contributors include communication scholars and political scientists, as well as industry researchers, lawyers, and policy analysts.

Three basic messages run through Technology and Privacy. The first is a rejection of any simplistic analysis that sees an inevitable trade-off between technological advancement and the diminution of privacy. Instead, a number of the essays explore the potential for building protective mechanisms for privacy into the technical infrastructure itself. David J. Phillips, for example, offers a useful and accessible overview of cryptography. Herbert Burkert offers an abstract typology of privacy-enhancing technologies that bring the social concern of how to reduce personal data down to the level of system-design considerations (p. 129). Both Victoria Bellotti and Rohan Samarajiva offer more particularized explorations, looking respectively at experiments in multimedia and at an early electronic mall, to see the extent to which, in practice, surveillance may be limited and consensual instead of coercive or unnecessarily extensive. The basic point here, that technology does not necessarily lead to Panoptic surveillance, is not, of course, original to these essays, but several of them do a fine job of illustrating that technology and privacy are not necessarily inimical to one another.

The second and related theme, equally familiar to historians of technology, is that the technical and the social cannot be neatly separated, and, further, that the metaphors and conceptual schemes used by programmers, system-builders, and the public are not mere rhetoric but in fact matter a great deal. In a particularly thoughtful essay, Philip E. Agre looks at the emergence and influence of a specific metaphor: the computer as a mirror of reality. Agre shows how this metaphor tends to blur the difference between representations and reality, treating data records as mirror images of the world, which in turn makes privacy-enhancing technologies more difficult to implement, precisely because the mirror metaphor allows database designers "simply [to] assume that records pertaining to individuals can be traced back to them" (p. 55). Other authors, including Burkert and Phillips, also take an explicitly social-constructionist approach.

The third unifying strand within this set of essays is a focus on social regulation and law. Like technology, legal regulation of privacy rights is seen as neither the problem nor a panacea, but is viewed as offering a set of useful but imperfect tools. One of the volume's strengths is that its focus is not exclusively, or even primarily, American. A number of the essays explore data protection in Europe and Canada and show that the American perspective is the exception. Colin J. Bennett, for example, in an update to his 1992 book on privacy regulation, details the pressures for global convergence, and describes why the United States continues to be one of the few countries without significant data-protection legislation (pp. 113-14).

Overall, the volume is quite successful at providing the reader with a sense of the complexity of the problems of data and privacy protection, and shuns simplistic solutions in favor of more nuanced analysis. The essays, however, fail to provide much guidance on the most interesting and thorny questions: they offer neither a useful framework for analyzing the different components that make up a nebulous concept like privacy nor any moral framework for evaluating what aspects of privacy should be protected or why. To lament these limitations is perhaps unfair; the introduction frankly acknowledges the notorious difficulty of defining the concept of privacy (p. 6). It does, however, lay out two quite distinct approaches to privacy that run through the essays: some authors see privacy as the negotiation of personal boundaries, while others understand it as the regulated and conditional access...