I. Identifying the Problem: Privacy as a Justice Issue
"The Right to Privacy," Louis Brandeis and Samuel Warren -- often called one of the most famous pieces of American jurisprudence
...the protection afforded to thoughts, sentiments, and emotions, expressed through the medium of writing or of the arts, so far as it consists in preventing publication, is merely an instance of the enforcement of the more general right of the individual to be let alone. It is like the right not to be assaulted or beaten, the right not to be imprisoned, the right not to be maliciously prosecuted, the right not to be defamed. (14)
"Be Paranoid About Privacy," Kara Swisher for NYT (link)
We’re digitally sloppy, even if it can be very dangerous, as evidenced by a disturbing New York Times story this week about an Emirati secure messaging app called ToTok, which is used by millions across the Middle East and has also recently become one of the most downloaded in the United States.
The name was obviously used to place the app adjacent to the hugely popular TikTok, already under scrutiny by American officials because of its Chinese origins and possible link to the Beijing government. In the case of ToTok, according to the Times report, it turns out that it is a spy tool “used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.”
...
“You don’t need to hack people to spy on them if you can get people to willingly download this app to their phone,” Patrick Ward, who did a forensic analysis for the Times, said in the report. “By uploading contacts, video chats, location, what more intelligence do you need?”
Indeed, anyone who wants to spy needs very little, as all of us continue availing ourselves to tech’s many wonders while promiscuously shedding our data.
That much was clear in the eye-opening investigation of smartphones by Times Opinion last week called “One Nation, Tracked.” The Opinion report was even more dire than the ToTok story: One dataset of 12 million phones with 50 billion location pings from a basic location-data company showed clearly that there is no such thing as privacy. At all. Ever. Not on the beaches of Southern California, not at the Pentagon, not at the White House.
“Now, as the decade ends, tens of millions of Americans, including many children, find themselves carrying spies in their pockets during the day and leaving them beside their beds at night — even though the corporations that control their data are far less accountable than the government would be,” noted the report, which included a look at how to track President Trump, the citizens of Pasadena and protesters in Hong Kong, as well as how to try to stop it all. This is what freaked me out enough to go back and tighten the security on my own phone.
Yes, it’s up to us to protect ourselves, since there are no federal laws that actually do it...
Algorithms of Oppression, Safiya Umoja Noble
This book is about the power of algorithms in the age of neoliberalism and the ways those digital decisions reinforce oppressive social relationships and enact new modes of racial profiling, which I have termed technological redlining. By making visible the ways that capital, race, and gender are factors in creating unequal conditions, I am bringing light to various forms of technological redlining that are on the rise. The near- ubiquitous use of algorithmically driven software, both visible and invisible to everyday people, demands a closer inspection of what values are prioritized in such automated decision- making systems. Typically, the practice of redlining has been most often used in real estate and banking circles, creating and deepening inequalities by race, such that, for example, people of color are more likely to pay higher interest rates or premiums just because they are Black or Latino, especially if they live in low- income neighborhoods. On the Internet and in our everyday uses of technology, discrimination is also embedded in computer code and, increasingly, in artificial intelligence technologies that we are reliant on, by choice or not. I believe that artificial intelligence will become a major human rights issue in the twenty- first century. We are only beginning to understand the long- term consequences of these decision- making tools in both masking and deepening social inequality. This book is just the start of trying to make these consequences visible. (1)
[After discussing widely-known incidents of algorithms that associated black people with apes and returned pornographic results for the search "black girls."]
These human and machine errors are not without consequence, and there are several cases that demonstrate how racism and sexism are part of the architecture and language of technology, an issue that needs attention and remediation. In many ways, these cases that I present are specific to the lives and experiences of Black women and girls, people largely understudied by scholars, who remain ever precarious, despite our living in the age of Oprah and Beyoncé in Shondaland. The implications of such marginalization are profound. The insights about sexist or racist biases that I convey here are important because information organizations, from libraries to schools and universities to governmental agencies, are increasingly reliant on or being displaced by a variety of web- based “tools” as if there are no political, social, or economic consequences of doing so. We need to imagine new possibilities in the area of information access and knowledge generation, particularly as headlines about “racist algorithms” continue to surface in the media with limited discussion and analysis beyond the superficial. (9)
[A comment: privacy and algorithmic discrimination are intimately connected; search algorithms, for example, use our behavior online to guess what we would like to see, and the power of Google as an advertising agent lies in the fact that they can prove to companies that we do actually follow their advertisement links.]
II. Classical Halachic Treatments of Privacy: A Unifying Thread Across Denominations
Most classical answers to the questions of privacy and data-sharing are based on two sources: on the cherem of Rabbeinu Gershom prohibiting opening another person's mail and on the laws of proper speech (most famously espoused by the Chofetz Chaim.) Let's review the reasoning that various rabbinic thinkers have given on these issues. We will then discuss: are these arguments applicable to contemporary data-sharing and privacy issues?
From Halachically Speaking, a newsletter by Rabbi Moishe Dovid Lebovits (link):
"Reading Mail even without the cherem of Rabbeinu Gershom"
Aside from the above cherem of Rabbeinu Gershom there is another reason not to read someone else’s personal letters etc. The Gemorah in Berochos says when one wants to say an eitzah [counsel] he should do so in the field. Rashi says because “the walls have ears.” This is learned from the posuk which says when Yaakov wanted to speak in private with his wives he said they should go to the field [in order that their brother Lavan should not hear]. In addition the Gemorah in Mesechtas Bava Basra says the Yiddin in the desert did not have the entrance of the tents facing each other so one would not see what is doing by his neighbor, and therefore the Shechina was present there.
Based on this it would seem that reading someone else’s mail should not be allowed since this is a private matter. In addition the Gemorah in Yoma says we know that one should not repeat something which was told to him until he is given permission. As we see from Hashem who spoke to Moshe Rabbeinu in the Ohel Moed and he said “le’omar” which means “lo omer” not to say. This is brought down in halacha as well.
Therefore, one is not permitted to say something which a friend told him unless he is given permission from his friend to do so (if it is not an issue of loshon hara).
Some say if the information was said publicy where other people can hear then it would depend on a number of halachic factors regarding hilchos loshon hara if one can say it over. The above regarding not revealing information was said when one was told the information in private. Furthermore, the Chofetz Chaim says if one is told something he is not allowed to reveal the secret since it will cause damage to the one who said the secret to him. Based on the above, it would seem one is not allowed to read someone else’s mail if it is something which is private. As mentioned above, this is aside from the cherem of Rabbeinu Gershom. In addition, if one announces “do not listen to my conversation” although it may not apply if he is talking in public still one should not listen due to the mitzvah to “v’ohavta l’rieacha k’mocha.”
And now, an opinion from the Conservative movement.
"Computer Privacy and the Modern Workplace," Teshuvah, Dorff and Spitz (link).
Question: Are there conditions under which a business may disclose information it gleans from a customer's use of its web-site or registration form?
Psak:
In order to comply with Jewish law, a business may disclose information to a third party gleaned from individuals' registration forms or their use of its web-site only if the consumer provided informed consent with an opt-in declaration to the gathering and specific use of the information. In addition, a company has a duty to provide a consumer with access to the private information it collects about him or her and to provide an easily usable means to correct inaccurate information, thereby protecting the consumer against the use of false and harmful information. The presumption of privacy protection is rebutted by a legitimate communal need, such as the duty to testify in a court case, the duty to assist law enforcement agencies in investigating a crime, and even the duty to prevent a potentially harmful relationship under the conditions delineated by the Hafetz Hayyim, as described above. Informed consent for disclosure helps assure greater control over the private facts in our lives, a control that offers us greater dignity and the opportunity to lead holy lives.
A Reform opinion: "The Internet, Privacy, and Progressive Halachah" by Mark Washofsky, from the book The Internet Revolution and Jewish Law, Ed. Walter Jacob. I recommend this book to anyone interested in a broad and very well-written overview of secular privacy law, as well as related Halachah. See also Rakover, "Privacy in Jewish Law," which Washofsky uses as a basis for many of his legal claims.
At any rate, Rakover’s treatment of privacy strikes me as an example of a “progressive” reading of the halakhic literature, and my goal here is simply to argue for an adjustment in his theoretical structure. Specifically, where he cites four fundamental principles as the basis for his claim of a general halakhic value of privacy, I would reduce that number to one: k’vod hab’riyot, or “human dignity.” I do this for two reasons. First, in my view, k’vod hab’riyot takes logical precedence over the other principles that Rakover invokes. A substantive conception of the dignity of the individual human being is a necessary theoretical precondition for those principles. The affirmation of k’vod hab’riyot provides sense and purpose to them; it explains why we should love our fellow human beings, treat them with respect, and avoid deceit and duplicity in our dealings with them. One could respond, with no little justice, that the principle b’tzelem elohim, “humans are created in the divine image,” would serve the same end. There is indeed a significant conceptual overlap between b’tzelem elohim and human dignity. It has even been suggested that k’vod hab’riyot is simply the Rabbinic restatement of the Torah’s doctrine that mankind is fashioned in the image of God. This brings me to my second reason for favoring “human dignity” as the central principle undergirding the privacy value: k’vod hab’riyot is a legal as well as a moral principle. While b’tzelem elohim, along with Rakover’s other principles, occurs in the Rabbinic and [104] philosophical literature primarily agadic or doctrinal contexts, “human dignity” serves as a source for practical legal decision (halakhah l’ma`aseh). For example, the Sages suggest that some of the Torah’s commandments are based upon this principle. More to the point, they bequeath to us the classic maxim gadol k’vod hab’riyot, “Great is human dignity, on account of which a negative precept of the Torah may be set aside,” which in its literal reading suggests a potent halakhic reach. The tradition, to be sure, seeks to limit the potentially radical implications of this maxim: concern for “human dignity” can override a Rabbinic prohibition but not a Toraitic one. (35)
Here is an example of a classical argument for privacy in Jewish law.
תא שמע החלונות בין מלמעלה בין מלמטה ובין מכנגדן ד' אמות ותני עלה מלמעלן כדי שלא יציץ ויראה מלמטן כדי שלא יעמוד ויראה מכנגדן כדי שלא יאפיל הזיקא דבית שאני
The Gemara further suggests: Come and hear another proof that damage caused by sight is called damage from what is taught in a mishna (22a): One who desires to build a wall opposite the windows of a neighbor’s house must distance the wall four cubits from the windows, whether above, below, or opposite. And a baraita is taught with regard to that mishna: Concerning the requirement of a distance above, the wall must be high enough so that one cannot peer into the window and see into the window; concerning the requirement of a distance below, the wall must be low so that he will not be able to stand on top of it and see into the window; and concerning the requirement of a distance opposite, one must distance the wall from the windows so that it will not darken his neighbor’s house by blocking the light that enters the house through the window. This indicates that there is a concern about the damage caused by exposure to the gaze of others. The Gemara rejects this argument: The damage of being exposed to the sight of others while in one’s own house is different, as people engage in activities in their homes that they do not want others to see. By contrast, a courtyard is out in the open and it is possible that the residents are indifferent to being observed.
More examples of classical arguments: tzniut, eruv (private-public dilineations).
III. Some New Approaches
Problem: Many of these standard answers miss much of the contemporary situation, in which we voluntarily exchange our data for services. I log onto Youtube, and I'm not being spied upon -- I choose to exchange my data for services.
As Warshofsky writes: "Any cogent and coherent halakhic discussion of privacy in the age of the Internet will accordingly have to advance beyond the conceptual boundaries that have heretofore defined the subject. The current halakhic discourse on privacy, much like that in Western law, speaks mostly to the protection of the individual from damage caused by others invading his personal realm. The new discussion of which I speak will have to focus upon protecting the individual from the damage that he brings upon himself. It will have to acknowledge that we will not make much headway in protecting our Internet privacy from the unwanted attention of others without first addressing our own conduct. And here is where it really does help to be Jewish, for the very same fundamental principles that lie at the base of the traditional halakhic discourse on privacy also provide us with the intellectual resources needed to frame an adequate response for the challenge of our time." (60)
He proposes Tzniut and Kavod Habriyut as two principles that might "save us from ourselves," but even these solutions leave a lot to be desired because they barely touch upon data monetization, the very foundation of the information economy. We need a stronger halachic idea of privacy that seriously considers data as an economic good. Let me say this in another way: All of these sources (even Warshofsky's writings) deal only with the "l'chatchilah" halachah -- how do we treat privacy in an ideal situation? But given the real world and its information economy, we need to develop halachah with the assumption that private information is being monetized.
Two important points that we should remember when we take this starting point are:
1. data is not as anonymous as we are led to believe (NYTimes on location tracking), and
2. it is very difficult for the average person to know exactly what they're signing up for when they exchange their data.
Here's a text that reflects on this issue of ignorance: when I log onto facebook, I don't really know what and who will have access to my data. This text seems to assert that actions that we do by force of habit (in our case, checking "I have read the privacy policy") aren't the same as actions we do explicitly and with total intent.
There are those who say that the incident transpired a bit differently. There was a certain individual who said to another: I counted for you and gave you one hundred dinars as a loan alongside this column. The other person said to him in response: I never passed alongside this column. Witnesses emerged and testified concerning him that he urinated alongside this column. Rav Naḥman said: He assumes the presumptive status of a denier of the truth, as the witnesses contradicted his claim. Rava said to Rav Naḥman: There is no proof from here that he assumes the presumptive status of a denier, as any matter that is not incumbent upon a person to remember, he performs it and it is not on his mind. Therefore, when he denied ever passing alongside the column, it was because there was never any reason for him to remember that he had been there.
Data as a loan: Since it is likely that you would request that facebook delete your data after you are finished on the platform, your data might be considered a loan in this case. In the following halachic interpretation, facebook is not allowed to benefit via so-called uncertain interest -- where one has sold something but is likely to return it.