Wednesday, January 11, 2006

Privacy: Variations on the Theme of Liberty

I have noted elsewhere that the mainstream media seem to have missed an opportunity to declare a "privacy crisis." Nevertheless, there is in the air (so to speak) a quasi-hysterical view that privacy is the be-all and end-all of existence -- above and beyond life, liberty, and the pursuit of happiness. It is past time for a balanced view of privacy. Thus this post.

I begin by addressing privacy as a right. I then turn to private-sector issues, namely, identity theft and the use of personal information by businesses. In the next substantive portion of this post I address privacy vis-a-vis government, disposing quickly of the national ID card to focus on warrantless "eavesdropping" and data-mining. I then offer a brief summary and conclusion.

IS PRIVACY AN ABSOLUTE RIGHT?

Privacy in the Law

Privacy is one among many values that liberty should serve. An individual's desire for privacy is as legitimate as a desire for, say, a Lamborghini, a full head of hair, and perpetual youth. Seriously, privacy is a legitimate pursuit, yet (like a Lamborghini) it cannot an absolute right. For -- as I have argued elsewhere -- if privacy were an absolute right, it would be possible to get away with murder in one's home simply by committing murder there. In fact, if there are any absolute rights, privacy certainly isn't one of them. Privacy really is a bargain that individuals strike with the rest of the world. We cannot act in the world without ceding some privacy, so the question is how to decide when the bargain we are being asked to strike is a good one or a bad one, given the benefits and risks of ceding some privacy.

You may now ask: "What about the Constitution, the Bill of Rights, and all of that?" Read the Constitution and Bill of Rights and you will find that there is nothing about privacy in them. The Fourth and Fifth Amendments come closest to being "privacy" amendments, but they're really about due process of law. The vaunted Ninth Amendment doesn't protect an unemurated privacy right. Rather, as I explained here, in drafting the Ninth Amendment Madison had in mind no particular unenumerated rights:
It is clear from its text and from Madison's statement [upon presenting the Bill of Rights to the House of Representatives] that the [Ninth] Amendment states but a rule of construction, making clear that a Bill of Rights might not by implication be taken to increase the powers of the national government in areas not enumerated, and that it does not contain within itself any guarantee of a right or a proscription of an infringement.
Thomas McAffee, writing about the Ninth Amendment in The Heritage Guide to the Constitution (pp. 366-71), comes to the same conclusion:
. . . Madison . . . affirmed that the reason for the Ninth Amendment was not to expand the power of the Court to find new rights, but rather to restrict the ability of the Court to expand the legislative powers of Congress. Madison continued to maintain that that was the central meaning of the Ninth Amendment throughout his life, and his interpretation was seconded by most commentators of the time.
There is neverthess a notion that the Fourteenth Amendment guarantees privacy as a matter of substantive due process. As I have explained, however, substantive due process protects constitutionally guaranteed rights (e.g., liberty of contract). It does not protect imaginary rights, such as the non-existent general right to privacy.

The notion of a general right to privacy is a fairly recent invention of the Supreme Court. It was conjured to serve the Court's legislative agenda in Griswold v. Connecticut (overturning a Connecticut law that banned the sale of contraceptives) and Roe v. Wade (overturning a Texas anti-abortion law). But, as I wrote here,
the Roe v. Wade majority acknowledged that abortion is not even an unenumerated right. It then manufactured from specified procedural rights enumerated in the Bill of Rights -- rights which are totally unrelated to abortion -- and from strained precedents involving "penumbras" and "emanations," a general right to privacy in order to find a "privacy" right to abortion. . . .

It is therefore unsurprising that the majority in Roe v. Wade could not decide whether the general privacy right is located in the Ninth Amendment or the Fourteenth Amendment. Neither amendment, of course, is the locus of a general privacy right because none is conferred by the Constitution, nor could the Constitution ever confer such a right, for it would interfere with such truly compelling state interests as the pursuit of justice. The majority simply chose to ignore that unspeakable consequence by conjuring a general right to privacy for the limited purpose of ratifying abortion.

The spuriousness of the majority's conclusion is evident in its flinching from the logical end of its reasoning: abortion anywhere at anytime. Instead, the majority delivered this:
The privacy right involved, therefore, cannot be said to be absolute. . . . We, therefore, conclude that the right of personal privacy includes the abortion decision, but that this right is not unqualified and must be considered against important state interests in regulation.
And so, the Court brought us right back to where we were in the beginning -- without a general or absolute right to privacy.

There are, of course, federal and State laws that define specific areas of privacy. At the federal level, for example, there is the Medical Information Privacy and Security Act (MIPSA). As described by Wikipedia, MIPSA
contains important provisions requiring accesses to generate an audit trail, and for patients to be able to partition their data so that for example genetic information is not revealed when they go for a flu jab. Individuals have a right to access, copy, edit and augment their information.
Wikipedia summarizes State law thusly:

Most states in the U.S. grant a right to privacy and recognise four torts:

  1. Intrusion upon seclusion or solitude, or into private affairs;
  2. Public disclosure of embarrassing private facts;
  3. Publicity which places a person in a false light in the public eye; and
  4. Appropriation of name or likeness.
All such federal and State laws are carve-outs -- delineations of specific areas of privacy. They are not general guarantees of privacy. Do we need even more carve-outs to deal with the "privacy crisis"? Let us begin by defining the real privacy problem.

Privacy in the Real World

You may, in spite of what I have just said, think that you have a "right" to privacy. But try that line with prospective creditors, who have a "right" to know enough about you to decide whether to extend credit to you; try that line with banks, which have a "right" to know enough about you so that they can safeguard your savings from impostors; and try that line with the police, who have a "right" (constitutionally) to obtain a warrant to search your home if you are suspected of a crime.

If you want absolute privacy you should not have a job (working for someone else), a credit card, a checking account, a brokerage account, a 401(k), a house, land, a car, a legalized marriage, children who were born in a hospital or educated formally, a formal education of your own, a telephone, an Internet connection, or almost any of the other trappings of what we call civilization. The real issue is the extent to which you are willing to forgo some aspects of privacy in order to work for someone else (other than the Mob), possess a credit card, etc.

Given that privacy is neither an absolute right nor something that many of us choose to purchase by forgoing the trappings of civilization, let's consider what we really seek when we claim to seek privacy. Suppose that, unknown to you, someone gathers information about you that you had not intended to disclose. You have suffered no harm unless the gathering of such information
  • enables a person, business, or government to manipulate your behavior by presenting information or options in ways calculated to lead you to certain decisions (e.g., see my posts about "libertarian paternalism" here, here, here, and here)
  • causes unsubstantiated harm to your reputation
  • results in blackmail or the theft of your property
  • results in the imposition of a civil or criminal penalty for an act or acts that you did not commit.
Beyond that, there is no reason to give special preference to privacy over other considerations; for example, a lender's need for information about your credit-worthiness, government's legitimate interest in protecting citizens from terrorism.

PRIVACY ISSUES IN THE PRIVATE SECTOR

Dealing With "Identity Theft"

Let's be clear about what is being stolen in "identity theft." An identity thief's real crime isn't stealing a person's identity, it's using information about that person to steal from that person and/or to steal from others. With that understood, the solution to "identity theft" is straightforward: Fraud is fraud and theft is theft, and they ought to be prosecuted as such.

Moreover, businesses that abet "identity theft" through lax verification and security procedures should be held accountable for their misfeasance.

On to the tougher issue of how to cope with banks, lenders, vendors, and the like.

A Market Solution for Other Private-Sector Issues

Should there be restrictions on the scope of personal information that private data aggregators are allowed to gather? If so, how should those restrictions should be enforced? One option is individual choice, in which each person picks the set of privacy bargains that suits his or her taste for privacy, on the one hand, and ease of transacting business, on the other hand. The other option is for government to establish one-size-fits-all rules -- even beyond those it already has laid down -- such as a ban on the use of universal identification numbers (e.g., Social Security numbers) by banks, credit agencies, insurers, and the like.

The problem with one-size-fits-all rules -- especially one as sweeping as a ban on the use of universal ID numbers -- is that they make it harder and more expensive for consumers to transact business. A consumer's credit rating, which now follows him wherever he goes, thanks (or no thanks) mainly to his Social Security number, is (for almost all consumers) a boon, not a bane. Without the SSN or some other universal identifier, we would revert the days of local and regional credit-rating agencies. The higher cost of verifying a purchasers' credit would, of course, reduce the volume of transactions and lead to higher prices. Small businesses would be especially hard-hit.

So, beyond the obvious penalties for "identity theft" and for misfeasance on the part of businesses that hold personal information, the answer to the private-sector privacy quandary lies . . . in the private sector. The answer, specifically, is the use of what I will call "privacy brokers." These would be companies that are qualified to explain to an individual his privacy options, and authorized to exercise the individual's preferences on his behalf. Such firms would be fully knowledgeable of applicable laws and the ins-and-outs of the privacy policies of companies with which an individual might do business. (Bear with me as I explain why I'm not inventing a new and costly middleman.)

How would privacy brokers be paid? If they were paid by businesses, consumers rightly wouldn't trust them. But how likely is it that consumers will shell out what looks like additional money for a service that, to most consumers, might seem unnecessary? After, in spite of all the personal information that's afloat in the databases of businesses, credit-card issuers, and credit-rating agencies, relatively few consumers have been defrauded or otherwise compromised.

The answer, of course, is that consumers already are paying for the services of credit-rating agencies through the prices charged by businesses and the interest charged by credit-card issuers. It would be relatively easy for credit-rating agencies to transform themselves into privacy brokers. Privacy brokers would collect all of the information now required by creditors, but they would collect it as consumers' agents, after duly informing consumers of their options and the risks and benefits of those options. Each consumer would agree to compensate his privacy broker by assigning a share of his credit purchases to the broker. Conveniently enough, the consumer's creditors would no longer be paying the former credit-rating agency (now a privacy broker) a share of the consumer's credit purchases for the same information. Thus the consumer would not see any increase in prices or interest charges.

Privacy brokers would compete on the basis of price, service, and reputation. If a privacy broker were to allow its data to be compromised, it would quickly lose customers to existing competitors and new entrants to the privacy-brokerage business. Moreover, privacy brokers -- each with tens of millions of clients -- would have considerable leverage over businesses' privacy policies. As a selling point, privacy brokers could use that leverage on the behalf of their clients. Privacy brokers could, for example, negotiate reductions in the amount of personal information that is kept on consumers, ensure that consumers never have to opt-out when it comes to third-party use of personal information, and (most importantly) extract enforceable guarantees about the security of personal information. Those kinds of pro-consumer activities would be fostered by competition among privacy brokers.

My bottom line here is that there is an effective, efficient market answer to concerns about securing privacy vis-a-vis the private sector. But the private sector must act before Congress imposes an inefficient, one-size-fits-all, "solution" on us. There is still time to act, according to a story in Wired News (November 10), which says that "Congress is unlikely to pass any data-security bills by the end of the year, according to Hill watchers."

PRIVACY VIS-A-VIS GOVERNMENT

Is a National ID Card a Good Idea?

A national ID card would be a good idea if its use would decrease the likelihood of terrorism, but it wouldn't-- as I will explain.

I have no objection to carrying an ID card. I already carry several, the possession of which by another person would give that person access to just about anything he might want to know about me: my date of birth, SSN, health history, driving record, criminal record (zilch, sorry), and so on.

A well-designed ID card might even prevent some kinds of "identity theft" if the identifying information embedded in the card could be read only by secure machines and would not be accessible to opportunistic thieves (e.g., unskilled restaurant and department-store employees).

But well-heeled terrorist organizations would find ways to create seemingly legitimate ID cards for their members. And there's the rub. Possession of a single piece of ID, one that is presumed to be authoritative, would make it easier for terrorists to gain access to vulnerable sites (e.g., passenger aircraft) and to elude investigation by deflecting suspicion.

Uncle Sam already knows (or can know) everything about me. A national ID card wouldn't make a difference in that respect. But it would make it easier for terrorists to terrorize. The card is therefore a bad idea.

Privacy or Liberty?

It is sometimes necessary for government to intrude on privacy for the sake of liberty. If, for example, the punishment of crime fosters the security of life, limb, and property by deterring yet more crime, then liberty is served by certain types of governmental intrusion on privacy (e.g., searches of private property, questioning of suspects and witnesses, and compulsion of testimony in criminal cases).

Similarly, the defense of the United States (which includes the defense of Americans and American interests abroad), may justify governmental intrusions on privacy. But there must be restraints on governmental intrusion to ensure that no instance of intrusion is broader than required for the accomplishment of a legitimate governmental function. From a libertarian perspective, that rules out any governmental intrusion of privacy which isn't aimed at promoting justice or defending citizens and their property.

Thus, for example, government is improperly intrusive when it issues a census questionnaire that asks for more information than is necesary to enumerate the population. By contrast, government is properly vigilant when it engages in clandestine surveillance that is warranted by a known threat to the life and limb of Americans (e.g., the continuing threat from al Qaeda).

Those who reflexively oppose certain provisions of the Patriot Act (e.g., the issuance of national security letters for library reading lists) and those who bemoan NSA intercepts of international communications want privacy to take precedence over other manifestations of liberty. As I wrote here, "There can be no absolute liberties where life is at stake. Without life, liberty is meaningless." The Framers of the Constitution recognized that principle:
. . . When the Fourth Amendment was written, the sole remedy for an illegal search or seizure was a lawsuit for money damages. Government officials used warrants as a defense against such lawsuits. Today a warrant seems the police officer's foe -- one more hoop to jump through -- but at the time of the Founding it was the constable's friend, a legal defense against any subsequent claim. Thus it was perfectly reasonable to specify limits on warrants (probable cause, particular description of the places to be search and the things to be seized) but never to require their use. (From the "Warrant Clause," by Prof. William J. Stuntz of Harvard Law in The Heritage Guide to the Constitution, pp. 326-9.)
Thus, by the original meaning of the Constitution, all warrantless searches may be permissible. But judges and legislators have so changed the meaning of the Constitution that these views have instead become prevalent: government cannot conduct searches without a warrant; warrantless searches are "invasions of privacy" (as if privacy were either constitutionally guaranteed or some sort of "natural right'). Moreover, there is -- especially among "civil libertarians," anti-American Americans, and right-wing loonies -- a preference for an undifferentiated right to "privacy" over "the common defence, "to provide for which the Constitution was adopted. Antidotes to such views may be found here:
President had legal authority to OK taps (Chicago Tribune)
Our domestic intelligence crisis (Richard A. Posner)
Many posts by Tom Smith of The Right Coast (start here and scroll up)
Eavesdropping Ins and Outs (Mark R. Levin, writing at National Review Online)
The FISA Act And The Definition Of 'US Persons' (Ed Morrissey of Captain's Quarters)
A Colloquy with the Times (John Hinderaker of Power Line)
September 10 America (editorial at National Review Online)
A Patriot Acts (Ben Stein, writing at The American Spectator)
More on the NSA Wiretaps (Dale Franks of QandO)
The President's War Power Includes Surveillance (John Eastman, writing at The Remedy)
Warrantless Intelligence Gathering, Redux (UPDATED) (Jeff Goldstein, writing at Protein Wisdom)
FISA Court Obstructionism Since 9/11 (Ed Morrissey of Captain's Quarters)
FISA vs. the Constitution (Robert F. Turner, writing at OpinionJournal)
Wisdom in Wiretaps (an editorial from OpinionJournal)
Under Clinton, NY Times Called Surveillance a Necessity (William Tate, writing at The American Thinker)
Experts' Letter on NSA Program (by Tom Smith of The Right Coast)
LEGAL AUTHORITIES SUPPORTING THE ACTIVITIES OF THE
NATIONAL SECURITY AGENCY DESCRIBED BY THE PRESIDENT
(U.S. Department of Justice)
Terrorists on Tap (Victoria Toensing, writing at OpinionJournal)
Letter from Chairman, Senate Intelligence Committee, to Chairman and Ranking Member of Senate Judiciary Committee
Letter from H. Bryan Cunningham to Chairman and Ranking Member of Senate Judiciary Committee
Has The New York Times Violated the Espionage Act? (article in Commentary by Gabriel Schoenfeld)
Point of No Return (Thomas Sowell, writing at RealClearPolitics)
Letter from John C. Eastman to Chairman of House Judiciary Committee
FISA Chief Judge Speaks Out, Bamford Misinforms (a post at The Strata-Sphere)
DoJ Responds to Congressional FISA Questions (another post at The Strata-Sphere)
As for the president's authority in foreign affairs -- which encompasses the defense of the nation -- I quote Sai Prakash, who writes about the Constitution's Executive Vesting Clause (Article II, Section 1, Clause 1) in The Heritage Guide to the Constitution (pp. 179-82):
The [Executive Vesting Clause] . . . accords the President those foreign-affairs authorities not otherwise granted to Congress or shared with the Senate. . . .

The Articles of Confederation lacked an independent chief executive. Instead, the Continental Congress exercised the executive power, appointing and dominating the secretaries of the executive departments. Unfortunately, law execution under the direction of a distracted, plural executive was neighter vigorous nor swift. Congress likewise proved a poor steward of foreign affairs, with American diplomats complaining that Congress could not act with the requisite speed or secrecy. . . .

Resolving to avoid the problems plaguing state and national executives, the Constitution's makers created an energetic, responsible, and unified executive. . . . The Anti-Federalists well understood the Framers' design and criticized the unitary executive [but they lost the argument: ED] . . . .

. . . [T]he delegates [to the Constitutional Convention] spoke of the President's principal foreign-affairs role, oftentimes referring to the Senate's role in treaty-making as a limited exception to the grant of foreign-affairs authority to the President. . . .

. . . [T]raditional rules of statutory interpretation require us to take seriously the differences in phrasing across the three vesting clauses. Artilce I, Section 1 ("All legislative Powers herein granted shall be vested in a Congress of the United States. . . .") makes clear that it vests no authorities separate from those enumerated in the rest of Article I. In contrast, Article III, Section 1 ("The judicial Power of the United States, shall be vested in one supreme Court, and in such inferior Courts as the Congress may . . . establish.") clearly vests the federal courts with judicial authority. The Executive Vesting Clause reads like its Article III counterpart, in sharp contrast to the Article I introductory clause. . . .

In a case touching upon foreign affairs, the judiciary has recently reaffired that the executive power grants foreign-affairs authority to the President. See American Insurance Ass'n v. Garamendi (2003). This marks a departure from prior case law, which had grounded the executive's foreign-affairs powers not in any constitutional text, but in necessity and sovereignty. See United States v. Curtiss-Wright Export Corp. (1936).
John Yoo and James C. Ho, writing in the same volume about the president's role as commander in chief (pp. 195-8), have this to say:
. . .[S]ome originalist scholars have concluded that Congress's war power is limited to its control over funding and its power to impeach executive officers. They contend that the President is constitutionally empowered to engage in hostilities with whatever resources Congress has made available to the executive. . . .

In summary, the argument for executive initiative rests on the background understanding that the vesting of "executive Power" and the "Commander in Chief" designation together constitute a substantive grant of authority to the President to conduct military operations.
It is clear that it is fully within the president's constitutional authority to order electronic surveillance of communications between persons in the U.S. and persons overseas. It is especially clear that such surveillance is legitimate because of its war-related purpose.

The Framers intended the executive to be a passive enforcer of laws passed by Congress that bear on domestic affairs (and those laws were to be strictly limited in scope by Article I, Section 8, of the Constitution). At the same time, the Framers intended the executive to defend Americans actively against enemies foreign and domestic. No one has put it more clearly than Justice Felix Frankfurter:
. . . [W]e have had recent occasion to quote approvingly the statement of former Chief Justice Hughes that the war power of the Government is 'the power to wage war successfully.' . . . Therefore, the validity of action under the war power must be judged wholly in the context of war. That action is not to be stigmatized as lawless because like action in times of peace would be lawless. To talk about a military order that expresses an allowable judgment of war needs by those entrusted with the duty of conducting war as 'an unconstitutional order' is to suffuse a part of the Constitution with an atmosphere of unconstitutionality. The respective spheres of action of military authorities and of judges are of course very different. But within their sphere, military authorities are no more outside the bounds of obedience to the Constitution than are judges within theirs. . . . To recognize that military orders are 'reasonably expedient military precautions' in time of war and yet to deny them constitutional legitimacy makes of the Constitution an instrument for dialetic subtleties not reasonably to be attributed to the hard-headed Framers, of whom a majority had had actual participation in war. If a military order such as that under review does not transcend the means appropriate for conducting war, such action . . . is as constitutional as would be any authorized action by the Interstate Commerce Commission within the limits of the constitutional power to regulate commerce.
To get down to cases -- the case of NSA surveillance, in particular -- Tom Smith of The Right Coast has this to say:
. . . [I]t strikes me as just wrong, and very counter-intuitive, to think of the Fourth Amendment as limiting the President's Article II wartime powers at all. If this were the case, it would mean something like the President's powers to wage war against those US citizens who had decided to fight for the enemy, had to be conducted within something like the proscriptions of constitutional criminal procedure. Surely, that can't be right. This is not to say the President's Article II powers are unlimited. That is what, I take it, the Youngstown Steel case is about. But if FISA really does subject Article II wartime powers to the procedural rigamarole in FISA, then it would be unconstitutional. . . . So where that leaves us, it seems to me, is fairly clear. The President did not violate FISA, as that statute has been interpreted by the highest court other than the Supreme Court that has has the power to interpret it, and indeed specializes in interpreting it, so presumably is due some deference for that, and thus, for the President's action to be illegal, it would have to have exceeded his Article II powers. . . . While it is logically possible that the NSA program exceeded the Article II powers, it strikes me as a very implausible claim. We are not talking here about nationalizing the steel industry, or interring all Muslims or something of that sort. We are talking about data-mining calls and emails which have an elevated probability of being connected to terrorism, because they are within a network anchored by phone numbers or email addresses found in al Qaeda phones or computers, or because of charateristics of the calls or emails. If anyone thinks . . . that doing that is outside the President's Article II powers, they have a ludicrously narrow conception of those powers, a conception simply inconsistent with the President's discharge of his duty to prevent future catastrophic terrorist attacks on the people of the United States. That alone suggests it is an incorrect conception of those powers, a fact even the Supreme Court is likely to notice.
What we see in the dispute about such things as the Patriot Act and NSA surveillance is a failure to distinguish between the free exercise of liberty, on the one hand, and the necessary exercise of governmental power to preserve liberty, on the other hand. That failure is unwitting -- but nonetheless dangerous -- when it emanates from persons who simply have no understanding of the Constitution or who wish to live in a dream-world in which government simply cannot encroach upon their privacy for any reason. That failure is entirely witting -- and essentially subversive -- when it emanates from persons who simply wish to twist the meaning of the Constitution so that it serves their anti-libertarian agenda: statism at home and surrender abroad.

What About Government Data-Mining?

There is, nevertheless, a real threat that surveillance could lead to the creation of massive databases that could be misused by government officials. Tom Smith observes that
technology on the data mining front is moving very fast. In fact, the term data mining is too narrow and somewhat dated. For just a taste of one cutting edge approach, check this out. This company takes a semantic network approach to unstructured databases. There are other approaches as well.

What I am getting at is, if the government puts together a huge database -- and . . . it is within their capabilities, well within -- then with tech from the private sector, not to mention what NSA geniuses come up with, then what they can figure out about individuals, firms, and so on, really does not have any clear limit. It is not at all far fetched to say if the government wanted to, it could know more about people than they know about themselves, a lot more.

There are many questions here. The first is whether the storage of this information violates constitutional protections. I think sentience may make some difference here. If every email you have sent in the last five years is stored in some place the government has access to, but they do not actually access it, then I'm not sure your privacy has been affected at all.

But here is something that worries me, though maybe it shouldn't. Search algorithms are already astonishingly powerful. They are advancing rapidly. It may be possible soon to pull out from such things as patterns of emails, phone calls, puchases and the like, people likely to be involved in drug trafficing, money laundering, whatever. If an impartial algorithm can troll through a database and produce a list of people who really are, to some high degree of probability, connected with herion trafficking say, should that be enough to support a warrant to start the really intrusive, traditional sort of surveillance?

I have already made clear that I think the President should be able to do exactly this if it is necessary to fight a war. But law enforcement agencies doing it does strike me as pretty creepy. It could be an extremely powerful law enforcement tool, though.
It is one thing to create databases that enable law-enforcement officials to detect and avert attacks on Americans and Americans' interests, at home and abroad. It is quite another thing to create and use such databases for the purpose, say, of anticipating or imagining criminal conspiracies.

How, then, is it possible to protect Americans from acts of war, terrorism, insurrection, or rebellion without subjecting them to the very real danger of overreaching on the part of government officials -- who will be tempted to misuse the information to which they have access? We learned -- on September 11, 2001 -- that it is folly to put a firewall between domestic and foreign intelligence. The firewall must be placed elsewhere; here is how I would construct it and where I would place it:
  • No government agency (including contractors) may collect or store personal information other than that which is gathered pursuant to a specific, constitutionally authorized exercise of authority (e.g., issuing driving licenses, maintaining tax and property records, investigating crimes that have been reported, maintaining records of arrests and convictions, algorithmically surveilling communications for the purpose of detecting possible terrorist activity).
  • The federal government (and only particular units of the federal government, as authorized by law) may collate such information in a database or databases that may be used only for the purposes of detecting conspiracies to commit acts of war, terrorism, insurrection, or rebellion against the United States, a State, or the citizens of the United States or their property.
  • Information gleaned from such a database may be used, without judicial approval, to avert an imminent attack or to respond to an attack.
  • Otherwise, the information gleaned from such a database may be used, with judicial approval, to initiate surveillance of persons or property within the jurisdiction of the United States -- and then only for the purpose of preventing acts of war, terrorism, insurrection, or rebellion.
  • Actions against persons or property outside the jurisdiction of the United States must be taken in accordance with the 1973 War Powers Resolution and/or applicable treaties.
  • Information gleaned from such a database may never be used for any purpose other than the prevention of or response to acts of war, terrorism, insurrection, or rebellion against the United States, a State, or the citizens of the United States or their property.
Details would be supplied by statute. Compliance would be monitored by a commission; the president, Congress (by concurrent resolution), and the chief justice of the United States each would appoint one-third of the commission's members.

SUMMARY AND CONCLUSION

Privacy is not, never has been, and never should be an absolute right. To make it such would be incompatible with the defense of life, liberty, and property.

With respect to privacy in the private sector, we should remember that a one-size-fits-all regulation has the predictable effect of fitting almost no one and generally forcing buyers and sellers to make inferior choices. Government should protect Americans from force and fraud. Beyond that, it is up to Americans to decide for themselves how much privacy they wish to enjoy in their voluntary transactions. They could do so quite effectively, and at no additional cost, with the help of "privacy brokers" -- firms that would do for consumers what they now do for businesses.

Turning to privacy vis-a-vis government, we should remember that government legitimately seeks to protect the lives and property of Americans, so that they can pursue happiness as they see it. Privacy absolutists -- those who place privacy above security -- endanger us all. They would render us defenseless against very real and potent threats to liberty and the pursuit of happiness. The idea of a national ID card fails because it would create a vulnerability, not because it would threaten privacy in the land of the ubiquitous Social Security number. On the other hand, there is a legitimate place for the surveillance of telecommunications and for data-mining, as long as the use of both is confined to the protection of life, liberty, and property against our enemies. A way of ensuring that surveillance and data-mining are not misused is to establish an oversight commission comprising members of all three branches of the federal government.

The legitimate function of the state is to protect its citizens from predators and parasites, it is not to protect predators and parasites. The critics of aggressive defense like to proclaim their dedication to civil liberties, but their statist agenda in domestic matters betrays their selective dedication to liberty.

There is a balance to be struck between privacy and liberty, but it should not -- and need not -- be struck in favor of our enemies. The Constitution is, first and foremost, a mutual defense pact, not a suicide pact.

Related collections of posts:
The Constitution: Original Meaning, Subversion, and Remedies
Economics: Principles and Issues
War, Self-Defense, and Civil Liberties