Commercial vs. Government Surveillance: Which is more dangerous?
Last Sunday evening’s story about data brokers on 60 Minutes is a long-needed heads up to many people about the widespread but largely invisible practices of data brokers who collect, aggregate, and sell information about us.
Monday morning, in an interview at SXSW with Edward Snowden, the question was raised about whether government or commercial surveillance is more of a concern. Snowden’s response was that the government has the ability to prosecute and incarcerate people, that commercial providers don’t, and that we should therefore be more concerned about it:
Right now, my thinking, I believe the majority’s thinking is that the government has the ability to deprive you of rights. Governments around the world whether it is the United States government, whether it is the Yemeni government, whether it is Zaire, any country: they have police powers, they have military powers, they have intelligence powers. They can literally kill you, they can jail you, they can surveil you. Companies can surveil you to sell you products, to sell your information to other companies, and that can be bad, but you have legal recourse.
Chris Soghoian of ACLU, who was interviewing him, correctly observed:
I am not crazy about the amount of data that Google and Facebook collect. Of course, everything they get the government can come and ask for too. There is the collection that the government is doing by itself and then there is the data that they can go to Google and Facebook and force them to hand over.
But that still may not be the whole story. Is there anything to prevent the government from going to the sort of data brokers described in the 60 Minutes report and simply buying the data they’re looking for, in bulk? I haven’t seen any concrete evidence that this is happening, but I would would expect it to be done, either directly or through intermediaries.
Data brokers are typically secretive about the identities of their customers, so it’s highly doubtful that they will admit to this if it is happening. I wonder if there is any sort of public records request that would reveal the existence of those sorts of contracts. If my hypothesis is correct, commercial surveillance is at least as dangerous as government surveillance, since there isn’t much of a distinction about how the data might ultimately be used. And since much of the information is behavioral, it has more potential for error.
Hopefully it doesn’t take another “Edward Snowden” from the data broker world for us to learn all the ways the data brokers use our data.