Chicago News spoke with Lori Andrews, author of I Know Who You Are and I Saw What You Did: Social Networks and the Death of Privacy, University Distinguished Professor of Law, Chicago-Kent College of Law, Illinois Institute of Technology. Her fascinating book about internet privacy calls for a Social Network Constitution to guard our right to privacy.
Chicago News: Can you tell us about yourself. What is your background?
Lori Andrews: I’m from the Western suburbs of Chicago. At Yale and Yale Law School, I became interested in how technology affects individuals, relationships, communities, and social institutions. I chaired the federal advisory commission to the Human Genome Project, exploring the ethical, legal, and social implications of genetics. Should an employer be able to fire you because your genes indicate you’ll get cancer? Should parents have the power to use genetic enhancement on their embryos to create designer babies?
CN: How did you get involved in cyber law?
LA: Nearly a decade ago, the daughter of a law school classmate friended me on Facebook. But every post on her page indicated she was playing Mafia Wars. She was trying to get into a good college and I told her that colleges looked at applicants’ pages. When she didn’t believe me, I started sending her studies and legal cases that showed how employers, insurers, colleges and the government collected information from peoples’ social media accounts. Soon I had enough material to teach the first law school course on Law of Social Media. From then on, it became a major focus of my research.
CN: Can you tell us about the Social Network Constitution? Is it possible to get this passed in Congress?
LA: I was shocked to learn that our rights of free speech, freedom of association, and privacy don’t apply online as they do offline. People have been fired because they had a glass of wine in their hands in a Facebook photo, even though drinking is perfectly legal if you are over 21. Police have used people’s Google searches as proof that they were thinking of committing a crime. Women have lost custody of their children when judges thought their Facebook photos were too sexy.
I proposed a Social Network Constitution to protect people’s rights online. Even if it doesn’t get passed entirely, it’s been a tool to focus public discussion and to let judges know the stakes of their decisions. And in the years since I wrote it, more attention has been paid to people’s rights. When the Illinois legislature passed a law forbidding employers from asking for applicants’ private social network passwords, Governor Pat Quinn came to my university to sign it into law.
CN: What are your thoughts about Facebook. Do they share our information with government agencies besides private and public companies?
LA: Absolutely! Local law enforcement, the FBI, CIA, the IRS and Homeland Security are all able to access information from Facebook, Google, and other social media giants.
CN: Why don’t we have privacy protections like in Europe?
LA: Europe has greater protection for privacy because its citizens have seen firsthand how important privacy is to the quality of life and to even life itself. They’ve seen how information collected by the government for a seemingly benign purpose can later be used against people. In Delete: The Virtue of Forgetting in the Digital Age, Viktor Mayer-Schönberger describes how the Dutch government in the 1930s created a registration system to keep better track of its citizens. The population registry listed each citizen’s “name, birth date, address, religion, and other personal information” for the purpose of better facilitating government administration and welfare planning. However, when the Nazis invaded the Netherlands during World War II, they seized possession of the registry and used it to go after the Dutch citizens who were Jewish or gypsy. The repurposed registry was so comprehensive that the Nazis were able to identify and ruthlessly murder more than 70 percent of the Jewish population in the Netherlands, as opposed to 40 percent in Belgium and 25 percent in France.
Sometimes people say to me, “I don’t care about privacy. I’ve got nothing to hide.” But even seemingly innocent posts or photos can be used against people. When a woman was harmed in a workplace accident and needed several surgeries, a judge said her smiling photo on a social media page must mean that she wasn’t really in pain. Even something as simple as who your friends are can get you into trouble. A policeman lost his job because an extended family photo showed a distant relative who’d been a gang member.
CN: Are people still fighting in the state courts to protect their privacy? Why is that?
LA: Courts are finally beginning to take seriously the harms that can come from online privacy invasions. When the FBI asked a Texas judge to try to track down a potential criminal by turning on the webcam of the computer he used, the judge said no, recognizing that it could invade the privacy of other users if the computer turned out to be at an internet café or in a family home.
CN: What has changed since you published your book? Any more protections for people?
LA: Some things have gotten worse since the book’s publication. Consulting companies are telling life insurers to consider a person’s Facebook page during the decision of whether to grant insurance. Among the things that make you less likely to get life insurance: the fact that you eat fast food, commute to work, read a lot (the assumption is that you are sedentary) or have friends who are skydivers.
An astounding number of devices and technologies have been developed which invade our privacy—from baby monitors that allow hackers to take photos of the inside of our homes to Hello Barbie dolls which allow Mattel’s designees to listen to the intimate things girls tell their dolls.
On the other hand, new protections have been put in place by state legislatures—such as statutes against revenge porn. And prosecutors (such as the Attorney General of California) are suing offenders for identity theft if they use people’s personal information against them (as do the websites that charge people money to have their nude photos removed).
CN: What do you recommend to people who use social networks like Facebook. Should they watch their every move?
LA: Assume that employers, colleges, insurers, and the government can read all your posts. Realize that your posts live forever. Some college students delete their entire Facebook account when they start job hunting. But a company called Social Intelligence actually saves the last seven years of people’s public Facebook posts and sells that information to employers.
CN: Do Facebook and Google have too much power?
LA: Absolutely! Facebook has a bigger population than any country and has more information about us than any government. There is increasing pressure to join Facebook. Some newspapers require that you have a Facebook account to write a letter to the editor. Some scholarships can only be applied for through Facebook. Google knows what we look like (through its social-media arm), what we are interested in (through web searches and YouTube views), and where we are (through GPS on Android devices). But none of our Constitutional rights protect us against the invasion of privacy by Facebook and Google—since the Constitution only protects us against the government, not private companies.
CN: Is our government protecting us?
LA: Not enough.
CN: What do you think of the latest story about AT&T sharing private information with law enforcement and keeping it a secret?
LA: In my book, I talk about a similar incident in 2006 when an AT&T whistleblower discovered that the company was letting the NSA have access to its customers’ calls. It’s stunning to me that the telecommunications companies that charge us so much money for phone service and internet service are then making money allowing the government and other third parties access to data about who we call and what we view. They should be paying us!
CN: What do you suggest people do in today’s internet age? What does the future hold?
LA: The future holds more intrusive technologies (sensors on clothing, smart cities technologies, the Internet of Things).
Use private browsing: If you search with Google Search or Microsoft’s Bing, those companies can amass detailed information about your personal interests and browsing habits. StartPage.com and DuckDuckGo.com, on the other hand, are two search engines that do not track users and that you can use to protect your privacy.
Use a browser setting that signals that you don’t want to be tracked: A Do Not Track setting is available in Firefox, Chrome, Safari, Edge, and Internet Explorer. This tells the websites you visit that you don’t want to be tracked, but not all websites honor that request.
Be sure to understand what your devices and programs do and use the right privacy settings: Microsoft 10 eavesdrops on you, keeping your microphone on all the time. You can control which apps have access to the device’s microphone in the “Privacy” settings window.
Click on “Microphone” and slide the master toggle to “Off.” If you want to use Skype or another conferencing app with audio, slide the toggle to the “On” position for just the app for which you would like to use the microphone.
Don’t use the default password that comes with a device that connects to the internet. If you buy a modem or baby monitor or other device (even a refrigerator!) that connects, change the password that comes with it to a new one that you create. Otherwise, hackers can use the default ones to gain access to your device.
By Jim Vail