Privacy Under Attack
Are tougher laws needed to protect citizens?
By Patrick Marshall

Privacy advocates warn that emerging technologies — including powerful surveillance equipment and software that can monitor consumers' Internet activity — are eroding Americans' right to privacy. In addition, disclosure of individuals' medical records and genetic information raises the possibility of employment and insurance discrimination. A number of laws protect citizens from unwarranted. . . .

Read the Full Report (Subscription Required)
Buy Report PDF

Should direct marketers be required to obtain consumers' approval before using their personal information?

Evan Hendricks Editor, Privacy Times. Written for The CQ Researcher, June 2001	Michael E. Stanton From “Protecting Privacy in the New Millennium: The Fallacy of 'Opt-in' ”. Direct Marketing Association, June 2001

No, You're Not Paranoid . . .Video Cameras ARE Watching

You don't have to be a sports fan to remember this year's Super Bowl. The name of the winner may have faded from memory, but who can forget the furor over the surveillance system used to scan the faces of 100,000 fans as they entered Tampa stadium?

Although signs advised fans that they were being videotaped, most probably never realized the extent of the surveillance. The Facefinder biometric system picked out 19 petty criminals whose faces matched mugshots in a police database. Since it was just an experiment, no one was arrested, but the surveillance sparked a flood of media attention and a call for public hearings by the American Civil Liberties Union (ACLU).

The experiment — dubbed “Snooper Bowl” by the ACLU — renewed debate about how new technologies are shrinking the sphere of privacy that Americans once considered a birthright. Some also say the test was just another step toward broad and permanent surveillance of American society.

“We need a modern-day Paul Revere riding from city to city warning people: 'The cameras are coming! The cameras are coming!' “ said Norman Siegel, former executive director of the New York chapter of the ACLU. After conducting a block-by-block inspection of Manhattan, the chapter discovered almost 2,500 cameras aimed at New Yorkers in public places.

In Illinois, state officials have used face-recognition technology to transform all photos taken for drivers' licensing purposes into an electronic “mug” book of nearly every adult in the state.

Tiny video cameras are hidden in these objects. (MATCO Inc.)

Actually, the Super Bowl was not the first use of the technology. Casinos have been matching the faces of gamblers captured on video surveillance cameras to a database of known cheaters since 1997, when the first such system was installed at Trump Marina in Atlantic City, N.J.

And, of course, banks, hospitals, jewelry stores and other commercial establishments have been conducting video surveillance without the database matching capabilities since the early 1960s. But during the 1990s, as the price and size of video equipment decreased and the quality of the images improved, videotaping people in public — and sometimes in private — became a widespread practice.

Now video cameras record activity on freeways, subways and buses and in elevators, public parks, parking garages, schools, stores, restaurants and post offices. Moreover, the growing popularity of the Internet has given the practice worldwide coverage. In cities across the country, bars are installing Webcams — video cameras broadcasting live over the World Wide Web — enabling Web surfers to check out the action at their local pubs before they go out on the town.

Legal experts say surveillance cameras and face-recognition software are constitutional when used in public places where privacy expectations are low. ''

And the United States is not alone. In Britain — where terrorist bombings became commonplace in recent decades — authorities began installing video cameras in public places more than two decades ago. With more than 1.5 million closed- circuit television cameras monitoring streets, parks and public buildings, Britain is perhaps the most-watched country on Earth.

Privacy advocates in the United States argue that just because a technology exists and is legal does not mean it should be used. And they worry that the new technology could lead to unexpected invasions of privacy, just as some employers used pre- employment drug testing as a subterfuge for secretly conducting pregnancy tests on prospective employees.

Public outcry in Britain over the growing use of video surveillance led to passage in 1998 of the Data Protection Act, requiring that signs be posted in surveillance areas and limiting how long a videotape could be retained.

U.S. privacy advocates want similar legislation. The New York ACLU, for instance, has asked the state legislature to require that warning signs be posted at every surveillance zone, that access to surveillance tapes be limited and that tapes be archived for a limited time.

“Americans should be alarmed at the growth of surveillance in society without even minimal standards or regulation,” Siegel says.

Currently, police and other government agencies in the United States are not required to obtain search warrants to make soundless video or still pictures of individuals in public places. But if audio tracks are recorded, the surveillance falls under the Electronic Communications Privacy Act of 1986, which limits police wiretaps.

The Supreme Court has offered a two-step test to determine whether an act of surveillance might violate citizens' Fourth Amendment constitutional rights to protection against unreasonable search and seizure by government agencies. First, does the surveillance occur from and across public airspace? Secondly, is the surveillance physically non-intrusive?

But the Constitution only protects citizens from unwarranted video surveillance by government entities. There is no constitutional protection from surveillance by businesses and other private parties.

And clearly such private surveillance is on the rise. The American Management Association, for example, estimates that video surveillance by employers rose from 33.7 percent of companies in 1997 to 37.7 percent in 2001.

Law enforcement officials say technologies like face-recognition software can eventually give people more privacy, not less. For instance, police officers armed with face-recognition technology could identify suspects without having to resort to racial profiling or constitutionally questionable stop-and-frisk tactics. In addition, the identity of those using automated teller machines (ATMs) can be immediately verified with the technology, making it more difficult for someone to steal another person's money or personal identity.

And in some cases, video surveillance is conducted to protect the vulnerable —such as children in a day-care centers or elderly patients in nursing homes.

But while videotaped evidence has been critical in solving crimes and obtaining convictions in several high-profile cases, it's not clear just how effective video surveillance is in deterring crime. In a 1995 study, Washington state prisoners serving time for robbing convenience stores ranked video recording a distant 11th on a list of deterrents. Yet a 1991 study found that convenience store robberies declined 53 percent during the first year after video cameras were installed.

Privacy advocates are skeptical of the value of video surveillance. “The only value of videotaping is to preserve evidence after the fact,” says Robert Ellis Smith, publisher of Privacy Journal. “I don't think it's very effective in decreasing response times or even in deterring criminal activity.”

When Big Brother Is Watching You Work

The Fourth Amendment to the Constitution protects citizens from unreasonable searches and seizures by government officials, but it does not protect employees' privacy in the workplace.

“Most of the constitutional protections we enjoy as private citizens vanish when we go to work,” writes William S. Hubbart, a human resources consultant. “While the government, as an employer, is subject to constitutional privacy limitations, laws impose few limitations on the private employer.”

The stakes are potentially high. An employee in San Diego, for example, was fired when it was discovered that he had tried to access a pornographic Web site, whitehouse.com. The man claimed that he had meant to go to the White House Web site, whitehouse.gov.

In many cases, employees do not even know they are being monitored. According to a recent University of Illinois survey, half of the corporations that collect information on employees monitor surreptitiously. Even more disconcerting, two-thirds of the organizations responding to the survey use investigative firms to collect information about employees. Of those companies, 25 percent do not review the policies and practices of the investigative firm.

Whether the employee monitoring is done in-house or is farmed out to investigative firms, companies are doing a great deal of it, especially when it comes to computer and telephone use. According to the American Management Association, 63 percent of companies monitor employees' Internet connections and nearly half —47 percent — store and review e-mail messages. Many companies also mandate random drug testing of employees, even when there is no evidence of drug use by the employee.

Few laws govern monitoring of employee performance and behavior. The only monitoring activity specifically covered by federal legislation is the use of polygraph tests. Under the Employee Polygraph Protection Act of 1988, employers may not require polygraphs for pre-employment screenings. Polygraphs may be used to investigate a company loss, but three conditions must be met. The employee must have had access to the lost or destroyed property. There must be reasonable suspicion that the employee was involved. And the employer must provide a written statement to the employee describing the incident being investigated.

A patchwork of state laws protect some workers from such practices as blacklisting, reference checking, drug and alcohol testing and other privacy invasions. Fourteen states limit what information employers can collect about employees.

If employees feel their privacy has been breached by their employer in ways that are not regulated by state or federal laws, they may seek redress through common law. But common-law protections are vague and can only be tested on a case-by-case basis.

Common law recognizes four basic grounds for actions against employers and other citizens with respect to privacy issues:

• Intrusion upon seclusion — When an employer's actions intrude in a manner that would be highly offensive to a “reasonable” person.

• Public disclosure of private facts — When an employer gives undue publicity to private facts about an employee.

• Publicly placing a person in a false light — When an employer misrepresents an employee's behavior or character to the public.

• Appropriation of an employee's name or likeness —When an employer uses an employee's name or likeness without his or her permission.

While Congress appears concerned about Internet privacy and about controlling the use of Social Security numbers, it seems to have little interest in employer monitoring.

“Workplace privacy is still an issue, but it doesn't seem to have a push behind it right now,” says Evan Hendricks, editor of Privacy Times. “There's no congressional leader who has decided to take it on.”

[1] Quoted in M.J. Zuckerman, “Chances are, somebody's watching you,” USA Today, Nov. 30, 2000.

Footnote: 1. Quoted in M.J. Zuckerman, “Chances are, somebody's watching you,” USA Today, Nov. 30, 2000.

[2] Scott Sher, “Continuous Video Surveillance and Its Legal Consequences,” Public Law Research Institute, University of California, Hastings College of the Law, November 1996.

Footnote: 2. Scott Sher, “Continuous Video Surveillance and Its Legal Consequences,” Public Law Research Institute, University of California, Hastings College of the Law, November 1996.

[3] Zuckerman, op cit.

Footnote: 3. Zuckerman, op cit.

[4] Florida v. Reilly, 488 U.S. 445 (1989); California v. Ciraolo, 476 U.S. 207 (1986).

Footnote: 4. Florida v. Reilly, 488 U.S. 445 (1989); California v. Ciraolo, 476 U.S. 207 (1986).

[5] American Management Association, “2001 AMA Survey: Workplace Monitoring & Surveillance,”http://www.amanet.org/research/pdfs/ems_short2001.pdf.

Footnote: 5. American Management Association, “2001 AMA Survey: Workplace Monitoring & Surveillance,”http://www.amanet.org/research/pdfs/ems_short2001.pdf.

[6] Lorraine La Femina, “For Electronic Security Firms, Crime Pays,” LI Business News, March 25, 1996, p. 27.

Footnote: 6. Lorraine La Femina, “For Electronic Security Firms, Crime Pays,” LI Business News, March 25, 1996, p. 27.

[7] National Association of Convenience Stores, “Convenience Store Security: Report and Recommendations,” November 1991.

Footnote: 7. National Association of Convenience Stores, “Convenience Store Security: Report and Recommendations,” November 1991.

[8] William S. Hubbart, The New Battle Over Workplace Privacy, American Management Association, 1998, p. 2.

Footnote: 8. William S. Hubbart, The New Battle Over Workplace Privacy, American Management Association, 1998, p. 2.

[9] Survey Research Laboratory, Univerity of Illinois, 1996, http://www.kentlaw.edu/ilw/erepj/v1n1/linowes.html.

Footnote: 9. Survey Research Laboratory, Univerity of Illinois, 1996, http://www.kentlaw.edu/ilw/erepj/v1n1/linowes.html.

[10] “2001 AMA Survey: Workplace Monitoring & Surveillance,” www.amanet.org/research/pdfs/ems_short2001.pdf.

Footnote: 10. “2001 AMA Survey: Workplace Monitoring & Surveillance,” www.amanet.org/research/pdfs/ems_short2001.pdf.

[11] For background, see Kathy Koch, “Drug Testing,”The CQ Researcher, Nov. 20, 1998, pp. 825-848.

Footnote: 11. For background, see Kathy Koch, “Drug Testing,”The CQ Researcher, Nov. 20, 1998, pp. 825-848.