Wednesday, December 18, 2013

The Italian Supreme Court has acquitted me !

An eight-year legal saga has now come to an end.  Yesterday, in Rome, the Italian Supreme Court (Cassazione) acquitted me, as well as two other Googlers, for violating Italian privacy law in a case that stemmed from a user-generated video. 

A year ago, the lower Italian Court of Appeals overturned my conviction (and 6-month-suspended jail sentence) by the trial court.  I am pleased that well-reasoned legal principles had prevailed in the Court of Appeals.  The Supreme Court will issue its written opinion in due course.
In its appeal to the Supreme Court, the Italian prosecutor asserted—in addition to arguing that employees like me can be held criminally responsible for user-uploaded videos that we had no knowledge of and nothing to do with—that platforms like YouTube should be responsible for prescreening user-uploaded content and obtaining the consent of people shown in user-uploaded videos.  I, and the many others who have voiced their support, viewed this as a threat to freedom of expression on the Internet.  

I look forward to returning to Italy to enjoy this glorious country.  I would like to thank my many colleagues at Google and in the legal and privacy community for their support for my defense over the years.  And although I have never met him, I hope that the young man who was humiliated in the video that generated this case lives with dignity and happiness.  

Wednesday, November 20, 2013

The Splinternet, from a pool in Istanbul

Look, I'm a swimmer, and here I'm swimming in the gorgeous pool in Istanbul at the Ciragan at sunset on the Bosphorus.  Things are simple: there's me, and there's water.  I'm hyper-aware of where each little piece of my body moves through the water.  I spend endless hours learning how to slice through the water.

Online, there's me, and there's the cloud.  I'm hyper-aware of each of my little blogs, or emails, or posts, spending endless hours living online.  But I have no clue where all this data actually resides. It's like water, it's all around me, and yet I can't say where it is, or whether it's still or flowing.    

In the pool, and online, I don't really have much choice except to trust it.  I trust the pool water to be clean and healthy.  I trust the online cloud to be safe and reliable.  Honestly, I don't have a clue about who keeps them that way.  I just trust, or hope, that they are.  

Of course, the cloud is cool.  Whatever your question, you can find the answer in seconds.  I have more knowledge than Faust, and I get to keep my soul too:  with a little device and an Internet connection, I can access trillions of pages of human knowledge in seconds.  It's so awesome and so ubiquitous that it already seems banal.  Data is everywhere, accessible anywhere, anytime, all thanks to the global flow of data through the cloud.  And this marvel of human ingenuity and sharing evolved before anyone could try to slice the cloud into little boxes that they could control and regulate, for purposes good and ill.  

But I get why people are uncomfortable with all this.  Where does all my precious, personal data actually go?  Does anyone other than systems engineers even know?  Do they even know?  So, I can't blame governments for trying to rein this in, for trying to create clarity out of cloudiness, or at least to create little zones that they think they can control.  Attempts are back:  to balkanize the Web, to slice the cloud, to put data into boxes.  Governments are using a fancy new name for it, "data sovereignty", although the rest of us are calling it the Splinternet.   Data sovereignty has re-emerged as a big theme in global privacy debates, largely as a result of the recent spate of government surveillance revelations. 

Let's take a moment to ask, though, what is the motive behind this Splinternet stuff. Governments often use the vocabulary of privacy to militate for more data sovereignty, but the truth is more complicated.  Sometimes data sovereignty is about privacy, and sometimes it's not. 

"Privacy" is about protecting personal data about an individual.  "Data sovereignty" is about governments increasing their local control over the data of their citizens.  

There are many different reasons why governments may want more data sovereignty:

Governments may want more data sovereignty to protect their citizens' personal data, or they may want it to monitor it more closely:  e.g., many governments around the world, take Russia as just one example, want more data sovereignty to reduce the ability of a foreign (e.g., US) government to monitor their citizens' data, while at the same time to make it easier to monitor it themselves.  

Sometimes data sovereignty is a economic, or protectionist, issue. Governments may want companies to invest and hire locally, e.g., by building and staffing local data centers.  Or they may want to encourage their citizens to use the services of local companies.  This has nothing to do with "privacy", but rather with pure local trade and investment goals. You see this sort of government trade protectionism rhetoric in France every day, to take one example. 

Sometimes data sovereignty is a issue of government control in unrelated areas, like censorship.  Countries that operate national firewalls, like China, want more data sovereignty to increase their ability to censor, monitor and control the contents of communications within their borders.  

Sometimes data sovereignty is about applying local rules, customs and regulations.  e.g., Europe is debating a legally-mandated "right to be forgotten", and trying to define how/when a user should be able to delete personal data about themselves from the Internet, even when that personal data was legally published by a third-party, such as a newspaper.  While the debate continues within Europe, it is clear that such a "right to be forgotten" could at best be implemented within the sub-set of the Internet that is subject to European jurisdiction, such as perhaps local domain addresses, or in other words, within a limited universe of data sovereignty. The same could be said for dozens of other local and regional-specific laws and regulations (like the Thai law making it a crime to insult their King).   Absent data sovereignty, such local variations would be virtually impossible to implement on the global Internet, setting aside whether all this is for good or ill.  

"Privacy" is often the vocabulary you'll see governments use to militate for more "data sovereignty."  One of the tools used to try to achieve this data sovereignty is restrictions on international data transfers, once again, setting aside whether this is good or even possible.  My point is simply that governments want many different things under the guise of "data sovereignty."  Sometimes governments want more "privacy," and sometimes "privacy" is just a pretext for unrelated government goals.  

When governments say they'll create their safe little Splinternets for their citizens, I know this does little more than put lane lines in a pool, keeping the swimmers in their lanes, while the water continues to flow everywhere, as it always has and always will, as every swimmer knows. 

Wednesday, October 30, 2013

To talk, or not to talk, that is the question

I sat down at lunch with three of the biggest corporate guns in the field of privacy.  We're all old friends, and more than a little battle-hardened, and over a cool bottle of Sancerre, we started a heated debate about the benefits of talking, or not talking, about privacy, in the public arena.  

Person A:  We never talk about privacy.  It's a loser.  You can't say anything about it, without offending someone. Talking about privacy is like talking about religion or politics at a dinner party, frankly it's no-go.  Let privacy advocates talk about privacy.  As far us, the less said, the better. 

Person B:  We talk about privacy in a pedagogical sense.  We all know that it's important, and complicated, and we know that consumers need to be educated, to help them make their own decisions.    Transparency is fundamental and ethical, and we're committed to being open about it.

Person C:  We talk about privacy, but only to attack our competitors.  Our most successful marketing initiative this year was to copy the attack-ads that have been part of US politics for years.  Of course it's cynical, and perhaps dishonest and hypocritical, but it works.  

Person A:  It's a myth that you can build trust by talking about privacy.  Actually, the opposite is true.  It's sad, but that's the reality.  If a college kid walks into a bar and tells everybody in the bar that he's never had any sexually-transmitted disease, do you think he's more likely to score than the guy with herpes who doesn't tell anybody about it?  

Person B:  You can talk about things that support privacy, like privacy controls, privacy settings, and strong security.  Those things build trust, and they're objective, and people deserve to know about them.

Person C:  You are so naive.  If you're in a race, you want to win.  Sure, you can try to be the fastest, strongest, smartest, but if you're not, you can still win by hiring some thug to break your competitors'  kneecaps.  And trust me, privacy is like a kneecap.  

I sat back, and said nothing, and sipped my Sancerre, and unconsciously perhaps, crossed my legs and put my hands on my knees.  

Tuesday, October 29, 2013

Tinker, Tailor, Soldier, Spy, They hacked my phone, I don't know why

Why was it candy to hack the Handy of the world's most powerful woman?  Did she park her Porsche in a public place without locking it? 

The press are outraged and the politicians are indignant that Merkel's phone has been hacked for years by the NSA.  Obama did or didn't know about it. This diplomatic squabble makes for good headlines, but it's not the real lesson of this story.

Indeed, why was Merkel using an unsecured phone?!  According to press reports of the Snowden revelations, she was using the sort of phone service that you or I could buy by popping into a shop in Berlin.  

If the NSA has been listening to Merkel's phone for years, and the German authorities only learned about it from the Snowden revelations, then one has to assume that other sophisticated national surveillance organizations, like the Chinese and the Russians, have been listening too.  State surveillance secrets in China and Russia are less leaky than in the US, and I doubt we'll see a Chinese or Russian Snowden expose their practices to the world.  

So, the most powerful woman on the planet apparently needs help in recruiting a staff of competent computer and communications security experts who could help protect her and her role.  

Any privacy lawyer who works in the field of security breaches always asks a basic question of the target of a breach/hack:  were you using "adequate security"?  Seriously, would you park your Porsche in a public place without locking it? 

Friday, October 25, 2013

My Mom and Dad trust each other

Imagine if your mom and dad didn't trust each other. Imagine if they spied on each other, and hired private investigators, and tapped each other's phone calls. They'd yell and fight, and the kids would be unhappy.

Then, into the house came a woman, saying she was from Brussels, and she could fix things.  She said we needed fair rules to re-build trust.  Everyone listened. 

She said we needed the following rules:  the children should never be allowed out of the house, except to go to school, since no other place could be trusted.  She said that the children should never use Twitter or Facebook, since they couldn't be trusted.  She said that the children could only play games that had been pre-approved by their teachers or parents, since other games couldn't be trusted.  She said the children needed discipline, and severe sanctions if they ever violated these rules.  

She said that the only way to re-build trust between the parents, and to stop their spying on each other, was to impose these stern rules on the children.  

Everyone sat quietly for a moment.  Then I said:  "isn't it unfair to punish kids for our parents fighting with each other?"  She said:  "be quiet, child, I'm sick of your lobbying." 

After a few more moments of silence, the parents both said:  "look, we're adults.  This is our problem.  We need to work it out between ourselves.  Our children have nothing to do with this.  Get out of our house, now! "

As she walked towards the door, the woman from Brussels turned to us children and said: "You wicked little things.  Unless you are subject to strict supervision, your parents will never trust each other again, and it's all your fault!"

Editor's note:   if you don't get the point of my little story, please read this expert commentary by Mr Jeppesen:
"...the E.U. Data Protection Regulation (DPR) was first proposed in 2012. Unfortunately, government surveillance issues cannot be solved by this legislation....
it would not regulate E.U. Member States' national security intelligence programs, nor would it address the surveillance programs of the United States. The European Parliament and the European Commission simply do not have the authority to address national security matters... The only path forward for true reform around global surveillance practices is a much harder slog. It will require a joint European-U.S. effort to find agreement on proper legal standards and safeguards."

Thursday, October 24, 2013

Jeff Koons' Private Parts

I was invited to a fancy charity dinner in Paris, and was treated to a delicious feast of suave irony.  It's not every day that I sip Dom Perignon with Jeff Koons and Laurent Fabius, paid for by a tax-exempt charity. The conversation went something like this:

Jeff:  I love France, I love Versailles.   They just did a show of my work.  For centuries, people with wealth and power have bought the world's best art to show the world their excellent taste.

Laurent:  We're so happy to invite our American friends to France.  I come from a long family tradition of art dealers. In France, we support culture.  
Silly rich person at our table:  Jeff, which artist had the most influence on you?

Jeff:  My favorite artist has always been Monet, or Manet, I mean Monet.  

Me:  I start howling with laughter.  I am kicked in the shin by my partner. 

Silly rich person at our table:  I adore la France.  My entire house in Dallas is decorated in French style.  and Peter, what do you do, she asks, feigning interest.

Me:  I work in privacy, and I'm bemused by Jeff's soft-porn art and the idea of an artist exposing his erection as a statement about what's private and what's public. 

Laurent:  Apologies, dear American friends, I must leave you now to speak with Assad.  So vulgar, but his wife is charming. 

Jeff:  Apologies, too, I have to catch a flight with Francois to Venice tomorrow, he says, with an ah-shucks tone and a million-dollar smile that had all of us swoon.  

Silly rich person at our table:  I just loved them both!  So down-to-earth!  but, Peter, I think your comment about his nude art made him uncomfortable.  Did he really show his private parts in his art?  I'd like to see that.  

Tuesday, October 22, 2013

Two farmers and a donkey

Two farmers owned fields that lie side by side.  They don't like each other, and they never have.  But fate has put their fields next to each other.  Farming is a tough life, and neither makes much money.  So, the two farmers agreed, with heavy-hearts, to buy a donkey jointly, and to share it to till their fields. 

For a while it worked, but as the spring wore on, and the days started getting hotter, both farmers wanted to till his fields in the early morning, when it was cooler.  

The donkey stood in the middle, on the line between the two fields, while each farmer tugged as hard as he could, trying to pull the donkey in his direction. The donkey didn't move.  He couldn't.  He was being pulled in two opposite directions, by farmers of equal strength.  After several minutes of excruciating pain, the ropes around the donkeys neck, being pulled in opposite directions, choked the donkey, and he fell to the ground with a dull thud. 

The farmers glared at each other for a few minutes.  Then they grinned, shook hands, and agreed that it was a damn dumb donkey not to follow their commands.  

oh, and except for the damb dumb donkey, everyone grinned and applauded this.  

Sunday, October 20, 2013

Dear Diary

Dear Diary,

You're the only one I can talk to.  You're the only place where I can share my secret fears.  I feel safe, because I know that no one else will ever read what I write here.  

Even now, after all these years, I don't feel safe as a gay man.  I know there are a lot of people who hate me for that.  I feel sick to my stomach when I read how another young gay man was murdered:  They broke Mr Zamudio's leg with a heavy stone, beat him up with bottles and carved swastikas into his body with broken glass before walking away.

I am very proud to spend my working life in the field of privacy.  I believe that it's the foundation of human dignity, and I hope that I can contribute something to it.  But in a dark mood, I realize that I can no more hold up the tides of technology than an oyster can stop the tides.  

I know that secret algorithms roam the Internet, analyzing, recording, and data-mining every piece of data that they find, billion by billion.  But I assume they won't read this blog, because it's just my blog and it's not very important, except to me.  And even if they do read this blog, I assume it's just to show me an ad, which isn't a big deal.  I mean, they wouldn't create a psychographic profile of me, would they, to use to decide whether or not to hire or fire me?  I mean, I'm not a public figure, like a politician, so why would they create a profile of me?

I had a funny dream yesterday, that I went to dental school to start a new career.  In my dream, I realized that no one would ever thank you for your work in privacy, because it was always a losing fight, so I thought I'd look for a career where you could help people.  Well, that's something I could only tell you, dear diary, since I wouldn't want anyone else to know that I'm nagged by doubts.  This facade is getting exhausting, like pretending to be straight when you're not.  I'm willing to fight the good fight, but I know that I'll lose, in the end.  Well, dear diary, at least I can confide in you, and I feel better already, since I know you'll keep my secrets.  

Friday, October 18, 2013

Lovely, lovely, let's not change a thing

While I was on St Bart's, a lovely French island where plutocrats play, I had a chance to chat with the image-savvy CEO of a major tech company based in California (not Google). We were talking about privacy in Europe, and she said:  "yeah, I know, Europeans think different, Nazis and stuff".  Then she realized I was not an important person, and turned away to talk to someone else. 

Indeed, stuff... She's right, of course, on a basic level, that privacy expectations reflect each country's culture, history and ideology.    

But the Nazis and stuff don't quite explain Europe.  Take France, and its "stuff".  I love France.  I love the country, the people, the culture, the language.  I do not love its government.  I think France is poorly governed by an entrenched "political class" and run by an army of grumpy functionaries and enslaved to a socialist ideology stuck in a 1970's rut.  And lots of people think that it will be run by the far-right Front National in a few years, as mainstream voters get sick of their "mainstream" parties and Socialist taxocrats.  

France is a deeply conservative society, in the sense that it does not like change.  This country is deeply uncomfortable with globalization, and even with capitalism, based on a widespread pessimism that France's best days are behind it.  Innovation is not popular in a country that thinks it's more likely to lose from the change that innovation brings.  The innovation that is popular in France is inventing new taxes (innovating a new global financial transactions tax?, innovating a new "data" tax? innovating the highest marginal income taxes in the world?).  

Paris was once more welcoming to foreign businesses.  The Economist's article recently struck a lucid and painful blow to French self-esteem:   The article pointed out that Paris was Morgan Stanley's first international office, a decade before London!  Can you remember the 1970's and 1980's, when American technology giants like IBM and Microsoft chose Paris as their European headquarters?  The entire new generation of American tech companies have chosen London or Dublin or Luxembourg or Zurich for their European headquarters. I can't think of a single American company that has chosen Paris for its European headquarters in the last two decades. Understandably, this is all hard for Paris to swallow.  
Against this background, it's easier to understand why the French government is campaigning to weaken the European Commission's proposal to institute a one-stop shop in Europe.  Most US companies would find their lead regulators in Dublin or London or Luxembourg.  As far as I know, not a single foreign company would have its "main establishment" in Paris.  

Looking at the increasingly barren business landscape in Paris, I'm reminded of Voltaire's advice:  "Il faut cultiver notre jardin".  I'm often amazed that anything grows here at all, like a pretty flower in the dry, hostile desert.    

Tuesday, October 8, 2013

From Warsaw to Mauritius

I'm just back from a privacy commissioners' conference in Warsaw.  I detected a theme of privacy-war-weariness there.  It's tiring, spending your days navigating the constant conflicts of privacy and protectionism, privacy and politics, privacy and Prism.  

I'm sympathetic to people who are tired of sitting in drab conference centers from Brussels to Belgrade, half-listening to tedious talks and self-righteous rants and anti-American tirades. 

How can I blame civil servants for voting to hold their next annual global conference on an Indian Ocean resort island of Mauritius?  Ok, I admit, at first I thought it was a joke, but then I was told it wasn't.    

This could be fun:  in sunny Mauritius, you'll see your global privacy colleagues in an entirely new light, discussing Binding Corporate Rules on the beach, or monitoring international data flows in the Indian Ocean.  Ever heard a speech about transparency from someone in a Speedo?  engaging in a little surreptious surveillance by snorkeling.  

At the last conference in Warsaw, I can't remember much, and I always tune out the anti-American rants, but someone said personal data on social platforms was like "urine in a swimming pool", which made me sit up and listen, since I'm a swimmer, and ponder the analogy, and at my pool, we drain the water twice a year, which is sort of like a Right to be Forgotten, or at least it gets rid of the urine eventually, unlike the Web.  Then someone started another anti-American rant about why can't Americans be enlightened enough to create euro-bureaucracies like us to "accompany innovation", so I sighed and zoned out again and watched swimming videos on YouTube. 

Indeed, it's been a tough year in privacy-land, tempers are frayed, and we all deserve a break (well, except the taxpayers).  As the International Association of Privacy Professionals reported:  

To celebrate, Mauritius will play host to next year’s International Conference of Data Protection and Privacy Commissioners on September 22, 2014.

Friday, August 23, 2013

Saying Nyet to the Russian Homophobolympics

As a gay-athlete, and oh yes, also privacy professional, I've decided not to set foot in Russia, as a personal protest against Russia's offensive homophobic laws.  My swim team friends and I agreed that Putin is demeaning the Olympics and turning them into his Homophobolympics.  We know something about athletic discipline:  we swim a lot and hard.  We've all trained with real Olympians, and we're in awe of them.  So, how should we react when political thugs attack the core values of the Olympics? 

When some politicians in Russia recently started "investigating"  American tech companies, I was invited to go to Moscow to meet with them.  But in the case of Russia, in light of its recent Anti-Gay Propaganda law, I declined.  I decided not to set foot in Russia, as an act of personal conscience.   Many other people whom I respect are making similar decisions not to set foot in Russia.  

Russia joins a rogue's gallery of countries with state-sponsored homophobia, but unlike the others, Russia is soon to host the Winter Olympics.  Ever since Hitler hosted the Berlin Olympics in 1936, we know how miscreants in power want to use the Oympic global stage to win international attention and acclaim.  

I have deep respect for athletes.  We should do nothing to hurt athletes in Sochi.  But let's also use the Sochi Games to shine a spotlight on Putin's regime.  Putin wants the spotlight, let him have it.  Let's shine a spotlight on government corruption in constructing the $50 billion Olympics facilities.  Let's shine a spotlight on Putin's crackdown on human rights, on democracy, on the judicial system in Russia.  Let's shine a spotlight on Putin's coterie of friendly rogue-regimes, like Syria's Assad.  Let's shine a spotlight on the personal wealth accumulated by friends of the regime.  Let's use social media to disseminate evidence of the vicious homophobia that Putin is inciting.  

Each of us must make a choice.  I'm not setting foot in Russia.  Despite its lofty self-congratulatory rhetoric, the IOC is taking the amoral path. But many people will go to Sochi, and I have a wish for athletes and spectators alike:  wave a rainbow flag as you march at the Opening Ceremony, or wear a rainbow scarf or pin.  Some politicians around the world are already showing ethical leadership, and I hope the clutch of global politicians attending the G20 in St Petersburg soon will too.  Imagine if we had all had the courage in 1936, Jews and non-Jews alike, to march at the Opening Ceremony in Berlin wearing Yellow Stars.  

Say Nyet to the Homophobolympics.

Friday, August 2, 2013

How to feign outrage over PRISM

Around the world, politicians are under pressure to express their outrage over US government surveillance.  It's August, and your PR teams may be on holiday, so here are some hints on how to get a good headline:

1)  Focus your outrage on the American government.  Distract everyone from the fact that your own government does it too.  e.g., Europe has the most privacy-invasive government surveillance regime in the world, based on the mandatory data retention of the communications logs (aka, metadata) on every single electronic communication for periods ranging from 6 to 24 months.  The US does not have such a data retention regime, because it was deemed too privacy-invasive by the US Congress.  But don't talk about that. 

2)  Focus your outrage on foreign private companies (e.g., Twitter or whatever).  Companies of course are not in control of government surveillance, but just the tools.  In any case, only talk about foreign companies, and never suggest that your own domestic companies are subject to similar (or much greater) surveillance. 

3)  Feel free to make up the facts.  Since much government surveillance is by its very nature secret, you can say pretty much anything without risk of being contradicted by the facts.  

4)  Propose credible-sounding but irrelevant solutions.   Like suggesting that the way to rein in US government surveillance is to abrogate the US-EU Safe Harbor Framework, which governs data transfers in the private sector, even though you know of course that the location of data is irrelevant to the US government's power to order access to it.  Location of data sounds relevant, and only a few lawyers know otherwise.  

5)  Use it as leverage for an unrelated political goal.  Politics is all about deal-making, and trade-offs.  So, use this PRISM scandal to exert pressure for whatever else you want: trade deals, global warming treaties, anything is fair game.  In fact, you can even use this as a good excuse to increase your own government surveillance powers:  "we want to be able to do what the Americans are doing." 

6)  Get your headlines now.  You know that all this will blow over.  Snowden will melt away like a snowman in spring.  Nothing much will change in the realm of government surveillance.  Perhaps there will be a few cosmetic changes, like reforming the FISA Court.  You also know that the next big terrorist attack will completely change the political winds.  It's August, so go sailing, and be ready to tack when the winds shift.  

Monday, July 29, 2013

Russia ratifies Privacy Rights...but not for Gays

Modern privacy law was invented over a century ago in the United States, was re-discovered in post-war-Europe, and is now spreading around the world.  Privacy laws have historically been built on three foundations:  1)  democracy,  2)  rule of law, and  3)  respect for fundamental human rights. 

So, what should we make of the fact that a rogue's gallery of autocratic countries, with neither rule of law, nor respect for fundamental human rights, are starting to pass privacy laws?

Take the example of Russia.  Last month, at the same time that Putin's regime ratified an international framework of privacy law, known as Convention of Europe 108, it also launched its war on gays.  

Why would Putin's regime ratify a privacy law, while subverting democracy, subverting the rule of law, and inciting vicious homophobia as official policy?  Is it just to distract an ignorant electorate from the Kremlin's kleptocracy?  How exactly is the International Olympic Committee going to deal with Sochi?  Should Russia or Russian products be boycotted by people of conscience?  I don't want to see the world's athletes held hostage to this, but nor do I want to see them march under the salute of Putin, recollecting those tragic Games in Berlin.    

What, I wonder, does a privacy law mean in this context?  And if you think all this is just Russian thugocratic posturing, imagine if your gay teenage son were Russian.  I dare you to click.    I doubt this tortured teen will find redress under Russia's ratification of privacy laws, do you?

Monday, July 15, 2013

We need global privacy more than ever

As a reaction to the recent spate of government surveillance revelations, this week the Chancellor of Germany and others have issued calls for an international data protection treaty.  

Back in 2007, I gave a speech to UNESCO calling privacy standards.  

My speech was broadly covered by the press:  Google urges UN to set global internet privacy rules.

On re-reading it, I'm struck by how little has changed since 2007, both in terms of the need for global privacy standards, and how little progress has been made to achieve them.  After two years of acrimonious debate, we can't even agree on a draft privacy law for Europe, much less a treaty for the world.  Nonetheless, I'm firmly in the camp of people who believe that privacy can only be protected in a global context, and that global privacy standards are part of that fabric.  I'm taking the liberty of re-posting it below. 

Friday, September 14, 2007

The Need for Global Privacy Standards


How should we update privacy concepts for the Information Age? The total amount of data in the world is exploding, and data flows around the globe with the click of mouse. Every time you use a credit card, or every time you use an online service, your data is zipping around the planet. Let’s say you live in France and you use a US company’s online service. The US company may serve you from any one of its numerous data centers, from the “cloud” as we say in technology circles, in other words, from infrastructure which could be in Belgium or Ireland – and which could change based on momentary traffic flows. The company may store offline disaster recovery tapes in yet another location (without disclosing the location, for security purposes). And the company may engage customer service reps in yet another country, say India. So, your data may move across 6 or 7 countries, even for very routine transactions.
As a consumer, how do you know that your data is protected, wherever it is located? As a business, how do you know which standards of data protection to apply? As governments, how do you ensure that your consumers and your businesses can participate fully in the global digital economy, while ensuring their privacy is protected?

The story illustrates the argument I want to make today. It is that businesses, governments but most of all citizens and consumers would all benefit if we could devise and implement global privacy standards. In an age when billions of people are used to connecting with data around the world at the speed of light, we need to ensure that there are minimum privacy protections around the world. We can do better, when the majority of the world’s countries offer virtually no privacy standards to their citizens or to their businesses. And the minority of the world’s countries that have privacy regimes follow divergent models. Today, citizens lose out because they are unsure about what rights they have given the patchwork of competing regimes, and the cost of compliance for businesses risks chilling economic activity. Governments often struggle to find any clear internationally recognised standards on which to build their privacy legislation.

Of course there are good reasons for some country-specific privacy legislation. The benefits of homogeneity must be balanced by the rights of legitimate authorities to determine laws within their jurisdictions. We don’t expect the same tax rules in every country, say some critics, so why should we expect the same privacy rules? But in many areas affecting international trade, from copyright to aviation regulations to world health issues, huge benefits have been achieved by the setting of globally respected standards. In today’s inter-connected world, no one country and no one national law by itself can address the global issues of copyright or airplane safety or influenza pandemics. It is time that the most globalised and transportable commodity in the world today, data, was given similar treatment.

So today I would like to set out why I think international privacy rules are necessary, and to discuss ideas about how we create universally respected rules. I don’t claim to have all the answers to these big questions, but I hope we can contribute to the debate and the awareness of the need to make progress.

Drivers behind the original privacy standards

But first a bit of history. Modern privacy law is a response to historical and technological developments of the second-half of the 20th century. The ability to collect, store and disseminate vast amounts of information about individuals through the use of computers was clearly chilling against the collective memories of the dreadful mass-misuse of information about people that Europe had experienced during WWII. Not surprisingly, therefore, the first data privacy initiatives arose in Europe, and they were primarily aimed at imposing obligations that would protect individuals from unjustified intrusions by the state or large corporations, as reflected in the 1950 European Convention for the Protection of Rights and Fundamental Freedoms.

Early international instruments

After a decade of uncoordinated legislative activity across Europe, the Organisation for Economic Co-operation and Development identified a danger: that disparities in national legislations could hamper the free flow of personal data across frontiers. In order to avoid unjustified obstacles to transborder data flows, in 1980 the OECD adopted its Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. It’s worth underscoring that concerns about international data flows were already being addressed in a multinational context as early as 1980, with the awareness that a purely national approach to privacy regulation simply wasn’t keeping abreast of technological and business realities.

These OECD Guidelines became particularly influential for the development of data privacy laws in non-European jurisdictions. The Guidelines represent the first codification of the so-called ‘fair information principles’. These eight principles were meant to be taken into account by OECD member countries when passing domestic legislation and include: 1) collection limitation, 2) data quality, 3) purpose specification, 4) use limitation, 5) security safeguards, 6) openness, 7) individual participation, and 8) accountability.

A parallel development in the same area but with a slightly different primary aim was the Council of EuropeConvention on the Automated Processing of Personal Data adopted in 1981. The Convention’s purpose was to secure individuals’ right to privacy with regard to the automatic processing of personal data and was directly inspired by the original European Convention on human rights. The Council of Europe instrument sets out a number of basic principles for data protection, which are similar to the ‘fair information principles’ of the OECD Guidelines. In addition, the Convention establishes special categories of data, provides additional safeguards for individuals and requires countries to establish sanctions and remedies.
The different origins and aims of both instruments result in rather different approaches to data privacy regulation. For example, whilst the Convention relies heavily on the establishment of a supervisory authority with responsibility for enforcement, the OECD Guidelines rely on court-driven enforcement mechanisms. These disparities have been reflected in the laws of the countries within the sphere of influence of each model. So, for example, in Europe, privacy abuses are regulated by independent, single-purpose bureaucracies, while in the US, privacy abuses can be regulated by many different government and private bodies (e.g., the Federal Trade Commission at the Federal level, Attorneys General at the State levels, and private litigants everywhere). It’s impossible to say which model is more effective, since each reflects the unique regulatory and legal cultures of their respective traditions. Globally, we need to focus on advocating privacy standards to countries around the world. But we should defer to each country to decide on its own regulatory models, given its own traditions.

Current situation

Today, a quarter century later, some countries are inspired by the OECD Guidelines, others follow the European approach, and some newer ones incorporate hybrid approaches by cherry-picking elements from existing frameworks, while the significant majority still has no privacy regimes at all.

After half a decade of negotiations, in 1995, the EU adopted the Data Protection Directive 95/46/EC. The EU Directive has a two-fold aim: to protect the right to privacy of individuals, and to facilitate the free flow of personal data between EU Member States. Despite its harmonisation purpose, according to a recent EU Commission Communication, the Directive has not been properly implemented in some countries yet. This shows the inherent difficulty in trying to roll out a detailed and strict set of principles, obligations and rights across jurisdictions. However, the Commission has also made it clear that at this stage, it does not envisage submitting any legislative proposals to amend the Directive.

In terms of core European standards, the best description of what the EU privacy authorities would regard as “adequate data protection” can be found in the Article 29 Working Party’s document WP 12. This document is a useful and detailed point of reference to the essence of European data privacy rules, comprising both content principles and procedural requirements. In comparison with other international approaches, EU data privacy laws appear restrictive and cumbersome, particularly as a result of the stringent prohibition on transfers of data to most countries outside the European Union. The EU’s formalistic criteria for determining “adequacy” have been widely criticized: why should Argentina be “adequate”, but not Japan? As a European citizen, why can companies transfer your data (even without your consent) to Argentina and Bulgaria and other “adequate” countries, but not to the vast majority of the countries of the world, like the US and Japan? In short, if we want to achieve global privacy standards, the European Commission will have to learn to demonstrate more respect for other countries’ approach to privacy regimes.

But at least in Europe there is some degree of harmonisation. In contrast, the USA has so far avoided the adoption of an all-encompassing Federal privacy regime. Unlike in Europe, the USA has traditionally made a distinction between the need for privacy-related legislation in respect of the public and the private sectors. Specific laws have been passed to ensure that government and administrative bodies undertake certain obligations in this field. With regard to the use of personal information by private undertakings, the preferred practice has been to work on the basis of sector-specific laws at a Federal level whilst allowing individual states to develop their own legislative approaches. This has led to a flurry of state laws dealing with a whole range of privacy issues, from spam to pretexting. There are now something like 37 different USA State laws requiring security breach notifications to consumers, a patchwork that is hardly ideal for either American consumer confidence or American business compliance.

The complex patchwork of privacy laws in the US has led many people to call for a simplified, uniform and flexible legal framework, and in particular for comprehensive harmonised Federal privacy legislation. To kick start a serious debate on this front, a number of leading US corporations set up in 2006 the Consumer Privacy Legislative Forum, of which Google forms part. It aims to make the case for harmonised legislation. We believe that the same arguments for global privacy standards should also apply to US Federal privacy standards: improve consumer protections and confidence by applying a consistent minimum standard, and ease the burdens on businesses trying to comply with multiple (sometimes conflicting) standards.
A third and increasingly influential approach to privacy legislation has been developing in Canada, particularly since the federal Personal Information Protection and Electronic Documents Act (“PIPEDA”) was adopted in 2000. The Canadian PIPEDA aims to have the flexibility of the OECD Guidelines – on which it is based – whilst providing the rigour of the European approach. In Canada, as in the USA, the law establishes different regimes for the public and private sectors, which allows for a greater focus on each. As has also been happening in the USA in recent years with state laws, provincial laws have recently taken a leading role in developing the Canadian model. Despite the fact that PIPEDA creates a privacy framework that requires the provincial laws to be "substantially similar" to the federal statute, a Parliamentary Committee carrying out a formal review of the existing framework earlier this year, recommended reforms for PIPEDA to be modelled on provincial laws. Overall, Canada should be praised for encouraging the development of progressive legislation which serves the interests of both citizens and businesses well.

Perhaps the best example of a modern approach to the OECD privacy principles is to be found in the APEC Privacy Framework, which has emerged from the work of the 21 countries of the Asia-Pacific Economic Cooperation forum. The Framework focuses its attention on ensuring practical and consistent privacy protection across a very wide range of economic and political perspectives that include global powerhouses such as the US and China, plus some key players in the privacy world (some old, some new), such as Australia, New Zealand, Korea, Hong Kong and Japan. In addition to being a sort of modern version of the old OECD Guidelines, the Framework suggests that privacy legislation should be primarily aimed at preventing harm to individuals from the wrongful collection and misuse of their information. The proposed framework points out that under the new “preventing harm” principle, any remedial measures should be proportionate to the likelihood and severity of the harm.

Unfortunately, the co-existence of such diverse international approaches to privacy protection has three very damaging consequences: uncertainty for international organisations, unrealistic limits on data flows in conflict with global electronic communications, and ultimately loss of effective privacy protection.

New (interconnected) drivers for global privacy standards

Against this background, we are witnessing a series of new phenomena that evidence the need for global privacy standards much more compellingly than in the 70s, 80s or 90s. The development of communications and technology in the past decade has had a marked economic impact and accelerated what is commonly known as ‘globalisation’. Doing business internationally, exchanging information across borders and providing global services has become the norm in an unprecedented way. This means that many organisations and those within them operate across multiple jurisdictions. The Internet has made this phenomenon real for everyone.

A welcome concomitant of the unprecedented technological power to collect and share all this personal information on a global basis is the increasing recognition of privacy rights. The concept of privacy and data protection regimes has moved from one discussed by experts at learned conferences to an issue that is discussed and debated by ordinary people who are increasingly used to the trade offs between privacy and utility in their daily lives. As citizens’ interest in the issue has grown, so, of course has politicians’ interest. The adoption of new and more sophisticated data privacy laws across the world and the radical legal changes affecting more traditional areas of law show that both law makers and the courts perceive the need to strengthen the right to privacy. Events which have highlighted the risks attached to the loss or misuse of personal information have led to a continuous demand for greater data security which often translates into more local laws, such as those requiring the reporting of security breaches, and greater scrutiny.

Routes to the development of global privacy standards

The net result is that we have a fragmentation of competing local regimes, at the same time as we the massively increased ability for data to travel globally. Data on the Internet flows around the globe at nearly the speed of light. To be effective, privacy laws need to go global. But for those laws to be observed and effective, a realistic set of standards must emerge. It is absolutely imperative that these standards are aligned to today’s commercial realities and political needs, but they must also reflect technological realities. Such standards must be strong and credible but above all, they must be clear and they must workable.

At the moment, there are a number of initiatives that could become the guiding force. As the most recent manifestation of the original OECD privacy principles, one possible route would be to follow the lead of the APEC Privacy Framework and extend its ambit of influence beyond the Asia-Pacific region. One good reason for adopting this route is that it already balances very carefully information privacy with business needs and commercial interests. At the same time, it also accords due recognition to cultural and other diversities that exist within its member economies.

One distinctive example of an attempt to rally the UN and the world’s leaders behind the adoption of legal instruments of data protection and privacy according to basic principles is the Montreux Declaration of 2005. This Declaration probably represents the first official written attempt to encourage every government in the world to do something like this and this is an ambition that must be praised. Little further was heard about the progress of the Montreux Declaration until the International Privacy Commissioners’ Conference took place in November 2006 and the London initiative was presented. The London Initiative acknowledged that the global challenges that threaten individuals’ privacy rights require a global solution. It focuses on the role of the Commissioners’ Conference to spearhead the necessary actions at an international level. The international privacy commissioners behind the London Initiative argue that concrete suggestions must emerge in order to accomplish international initiatives, harmonise global practices and adopt common positions.

One privacy commissioner who has expressed great interest in taking an international role aimed developing global standards is the UK Information Commissioner. The Data Protection Strategy of the Information Commissioner’s Office published at the end of June 2007 stresses the importance of improving the image, relevance and effectiveness of data protection worldwide and, crucially, recognises the need for simplification.

Way forward

The key priority now should be to build awareness of the need for global privacy standards. Highlighting and understanding the drivers behind this need – globalisation, technological development, and emerging threats to privacy rights – will help policymakers better understand the crucial challenge we face and how best to find solutions to address them.
The ultimate goal should be to create minimum standards of privacy protection that meet the expectations and demands of consumers, businesses and governments. Such standards should be relevant today yet flexible enough to meet the needs of an ever changing world. Such standards must also respect the value of privacy as an innate dimension of the individual. To my mind, the APEC Framework is the most promising foundation on which to build, especially since competing models are flawed (the USA model is too complex and too much of a patchwork, the EU model is too bureaucratic and inflexible).

As with all goals, we must devise a plan to achieve it. Determining the appropriate international forum for such standards would be an important first step, and this is a choice that belongs in the hands of many different stakeholders. It may be the OECD or the Council of Europe. It may be the International Chamber of Commerce or the World Economic Forum. It may be the International Commissioners’ Conference or it may be UNESCO. Whatever the right forum is, we should work together to devise a set of standards that reflects the needs of a truly globalised world. That gives each citizen certainty about the rules affecting their data, and the ability to manage their privacy according to their needs. That gives businesses the ability to work within one framework rather than dozens. And that gives governments clear direction about internationally recognised standards, and how they should be applied.

Data is flowing across the Internet and across the globe. That’s the reality. The early initiatives to create global privacy standards have become more urgent and more necessary than ever. We must face the challenge together.

Friday, July 12, 2013

You can run, but you can't hide

Government surveillance is running amock, worldwide.  This is the sort of topic that Obama and I might have debated, when we were both idealists at our alma mater, Harvard Law School.  

Revelations about US government surveillance continue to surprise in their scale and scope.  We all now know that the NSA is hoovering up trillions of communications logs.  We all now know that there are essentially no legal protections of non-US citizens from US government surveillance.  We all now know that the FISA court, which is meant to provide judicial review of snooping on US citizens' communications, is little more than a rubber-stamp.  We all now know that US government spying is directed at friend and foe alike.  We all now know that the US government is bullying governments around the world to hand over the whistle-blower Snowden (forcing down the Presidential aircraft of a Sovereign State?), and most governments are collaborating meekly.  

As more people wake up to the idea of living in a Panopticon, one would think there would be a serious political debate about how to subject government surveillance to serious legal and judicial checks and balances.  Where's the serious debate about finally updating ECPA, so that emails sitting in users' accounts do not lose most effective privacy protections after they're more than 180 days old?  Where's the serious debate in countries around the world about their own governments' surveillance programs, not just about the Americans'?  e.g., the French privacy watchdog launched an investigation into foreign government surveillance, curiously excluding France's own recently-documented surveillance programs.   Where's the serious debate about whether Europe's much-debated privacy-law revamp has completely missed the boat by failing to address government surveillance?  Where's the serious debate about whether US government surveillance makes a mockery of the long-debated, long-negotiated US-EU Parliamentary accords over the privacy safeguards governing US government access to Europeans'  Passenger Name Records or SWIFT bank transfer data?

I have long had a healthy wariness about governmental abuse of power. In my personal life, I've had a taste of what a government can do to prosecute an innocent person, sentenced to jail for a non-crime, then acquitted, and still being put through a decade of criminal justice hell.  

If the Snowden revelations do not suffice to create the political momentum to impose meaningful legal and judicial checks on secret government surveillance, then we're all on an unstoppable trajectory towards total surveillance.  Or we can follow the lead of France's President, who expressed his outrage at revelations of US government spying by suggesting that trade talks with Les Americains should be subjected to a mid-July two-week delay.   Take that! 

Obama and I were at the same law school, and I recognize the skillset of my fellow Harvard Law School grad, where we were all trained in rhetoric, sometimes so empty that it would prompt even Ari Fleischer to zap (btw, no relation to me):  "It's like George Bush is having his fourth term..." 

Tuesday, July 2, 2013

Life in the Goldfish Bowl: Privacy in the Age of Government Surveillance

As each day goes by, there are new revelations of the scope and scale of government surveillance.  I had long known or suspected that all governments engage in secret surveillance, but the Snowden revelations are opening our collective eyes to how vast these operations have become.  The limits on government surveillance seem to be set less by law or ethics than by the limits of the technical infrastructure to collect, store and interpret data.  

The entire privacy profession needs to re-think its priorities in the Age of Government Surveillance.  How does our use and development of technology change if people come to feel (rightly or wrongly) that we are all just goldfish swimming in a bowl of government surveillance?  How do we ourselves change, in a basic sociological sense, if we think we're being watched?  Are we being watched?

The Snowden revelations are already having significant political impacts.  Already, European officials are threatening to abandon the proposed Europe-US Free Trade Agreement negotiations.  Already, people and institutions are re-assessing their trust in the US government.  

Over time, I think we'll see a few long-lasting global trends as a reaction to these revelations about government surveillance (regardless of whether any of these actually provide for enhanced privacy or not):
  • There will be more development and adoption of encryption technologies, in particular, end-to-end encryption, and other privacy-enhancing technologies.   
  • There may be a systemic decrease in trust and use of cloud-based services, like not trusting email with your sensitive communications. 
  • There will be a series of initiatives to demand local-data-storage and to restrict international data transfers for cloud services, just as there are already calls to rescind the EU-US Safe Harbor Agreement. 
  • There may be a series of trade-protectionist measures around the world in favor of local (i.e., non-US) companies.  
  • There will be a series of criminal prosecutions, around the world, against companies and individuals, who will be caught in classic conflict of laws scenarios:  testing whether their compliance with US legal obligations to comply with US government surveillance orders puts them in violation of other countries' privacy laws.
  • Finally, there will be citizen and civil society demands for increased government transparency and democratic control of surveillance programs,  Some governments will respond and some will not.
For those of us who have a deep love for a free and open Internet, and a deep love for transparent and democratic government, it's all sobering.  The ineluctable progress of technology means that the governments' abilities to capture, store, and analyze data will double roughly every 18 months, absent legal or political decisions to restrain it.    

Some government surveillance is necessary and appropriate for governments to carry out their responsibilities to protect and defend their national security, but there's a reason John F. Kennedy didn't say:  "Ich bin ein Ost-Berliner."

Friday, June 28, 2013

It Gets Better

If there's anything I've learned in this half-century adventure of life, it's that being gay is no private matter.  In this historic week, when the "Defense of Marriage Act" was struck down by the Supreme Court, I salute all of those people who have had the courage to stand up, publicly, and say:  I'm gay, I'm proud, and I demand equal rights under the law.  

I applaud all of those people who surrender their privacy to tell their stories, to show the world their all-too-human faces.  

It takes great dignity to show the world your battered face, bloodied in a homophobic attack on the streets of Paris.  

It takes great dignity to show the world your raw grief at the loss of your partner.  

It takes great dignity to walk onto the pitch as a professional sportsman to come out.  

The world is a richer place for the magnanimity of these people.  

Being gay is no private matter.  As each new person finds the strength and confidence to come out, as the laws evolve to provide dignity and equality for all of us, and as more and more of us share our stories, like my colleagues at Google: It gets better. 

Tuesday, June 18, 2013

Mirror, mirror on the wall, who is the ugliest one of them all?

Many years ago, a legal journal called me a man on a "crusade" to protect users' privacy against government surveillance.  That was back in 2007, and since then, the scale and scope of government surveillance has increased dramatically, just as the total amount of data circulating on the Internet has too.  I've been blogging about it for years:  Should you cover your tracks from government snooping?.  

Government surveillance is a worldwide phenomenon.  The purposes of government surveillance vary from country to country, from the conventional to the creepy:  fighting crime, preventing terrorism, spying on political opponents, stealing trade secrets.  In short, everyone does it.  

There's always been more focus on government surveillance conducted by the US government, compared to surveillance conducted by other countries.  That's understandable, because the US is a big country, with big companies, and big technology resources, but also because the US is comparatively transparent about its surveillance programs and the laws governing them, notwithstanding the recent revelations about certain secret programs.  

Transparency is the best answer to worldwide queasiness about government surveillance.  Various companies are already publishing data (to the extent that the governments let them) about how and when they respond to government requests.  However, I'm not aware of a single government that publishes credible statistics about its own surveillance programs.  Governments are not telling their citizens what or how much data they're collecting, why they're doing it, or how long they're keeping it.  

In Europe, it's become a parlour game to debate and decry US government surveillance programs.  By contrast, there's far less debate or transparency about European government surveillance programs.  I can't even count the number of EU Parliament debates about US government surveillance, but I can't remember a single meaningful debate in that chamber about EU governments' surveillance programs.  Similarly, media coverage focuses heavily on US government surveillance, and rarely asks hard questions about what other countries are up to, aside from the routine Chinese-hack-a-day stories.  And side-lined, the data protection regulators are largely excluded from scrutinizing their own countries' surveillance programs.  One of the few exceptions, Richard Thomas, UK Information Commissioner some years ago, tried valiantly to raise the alarm about the risks of "sleep-walk into a surveillance society".  More typical, when the French CNIL was created four decades ago, it focused almost entirely on French government data collection and privacy, but today, the CNIL has shifted its focus 180 degrees and focuses almost entirely on private sector privacy issues.  

We need more transparency about government surveillance programs, not just in the US, but worldwide.  As unsettling as some revelations about the US programs prove to be, it's even worse to know almost nothing about what all these other countries are up to.  I understand that a public scandal a day keeps media coverage in play, but the super-secret surveillance programs in Europe and around the world need scrutiny.  Thankfully, some legal experts, including privacy scholars at Hogan Lovells, are adding sober analysis of the global dimensions of this challenge to an otherwise shrill and polemical debate.  There's no hope of getting transparency about government surveillance programs in China or Russia or Turkey, but there should be vastly more transparency in democratic, privacy-sensitive countries like Europe.  For example, we know almost nothing about what the German spy agency collects, and there's very little public discussion of it, despite Germany being one of the most privacy-sensitive countries on earth.  

I've spent many years advocating for privacy protections against excessive government surveillance, in a global context.  For example, in 2007, I was blogging about government surveillance issues in Sweden.  Only governments themselves can provide real transparency.  Asking a company like Apple to explain US government surveillance is like asking a fish to explain what the fishing boat is doing.   

First, we need more transparency from governments.  Then, we can ask the tough questions:  Mirror, mirror on the wall, who is the ugliest one of them all?

Thursday, May 2, 2013

My favorite holiday photos, and a trillion others

The two-centuries-long evolution of photography has constantly pushed the boundaries of privacy.  At each stage of its evolution, photographing the world has become easier, quicker, more mobile, more ubiquitous, more systematic, and sometimes more furtive.  And in parallel, technology has constantly evolved, to make it easier to store, share, tag, identify and analyze photographs at great scale.  Throughout the evolution of photography, privacy has always depended on social etiquette to regulate what people should and should not photograph, and should and should not share.  

Some places, like my swimming club, have long had rules against photographing.  But all the rules in the world will do almost nothing, unless individuals exercize self-restraint in what they choose to photograph, or not, and what they choose to share with other people, or not.  

This process has been going on a long time, and it will continue.  In the near future, can individuals lifeblog photos or videos of everything and everyone they see?  Technology will enable it.  Some people will love it.  So, once again, the question will be how social etiquette evolves in parallel to the technological evolutions.  

In privacy terms, we generally look to consent from data subjects to legitimize data collection.  But what about random people photographed in public places?  Practically speaking, it's not possible to obtain their consent to photograph them.  We live in a world with literally billions of people carrying cameras, built into small devices, with instant Internet connections.  Our world is becoming more transparent:  do the math, with billions of people, all snapping thousands (or someday, millions?) of photos.  

You can debate, and to some extent regulate, the collection of photos by large entities, like governments and companies, using drones or surveillance cameras, but you can't control what billions of free human beings will photograph and share.  Over time, governments and companies will try to figure out how they can analyze these mountains of crowd-sourced user-generated photos for their own purposes.  

As always, expectations of privacy are heavily cultural.  Technology will continue to evolve.  Expectations of privacy will sometimes collide with the technology, and each will influence the other.  Sometimes, technology will just be a few years ahead of the social consensus evolving to accept it.  Sometimes, it will be a generation ahead.  We're quickly moving from a world where billions of photos are published online, to a world of trillions.  Technology will follow its ineluctable and unpredictable logic.

As humans, we learn when it's rude to peep.  That's a super-subtle human-cultural contextually-dependent evolving social convention.  You can't (yet) teach a machine to know when it's rude to peep, or when it's rude to photograph someone's private moment in a public place.  But you can teach fellow humans.   

Smile!, as you think of 5 billion humans who will be roaming the earth photographing everything and everyone they see.