Abstract
As we move our social institutions from paper and ink based operations to the electronic medium, we invisibly create a type of surveillance society, a panopticon society. It is not the traditional surveillance society in which government officials follow citizens around because they are concerned about threats to the political order. Instead it is piecemeal surveillance by public and private organizations. Piecemeal though it is, It creates the potential for the old kind of surveillance on an even grander scale. The panopticon is the prison environment described by Foucault in which prison cells are arranged in a large circle with the side facing the inside of the circle open to view. The guard tower is placed in the middle of the circle so that guards can see everything that goes on in every cell. When we contemplate all the electronic data that is now gathered about each of us as we move through our everyday lives --- intelligent highway systems, consumer transactions, traffic patterns on the internet, medical records, financial records, and so on --- there seems little doubt that we are moving into a panopticon.
The social issues that arise from this are too numerous to detail here, but data retention is an important part of it. In the paper-and-ink world, documents are filed, files are boxed, boxes are put away or thrown away. The capacity for data retrieval and manipulation is, thereby, limited by the sheer difficulty and cost of storing, finding, searching, and manipulating large numbers of paper files. This inconvenience functions as a mechanism whereby the system forgets past information, not unlike the way we ourselves forget. However, the story is very different in the digital world; digital information is easy to store, easy to search and manipulate, and inexpensive to keep over extensive periods of time. Digitalized information systems tend, therefore, to collect extensive ancillary information and to retain this information indefinitely. Such lack of forgetfulness is likely to hamper the ability of individuals to shed their past, and start over with a clean slate.
Concerns about data retention were expressed in the early literature on the social impact of computing (Westin and Baker, 1972), but for the most part the issue has dropped from sight. Rarely, has the social good of discarding accumulated personal data been addressed. In this paper, we want to make the case by examining diverse cases in which retention of information by either business or governmental institutions hinders the ability of individuals to start over or to act autonomously. We hope our argument for the good of forgetfulness will challenge the standard framework in which such issues have traditionally been debated. The privacy debate exemplifies the traditional framework insofar as it has been characterized as involving an inherent tension between, on the one hand, the needs of organizations and institutions for more accurate and efficient information systems so as to further their goals (law enforcement, employee efficiency, etc.) and, on the other hand, the desire of individuals to have information about them kept private. Regan (1995) argues against this framing of the privacy issue in favor of one that recognizes the social importance of personal privacy. We will examine the non-forgetfulness of information systems as a problem threatening not just individual interests but social good as well.
Cryptography is often cited as the technology that will give us privacy and mediate against surveillance. One of the uses of cryptography, encryption, will allow us, some hope, to create confidentiality and relationships of trust that will facilitate many of the social arrangements we now have and perhaps make them even more secure than they are now. Electronic cash, for example, could be created in such a form that it would have the anonymity associated now with hard cash (and perhaps even more.) Others are less optimistic of the potential for cryptography to re-create relationships of trust in the new medium.
One important point that already seems clear is that even if encryption technology will protect the confidentiality and integrity of electronic transactions and data, it will NOT stop the observation of traffic patterns on networks. This seems an important distinction to put on the table. Our patterns of communication will continue to be available, no matter what is encrypted, and an amazing amount of information can be gleaned from this data. In a sense, it means content integrity but no anonymity. This will indubitably impact how we interact and with whom we interact.
