Regulating mass surveillance as privacy pollution: Learning from environmental impact statements

Research output: Contribution to journalArticle

8 Citations (Scopus)

Abstract

Encroachments on privacy through mass surveillance greatly resemble the pollution crisis in that they can be understood as imposing an externality on the surveilled. This Article argues that this resemblance also suggests a solution: requiring those conducting mass surveillance in and through public spaces to disclose their plans publicly via an updated form of environmental impact statement, thus requiring an impact analysis and triggering a more informed public conversation about privacy. The Article first explains how mass surveillance is polluting public privacy and surveys the limited and inadequate doctrinal tools available to respond to mass surveillance technologies. Then, it provides a quick summary of the Privacy Impact Notices ("PINs") proposal to make a case in principle for the utility and validity of PINs. Next, the Article explains how environmental law responded to a similar set problems (taking the form of physical harms to the environment) with the National Environmental Policy Act of 1969 ("NEPA"), requiring Environmental Impact Statement ("EIS") requirements for environmentally sensitive projects. Given the limitations of the current federal privacy impact analysis requirement, the Article offers an initial sketch of what a PIN proposal would cover and its application to classic public spaces, as well as virtual spaces such as Facebook and Twitter. The Article also proposes that PINs apply to private and public data collection-including the NSA's surveillance of communications. By recasting privacy harms as a form of pollution and invoking a familiar (if not entirely uncontroversial) domestic regulatory solution either directly or by analogy, the PINs proposal seeks to present a domesticated form of regulation with the potential to ignite a regulatory dynamic by collecting information about the privacy costs of previously unregulated activities that should, in the end, lead to significant results without running afoul of potential U.S. constitutional limits that may constrain data retention and use policies. Finally, the Article addresses three counterarguments focusing on the First Amendment right to data collection, the inadequacy of EISs, and the supposed worthlessness of noticebased regimes.

Original languageEnglish (US)
Pages (from-to)1713-1790
Number of pages78
JournalUniversity of Illinois Law Review
Volume2015
Issue number5
StatePublished - Jan 1 2015

Fingerprint

privacy
environmental impact
surveillance
learning
impact analysis
public space
Environmental Policy Act
environmental law
twitter
facebook
amendment
communications
conversation
regime
regulation
costs

ASJC Scopus subject areas

  • Law

Cite this

Regulating mass surveillance as privacy pollution : Learning from environmental impact statements. / Froomkin, A. Michael.

In: University of Illinois Law Review, Vol. 2015, No. 5, 01.01.2015, p. 1713-1790.

Research output: Contribution to journalArticle

@article{5a5b718ce5c9478088978423e74ad3bb,
title = "Regulating mass surveillance as privacy pollution: Learning from environmental impact statements",
abstract = "Encroachments on privacy through mass surveillance greatly resemble the pollution crisis in that they can be understood as imposing an externality on the surveilled. This Article argues that this resemblance also suggests a solution: requiring those conducting mass surveillance in and through public spaces to disclose their plans publicly via an updated form of environmental impact statement, thus requiring an impact analysis and triggering a more informed public conversation about privacy. The Article first explains how mass surveillance is polluting public privacy and surveys the limited and inadequate doctrinal tools available to respond to mass surveillance technologies. Then, it provides a quick summary of the Privacy Impact Notices ({"}PINs{"}) proposal to make a case in principle for the utility and validity of PINs. Next, the Article explains how environmental law responded to a similar set problems (taking the form of physical harms to the environment) with the National Environmental Policy Act of 1969 ({"}NEPA{"}), requiring Environmental Impact Statement ({"}EIS{"}) requirements for environmentally sensitive projects. Given the limitations of the current federal privacy impact analysis requirement, the Article offers an initial sketch of what a PIN proposal would cover and its application to classic public spaces, as well as virtual spaces such as Facebook and Twitter. The Article also proposes that PINs apply to private and public data collection-including the NSA's surveillance of communications. By recasting privacy harms as a form of pollution and invoking a familiar (if not entirely uncontroversial) domestic regulatory solution either directly or by analogy, the PINs proposal seeks to present a domesticated form of regulation with the potential to ignite a regulatory dynamic by collecting information about the privacy costs of previously unregulated activities that should, in the end, lead to significant results without running afoul of potential U.S. constitutional limits that may constrain data retention and use policies. Finally, the Article addresses three counterarguments focusing on the First Amendment right to data collection, the inadequacy of EISs, and the supposed worthlessness of noticebased regimes.",
author = "Froomkin, {A. Michael}",
year = "2015",
month = "1",
day = "1",
language = "English (US)",
volume = "2015",
pages = "1713--1790",
journal = "University of Illinois Law Review",
issn = "0276-9948",
publisher = "University of Illinois College of Law",
number = "5",

}

TY - JOUR

T1 - Regulating mass surveillance as privacy pollution

T2 - Learning from environmental impact statements

AU - Froomkin, A. Michael

PY - 2015/1/1

Y1 - 2015/1/1

N2 - Encroachments on privacy through mass surveillance greatly resemble the pollution crisis in that they can be understood as imposing an externality on the surveilled. This Article argues that this resemblance also suggests a solution: requiring those conducting mass surveillance in and through public spaces to disclose their plans publicly via an updated form of environmental impact statement, thus requiring an impact analysis and triggering a more informed public conversation about privacy. The Article first explains how mass surveillance is polluting public privacy and surveys the limited and inadequate doctrinal tools available to respond to mass surveillance technologies. Then, it provides a quick summary of the Privacy Impact Notices ("PINs") proposal to make a case in principle for the utility and validity of PINs. Next, the Article explains how environmental law responded to a similar set problems (taking the form of physical harms to the environment) with the National Environmental Policy Act of 1969 ("NEPA"), requiring Environmental Impact Statement ("EIS") requirements for environmentally sensitive projects. Given the limitations of the current federal privacy impact analysis requirement, the Article offers an initial sketch of what a PIN proposal would cover and its application to classic public spaces, as well as virtual spaces such as Facebook and Twitter. The Article also proposes that PINs apply to private and public data collection-including the NSA's surveillance of communications. By recasting privacy harms as a form of pollution and invoking a familiar (if not entirely uncontroversial) domestic regulatory solution either directly or by analogy, the PINs proposal seeks to present a domesticated form of regulation with the potential to ignite a regulatory dynamic by collecting information about the privacy costs of previously unregulated activities that should, in the end, lead to significant results without running afoul of potential U.S. constitutional limits that may constrain data retention and use policies. Finally, the Article addresses three counterarguments focusing on the First Amendment right to data collection, the inadequacy of EISs, and the supposed worthlessness of noticebased regimes.

AB - Encroachments on privacy through mass surveillance greatly resemble the pollution crisis in that they can be understood as imposing an externality on the surveilled. This Article argues that this resemblance also suggests a solution: requiring those conducting mass surveillance in and through public spaces to disclose their plans publicly via an updated form of environmental impact statement, thus requiring an impact analysis and triggering a more informed public conversation about privacy. The Article first explains how mass surveillance is polluting public privacy and surveys the limited and inadequate doctrinal tools available to respond to mass surveillance technologies. Then, it provides a quick summary of the Privacy Impact Notices ("PINs") proposal to make a case in principle for the utility and validity of PINs. Next, the Article explains how environmental law responded to a similar set problems (taking the form of physical harms to the environment) with the National Environmental Policy Act of 1969 ("NEPA"), requiring Environmental Impact Statement ("EIS") requirements for environmentally sensitive projects. Given the limitations of the current federal privacy impact analysis requirement, the Article offers an initial sketch of what a PIN proposal would cover and its application to classic public spaces, as well as virtual spaces such as Facebook and Twitter. The Article also proposes that PINs apply to private and public data collection-including the NSA's surveillance of communications. By recasting privacy harms as a form of pollution and invoking a familiar (if not entirely uncontroversial) domestic regulatory solution either directly or by analogy, the PINs proposal seeks to present a domesticated form of regulation with the potential to ignite a regulatory dynamic by collecting information about the privacy costs of previously unregulated activities that should, in the end, lead to significant results without running afoul of potential U.S. constitutional limits that may constrain data retention and use policies. Finally, the Article addresses three counterarguments focusing on the First Amendment right to data collection, the inadequacy of EISs, and the supposed worthlessness of noticebased regimes.

UR - http://www.scopus.com/inward/record.url?scp=84948693468&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84948693468&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:84948693468

VL - 2015

SP - 1713

EP - 1790

JO - University of Illinois Law Review

JF - University of Illinois Law Review

SN - 0276-9948

IS - 5

ER -