Much of the current dialogue in democratic societies follows the advocacy model, which assumes that the clash of two strong one-sided views will lead to a just conclusion, reasonable judgments, and sound public policies. In contrast, the liberal communitarian approach favors the model exemplified by the agora in ancient Greece,1 the jirgas of Afghanistan,2 and the US Senate in earlier decades:3 one of dialogue, in which opposing sides engage in a civil discourse, give-and-take, and commit to finding a widely acceptable course.
We all face two fully legitimate normative and legal claims—those of individual rights and those of the common good—and the fact that neither can be maximized nor can the two be fully reconciled. It follows that some balance must be worked out between the conflicting claims. The liberal communitarian model assumes from the outset that a democratic nation ought to be committed to advancing both individual rights and the common good and that neither should be assumed to a priori trump the other.4 (Social responsibilities are the specifications of the common good. For example, a common good may be protecting the environment; recycling is a social responsibility.)
The Fourth Amendment provides an important text for the liberal communitarian philosophy when it states, “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated.”5 By banning only unreasonable searches and seizures, it recognizes that there are reasonable ones—those that serve the common good (or, to use a term more familiar to the legal community, the public interest).
Moreover, the Constitution provides a mechanism for determining which searches are reasonable: the courts. What the courts consider reasonable searches changes as conditions of public security and order change. For instance, after a rush of skyjacking in 1972, the courts deemed legal the newly introduced screening gates in airports where millions of travelers are searched. These gates stopped skyjacking within roughly a year. The courts, as a rule, do not use the term “common good” but refer to the “public interest.” Although they have given different rationales for authoring a considerable variety of searches, many even without a warrant, they seem to be morally grounded: searches are legitimate if the gains for the public interest greatly outweigh the harms of intrusion on privacy.
A review of Supreme Court rulings shows that the Court has a broad understanding of public safety, which allows diverse intrusions into the realm of individual rights to serve this common good.6 The most basic element of public safety is upholding law and order, and the deterrence and prevention of crime. A second element of public safety relates to preventing accidental death and injury. Thus, the Court allowed suspicionless, random drug and alcohol testing of train engineers in the wake of a series of train accidents7 as well as random sobriety checkpoints on highways to prevent deadly car accidents resulting from drunk driving.8 A third element of public safety is the promotion of public health.9 Thus, the Court held that the public interest in eradicating the smallpox disease justified compulsory vaccination programs despite the resulting intrusion on privacy,10 and held that search warrants for Occupational Safety and Health Act (OSHA) inspections do not require “probable cause in the criminal law sense.”11 In short, there are ample precedents to hold that when the common good of nations, in particular public safety and security, is concerned, individual rights can be curbed, especially if the intrusion is small and the gain to the public interest is significant.
Achieving a communitarian balance does not mean invariably opting for the same golden middle ground between rights and responsibilities. Rather, it requires consideration of how changes in historical conditions might shift the equilibrium point. The September 11, 2001, attacks against the US heightened the country’s need to attend to homeland security. One can argue that the US overreacted and introduced unnecessary security measures, but one cannot deny that the event showed that some additional attention and resources had to be committed to prevent more such attacks, that is, that some correction in the balance between rights and responsibility was called for.
The patriotic movement needs, as part of developing its agenda through moral dialogues, to determine where the current balance lies between individual rights and the common good, and what corrections ought to be introduced. To illustrate the issue, first a short example follows, in which a victory of individual rights was recently declared, although actually a rebalancing occurred, namely the protection of privacy by treating information as private property. Chapter 6 provides a case study in which the common good seems to have been undermined.
Is Personal Information Akin to Private Property?
Treating personal information like private property is a popular solution to the threats to privacy in the cyber age. The essence of the idea is that if someone wants to use a piece of personal information, then they will need to get one’s permission (and if one wishes, pay for this privilege). And if one disclosed personal information to another party, then that party can use it only for the purposes one agreed to and will not be allowed to share it with others without the original owner’s explicit consent.
Among those who advocate this idea is Andy Kessler, a former hedge fund manager and columnist for the Wall Street Journal, who championed it in the article “A Better Way to Make Facebook Pay.”12 He notes that the US is a country founded on property rights. Hence “Congress can deliberate for 90 seconds and then pass the Make the Internet Great Again Act. The bill would contain five words: ‘Users own their private data.’”13 Under this solution, users’ Facebook data—photos, “Likes,” ads that have been clicked on, and much else—would be kept in a “virtual locker.” It would be up to individual Facebook users to decide how these data may be used. And Facebook would pay the owners of the information for using it.
For homeland security and public safety the suggested approach raises major difficulties. It is widely understood that under most circumstances the government cannot legally search anyone (i.e., violate privacy) unless it has shown to a court that it has probable cause to suspect that the person is a criminal or terrorist. Much less attention is paid to the question of how the government can gain such information if it is not allowed to search before it gets a warrant. The answer lies in large part in drawing on personal information that people disclose to others, for instance when they open a bank account, purchase a house, get credit, and so on. Under the third-party doctrine, if a person discloses information to another party, then he or she no longer has a “reasonable expectation of privacy” and the government may obtain the information without a warrant. If the government must ask suspects for their consent prior to accessing these kinds of personal data, then not only is consent unlikely to be obtained, but the suspects will also be tipped off that the government is investigating them. Thus, ending the third-party doctrine would severely set back homeland protection and law enforcement.
Research would be bedeviled as well. A medical researcher tried some years back to get personal consent from several thousand people to interrogate their medical records. He found that some people could not be found, others were six feet under, and quite a few refused. He spent most of the funds set aside for his project on trying to gain consent—and ended up with a very unrepresentative sample of the population, given that the older and the less educated patients refused more often than others. One may suggest he could use the data after removing personal identifiers, a process referred to as anonymization. However, under the new doctrine, he still would need their consent for their data to be included in the study in the first place.
Finally, personal information about a given person is used at least seven hundred times a day. If each such usage would require permission from the “owner,” then people would have to spend a good part of their day refusing or agreeing to share their information (as well as exploring various offers for trading privacy for coupons).
The fact that all these concerns are far from theoretical ones can be seen in a closer look at the European Union’s General Data Protection Regulation (GDPR).14 The GDPR is often hailed as an example of a sound way to protect privacy by maintaining ownership of one’s personal data.15 Indeed, the GDPR states that any secondary use of personal information released by a person or collected about him requires the explicit prior approval of the original individual “owner” of the information and that this consent cannot be delegated to an agent or machine. The details of the GDPR are complex and changing. However, it deals with all the issues I raised above by making exceptions to the ownership rule in many areas, including when the data are needed for the purposes of research, public health, or law enforcement, among others.
The GDPR makes repeated reference to Member States retaining the ability to process personal data for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, given that Member States provide appropriate safeguards16 and allow individuals to object to the processing of their data—unless the task is considered to be in the public interest.17 The GDPR’s parameters for processing data in the public interest (not related to national security) extend to “the field of employment law, social protection law including pensions and for health security, alert purposes, the prevention or control of communicable diseases and other serious threats to health.”18 The GDPR’s parameters for scientific research are similarly expansive, as the text requests it be “interpreted in a broad manner including for example technological development and demonstration, fundamental research, applied research and privately funded research defined.”19 Finally, the GDPR makes several references to security, most notably declaring, “This Regulation does not apply to the processing of personal data by the Member States when carrying out activities in relation to the common foreign and security policy of the Union.”20 In short, the new EU data protection measures, which have been touted as a great step forward for protecting privacy, in effect are careful not to harm a variety of common goods. It is a model the patriotic movement is advised to follow in other areas in which the balance between individual rights and social responsibilities needs to be recalibrated.
As the patriotic movement is developing its agenda, it needs to be leery of a tendency in liberal deliberations to focus on the question of whether or not an individual right has been violated—privacy, for instance. The implicit assumption is that any legal act or public policy that impinges on a right is on its face illegal and ought to be condemned. It should be recalled that no right is absolute and that the American Constitution, as well as the constitutions of other democracies, recognizes that in effect there are tradeoffs. Often when the violation of the right involved is minimal and the gain to the public interest (or common good) is substantial, the act or policy is considered legal by the courts. A study of privacy illustrates this point. Although at first blush it may seem that the new European General Data Protection Regulation makes privacy trump all other concerns, in effect the GDPR allows the limitation of privacy in the interest of a whole slew of common goods. It provides a model for other policy analyses the patriotic movement ought to follow.