July 9, 2012
What You Need To Know About The Latest Twitter Privacy Ruling—A Commentary by Adam Cohen
The following commentary was posted on Time.com on July 9, 2012.
What You Need To Know About The Latest Twitter Privacy Ruling
By Adam Cohen
Twitter, Facebook and other social media outlets have a great deal of information about all of us — and the government wants to be able to see it. Last week, the government scored a major win — and Internet privacy lost big — when a judge ruled against Twitter in a fight over a trove of information about a political activist.
New York prosecutors asked Twitter to hand over tweets that Malcolm Harris, an Occupy Wall Street protester, sent over a three-and-a-half month period. It might not seem like a privacy invasion to read people’s tweets, but the government’s request included other kinds of information that Twitter has about Harris, which could include private communications and records of his physical whereabouts. This is just the sort of stuff we should be worried about the government getting easy access to, and just the sort of precedent that should worry anyone who uses social media.
The New York Twitter case arises out of an Occupy Wall Street protest on the Brooklyn Bridge last October. Harris is charged with disorderly conduct, and prosecutors could use Twitter data to prove that the marchers knew they should not have been on the bridge. The judge rejected Twitter’s argument that the information is private. “If you post a tweet, just like if you scream it out a window, there is no reasonable expectation of privacy,” he said.
That may be true of “public tweets” — the ones that people send out to the world. But the prosecutors’ demand was broad enough that it appears to extend to “DM tweets” — direct messages, which Twitter users can send to another specific Twitter user. DMs are a lot like email — and should have the same privacy protections as a mailed letter.
Another thing the government may end up getting from Twitter about Harris is IP — or “Internet protocol” — addresses, which can reveal what computer or geographical area a tweet was sent from. Combined with date and time data — which the government also asked for — IP addresses could help the government to reconstruct where Harris was on a minute-by-minute basis for much of that three-and-a-half month period. If the government can easily get this sort of information from Twitter — and Facebook, and Gmail, and Foursquare — it can use it to keep track of where people are and when. It’s the sort of constant surveillance that calls to mind an old-fashioned totalitarian state, where government spies follow people around.
The government’s request for Harris’s data is hardly an isolated case. Twitter has just posted its first-ever “Twitter Transparency Report,” which makes public how often it is getting requests for user data from governments around the world. In 2012 alone, Twitter reported 849 requests for data, the vast majority from the United States. Twitter says it has already gotten more requests in the first half of this year than it got in all of 2011.
If the courts regarded tweets and other social media information as private, it would not prevent the law enforcement from getting information it really needs. But the government would have to get a search warrant, which requires it to show that it has probable cause connecting what is being searched to a crime. The government wants to be able to get private information just by asking for it — and that should not be allowed.
But there are powerful forces lined up against online privacy and few people—in the public and private sector—fighting on the privacy side. For federal, state, and local governments, information of this sort is a law enforcement bonanza — it can be used to monitor people, to convict them of crimes, and simply to make them nervous about stepping out of line. For technology companies, information about what people do online is extremely valuable – it can be used to sell targeted advertising or sold to data clearinghouses. (Twitter is the rare technology company that has been taking a strong pro-privacy stance.)
Against these powerful interests, the pro-privacy side has a rag-tag look. There are mainly a few public interest groups like the ACLU and the Electronic Frontier Foundation — which both argued on Twitter and Harris’s side in the New York case. Privacy advocates have made some attempts to get Congress to enact stronger Internet privacy laws — ones that would protect tweets and Facebook postings and email messages from prying government and corporate eyes. But these bills face strong opposition from well-funded corporate and government lobbyists, and they almost invariably fail. If members of the public want privacy rights on the Internet — and fewer defeats like last week’s New York ruling — they are going to have to fight to get better laws passed.
Cohen, the author of Nothing to Fear, teaches at Yale Law School. The views expressed are solely his own.