In 2006, David Holtzman decided to do an experiment. Holtzman, a security consultant and former intelligence analyst, was working on a book about privacy, and he wanted to see how much he could find out about himself from sources available to any tenacious stalker. So he did background checks. He pulled his credit file. He looked at Amazon.com transactions and his credit-card and telephone bills. He got his DNA analyzed and kept a log of all the people he called and e-mailed, along with the Web sites he visited. When he put the information together, he was able to discover so much about himself—from detailed financial information to the fact that he was circumcised—that his publisher, concerned about his privacy, didn’t let him include it all in the book.
I’m no intelligence analyst, but stories like Holtzman’s freak me out. So do statistics like this one: Last year, 127 million sensitive electronic and paper records (those containing Social Security numbers and the like) were hacked or lost—a nearly 650 percent increase in data breaches from the previous year. Also last year, news broke that hackers had stolen somewhere between 45 million and 94 million credit- and debit-card numbers from the databases of the retail company TJX, in one of the biggest data breaches in history. Last November, the British government admitted losing computer discs containing personal data for 25 million people, which is almost half the country’s population. Meanwhile, some privacy advocates worry that the looming merger between Google and the Internet ad company DoubleClick presages an era in which corporations regularly eavesdrop on our e-mail and phone calls so they can personalize ads with creepy precision. Facebook’s ill-fated Beacon feature, which notifies users when their friends buy things from Facebook affiliates, shows that in the information age, even our shopping habits are fit for public broadcast. Facebook made Beacon an opt-in service after outraged users demanded it do so, but the company didn’t drop it completely.
Then we have Donald Kerr, the principal deputy director of National Intelligence, who proclaimed in a speech last October that “protecting anonymity isn’t a fight that can be won.” Privacy-minded people have long warned of a world in which an individual’s every action leaves a trace, in which corporations and governments can peer at will into your life with a few keystrokes on a computer. Now one of the people in charge of information-gathering for the U.S. government says, essentially, that such a world has arrived.
So when this magazine suggested I try my own privacy experiment, I eagerly agreed. We decided that I would spend a week trying to be as anonymous as possible while still living a normal life. I would attempt what many believe is now impossible: to hide in plain sight.
A Gallup poll of approximately 1,000 Americans taken in February 1999 found that 70 percent of them believed that the Constitution “guarantees citizens the right to privacy.” Wrong. The Constitution doesn’t even contain the word. And in a fully wired world, that’s an unnerving fact.
A number of amendments protect privacy implicitly, as do certain state and federal laws, the most significant of which is the Privacy Act of 1974, which prohibits disclosure of some federal records that contain information about individuals (1). Unfortunately, the law is full of exceptions. As Beth Givens, founder and director of the nonprofit Privacy Rights Clearinghouse, put it, the Privacy Act has “so many limitations that it can barely be called a privacy act with a straight face.”
1. California, where I live, leads the nation in privacy protection. If I’d conducted my experiment elsewhere in the U.S., it would have been even more difficult. Back to textsingle page
Five amazing, clean technologies that will set us free, in this month's energy-focused issue. Also: how to build a better bomb detector, the robotic toys that are raising your children, a human catapult, the world's smallest arcade, and much more.