Jeffrey Rosen and the Naked Crowd: Liberty and Surveillance for All

Law professor and author Jeffrey Rosen argues that, in theory, security can be done in ways that won't scuttle privacy and civil liberties. But that's a tall order, and he acknowledges that it may not play out that way in practice.

Jeffrey Rosen's new book begins in the nude and ends up fully exposed to the winds of political fortune and the vagaries of public opinion.

The Naked Crowd (subtitled "Reclaiming Security and Freedom in an Anxious Age") opens with the example of the "Naked Machine," a device now being tested in airports that electronically strip-searches passengers, exposing not only the concealed items they're carrying but also their nude bodies, rendered in faithful detail. Rosen notes that another electronic device (he calls it the Blob Machine) has also been developed to perform the same strip search, with the same level of accuracy, but with one important difference: It abstracts the subject's body into an amorphous blob, ensuring privacy and modesty without sacrificing the security benefits.

Inspired by the contrasting attributes of the Naked Machine and the Blob Machine, Rosen sets out in his book to make the case that society can strike a successful balance between omnipresent security measures and the basic American values of privacy and liberty. On a challenge from his friend, Stanford law professor Lawrence Lessig, Rosen took up the task of discovering where that balance lies and what all the relevant playerspoliticians, courts, technologists and citizenswill have to do to achieve it.

But nothing is ever cut and dried. Rosen was surprised to learn that when faced with a choice between walking through the machine that makes one nude and the one that doesn't (given lines of equal length for each), many people chose the more invasive Naked Machine.

Rosen considers many possible reasons for this, but they're almost beside the point. The mere fact that some citizens will cede privacy and liberty for more security injects deep skepticism into Rosen's investigation and ultimately forces him to concede that while balancing American values with security is indeed possible, that doesn't make it certainor even likelythat we'll actually do it.

Hope, though, does spring from some unexpected corners. Congress, to name one. And you. CSOs, Rosen argues, have a unique opportunity to inform this debate and help the major players find the balance between security and liberty.

Rosen is associate professor of law at George Washington University Law School and is also the author of a previous book on privacy in the digital age, The Unwanted Gaze. CSO Senior Editor Scott Berinato spoke with Rosen about his new book, the Patriot Act and the role of great leadership in helping to preserve American values while also improving security.CSO: The proposition of your book is that the interests of security can be reconciled with the interests of liberty and privacy. How do you see that happening?Jeffrey Rosen: The first thing I set out to do was to imagine what a good balance between security and privacy would look like. I wanted to understand enough about the legal and technological choices we face to be able to imagine a good outcome. Then I tried to think through the various scenarios that would have to come to pass for the good laws and technologies, rather than the bad ones, to be adopted. I'm not sure how optimistic I am in the end. But I begin with the example of the Naked Machine because it helped me organize my thoughts about technology that could be designed in ways to protect privacy and security, or could be designed in another way that threatened privacy without improving security. The choices aren't always so stark where a simple design shift can make all the difference between a good balance and a bad one. But I liked that example because it was a vivid one and useful in thinking about the choices we face.Why would some people willingly submit to the more invasive Naked Machine rather than the Blob Machine?I've been so interested when I try out the example on groups of students or adults how different their intuitions about privacy are. Some people don't care at all about being naked because modesty isn't a value they put a high premium on. Some are so afraid [of terrorism] that they'll embrace a feel-good technology, even though they know rationally that it doesn't make them safer. Others put a high premium on privacy and are willing to pay a lot of money to avoid being naked because they're less afraid [of terrorism]. It's very hard to generalize about privacy. Some people are concerned about modesty. Others about control over personal information. Others about discretion, reticence or secrecy. Privacy is always one of the hardest values to define philosophically, and that's why it's hard to protect politically.It seems like people aren't thinking proportionately about responses to risks. We're talking about highly unlikely, but terrifying, events that we're focused on preventing.It's very true. The errors in judgment people make in reacting to remote but terrifying images of terrorism are not unique. We make the same kinds of errors when evaluating environmental risks or nuclear risks, or the risks of being victimized by drive-by shootings or baby theft. Certain cognitive biases that psychologists have enumerated with great precision cause people to overestimate the probability of being victimized by risks they can visualize in a dramatic way, and to underestimate the probability of less visually dramatic but more widespread risks.So can risk be taught? Can we train our minds and the public to understand the rarity of these events, or are we slave to the images?It's one of the most pressing questions about risk management, and I fear that it can't be taught in the way that empirical economists or self-styled rationalists would hope. When you have experts on television chastising people because they're more afraid of nuclear accidents than car accidentseven though the probability [of a nuclear accident] is much lowerpeople tend to tune out warnings like that because statistics aren't the way the mind processes fear of risks.

The best way of calming people down is to have trusted authority figures who don't spin or claim to know more than they do, who present the facts as fully as possible and essentially earn people's confidence with a sense of emotional connection of trust. [Former New York Mayor Rudy] Giuliani is such a good example of an effective leader in the face of terror. So much of the challenge for risk management is to cultivate equally trusted figures who can negotiate people through the roiling emotions that follow a terrorist attack. It's a way of saying risk can't be taught like statistics but certainly can be presented in a way that calms people down when they're freaked out.Are we facing a paucity of such leaders right now?Great leadership is always rare. It arises in unexpected places and from unexpected corners. But one thing we know about leadership is that it doesn't pander to people's fears. A vicious and unhealthy cycle can be set into effect where politicians and the media reinforce public fears and then the public [becomes even more fearful] in turn.

The late social critic Neil Postman, of New York University, said that a lot of technology comes into our midst without being evaluated critically. People behave as though it's just inevitable and don't stop to consider the ramifications. But does it have to be true that we can't challenge the development of these technologies at the outset?

I have to insist that there's nothing inevitable about the development of any technology. We do have it in our power to choose. In this respect I'm struck by Steven Brill's recent argument in favor of voluntary national ID cards. Brill contends that in the wake of another attack, the political pressures for ID cards will be so overpowering that the card will be inevitably adopted. Therefore he wants to insist, on pragmatic grounds, on the possibility of a well-designed system [now] rather than a badly designed system [after another attack]. I like his assertion that the architecture of the system will determine whether it respects privacy or threatens it.That still sounds like national ID cards are inevitable.I don't think there's anything inevitable about the adoption of the card. When we look at the powerful bipartisan coalition of conservative libertarians and liberal civil libertarians that resisted a card after 9/11, I'm struck by the strength of the American antigovernment tradition that will make people very suspicious of government-imposed cards. Look at the malleability of public opinion about ID cards after the attacks. In the weeks after, 70 percent supported mandatory forms of identification. Four months later, [some surveys showed as few as] 26 percent supported it, and 41 percent opposed it. We're reminded by how malleable and fickle public opinion can be and how much and how quickly it can calm down after a burst of initial fears.It seems like making informed decisions requires a passage of time after that burst of initial fears.That is why the American founders were so suspicious of direct democracy and wanted to create mechanisms of cooling down and filtering that would allow considered judgments, rather than flash judgments, to be reflected in law. Technology is removing many of these mediating mechanisms and making us more susceptible to public opinion in evermore intimate aspects of daily life. We need to think creatively about how to reconstruct some of these checks and balances in order to preserve constitutional values.Does your book fall into the beginning of a backlash against the security measures we've taken? Or are we still dealing primarily in the currency of fear?It's a period of relative calm, where initial fears have passed and more sober, skeptical libertarian voices are in the ascendance. This is a moment when a series of bills are pending in Congress to repeal or refine some of the most questionable aspects of the Patriot Act, and where the administration is on the defensive.

Of course, all this could go out the window the moment another attack takes place. But two years after 9/11, I'm relatively heartened by the resilience of the public and the ability of basic values to resurface, and the essential political culture of America to express itself with some cooling-down time. America was not transformed by 9/11. The claims that nothing would ever be the same are ones that I want to resist. No nation is transformed by terror or by external threats. In some ways, we become more like ourselves.So you come down on the side of the persistent thread of civil libertarian devotion in this society. People do care enough to prevent abuses in the long term?It's a wonderfully and particularly American dynamic. We have on the one hand this powerful, tangible civil libertarian tradition that unites antigovernment conservatives with civil libertarian liberals. And this coalitionwhich is unmatched in Europeis responsible for some of the greatest legislative successes after 9/11.

But I wouldn't say this is the majority of public opinion. The CNN poll that the attorney general likes to cite suggests that 48 percent of the respondents think the Patriot Act struck a good balance between liberty and security, 20 percent or so said it didn't go far enough, and another 20 percent or so said it went too far. I assume that that last 20 percent represents something like the American antigovernment tradition.

That tradition can win important victories in Congress. It's an American treasure, but it's not an American majority. America is the most libertarian country in the world, and the one most driven by public opinion. These are two warring but important strains to the national character, at tension with each other.Can the libertarian strain to overcome public opinion become part of the curriculum of leadership?That phrase "curriculum of leadership" is interesting and provocative. I resist it only because I think leadership is a quality that can't be enumerated with scholastic precision.

But I agree with you entirely that effective risk management will depend on leadership, and there is no reason that agencies such as the Department of Homeland Security couldn't learn from this tremendous body of empirical evidence that we have about the ways people process risk.

I was distressed to learn that the leading scholars of risk management and the psychology of fearPaul Slovic at the University of Oregon and othershave never been consulted by DHS. They were distressed too. They felt like they have a tremendous body of useful knowledge to impart to policy-makers but were looking for a translator who could bring their work to the attention of the government. I think that the people in Washington have an awful lot to learn from their knowledge.So you're not exactly convinced that Washington's headed in the right direction?There have been successes and failuresmore effective leaders and less effective leaders. But when I look at something like the attorney general's Patriot Act tour, I'm disheartened. Not because I think John Ashcroft is a religious ideologue determined to destroy American liberties. Far from it. I think he's been misunderstood and unfairly cast as an extremist in those terms. But I think he is a highly effective politician who read the polls, rather than engaging the arguments of his most thoughtful critics and trying to think about how to focus the added surveillance authority on terrorism without going after lower-level crime.

1 2 Page 1
Page 1 of 2
7 hot cybersecurity trends (and 2 going cold)