Field Notes: Why We Let Our Privacy Bill of Rights Die

A brief history of privacy rights and the performance of democracy

By Michelle Leddon with additional contributions by Julia Scott-Stevenson

“ Governments of the Industrial World, you weary giants of flesh and steel, I come from Cyberspace, the new home of Mind. On behalf of the future, I ask you of the past to leave us alone. You are not welcome among us.” — John Perry Barlow, The Declaration of the Independence of Cyberspace, 1993

Starting at the end of 2019, I was the creative director, writer and producer on a project called Privy To, with the help of producers Julia Scott-Stevenson and Liz Steininger.

We called ourselves the Assembly of Privacy Doxographers — Doxographers from the Greek word meaning “those who are concerned with the assembling of histories.” Our project was an attempt to get people thinking about privacy as a living concept with a human history and evolution. We planned three prongs for our project, each exploring different ways in which privacy has been defined in law since the middle ages. These laws were not called “privacy rights’’ at the time they came into being, but they established the conceptual foundations that ultimately led to our modern definitions of privacy and privacy rights. The concept of privacy includes the right to be let alone, the right to the integrity of private communications, the right to be forgotten, among others. There are many associated rights and perceived freedoms that can be swept up into the concept of privacy — freedom of inquiry and copyright, for example.

Conceived as a series of immersive installations and XR projects, Privy To aimed to explore the evolution of privacy rights. The first iteration of Privy To, an online performance, premiered at the inaugural Electric Dreams festival in 2020, was an official selection at CPH:DOX Inter:Active Exhibition and was recently presented for discussion at MIT’s Open Doc Lab.

Working with EEG composer and technologist Jason J. Snell, we devised plans for a live installation. Using EEG headsets, participants would navigate with their minds through a conceptual evolution of privacy with the help of biofeedback and dynamic projections of their brain waves. Onboarding was a video on the history of those rights and offboarding was a station where participants could consider what might be the next stage in privacy’s evolution. We thought this experience might trigger some new insights about the future of privacy from which we could create a “Participant’s Bill of Privacy Rights for XR.”

As an adjustment for the Covid-19 era, we decided to distill the live installation into a hybrid recorded and live Zoom performance where Jason donned the EEG himself. Participants watched and listened to his brain as he moved through the three stages of the installation,“Isolation,” “Intimacy,” and “Exposure.” We embedded a draft Participant’s Bill of Privacy Rights for XR inside a Google Spreadsheet, and invited the audience to join us for an “After-Party in a Spreadsheet.” Armed with visual aperitifs (JPEGs of Martinis, pigs-in-a-blanket and fruit plates, set under a GIF disco ball), we offered some suggestions for what might go into our proposed Privacy Bill of Rights and asked people to upvote or “down” vote our suggestions. For example: “Participants in XR have the right to ask that their participation not be recorded,” or “participants in XR must opt in for their data to be collected.” Standard stuff, but the most upvoted and commented on of these rights was: “Participants in XR have the right to ‘NOT be let alone’ inside unfamiliar worlds over which they have no mastery or proficiency.” This pointed toward the missing link — the social element of privacy.

Recent approaches to privacy

When we started working on Privy To, there was a growing understanding in tech and art circles that what had happened in the past around privacy on the Internet shouldn’t be brought forward into the XR space or any new “verse.” At that time, there were not many concrete ideas about exactly what it was that we shouldn’t be bringing forward, or how to prevent past failures from seeping into the future. As we began preparing our first prototype in the summer of 2020, some prominent initiatives to draft and implement privacy, ethics, and safety frameworks in the XR space picked up steam.

Because thinking about history is what we created Privy To to do, let’s reflect. In the 18th and 19th centuries, declarations and bills of rights were essential tools of democracy. They were radical and transformative to newly-literate populations with printing presses. Today, new bills, declarations, and frameworks abound in chatrooms and online forums, in tech companies, and inside many other organizations. Far from being revolutionary, nowadays, they are more of a nod to the “quaint” concept of democracy. These sorts of constitutionally-styled documents can be as performative in content as they are in form — rather than providing a buttress for the rule of law, they trivialize or seek to dismantle it. Privacy activist Max Schrems made this abundantly clear in 2014 with his take down of the Safe Harbour scheme, which allowed US tech companies to regulate and internally audit their own data collection programs with little outside oversight and call themselves ‘adequate’ (for European data protection purposes).

Important to consider is that there are two central and competing narratives around privacy that began in the last quarter of the 20th century and which endure today:

1) Privacy is an individual liberty. We demand freedom from government intrusion and all rules and laws, but, never mind the corporations. (From techno-libertarians like John Perry Barlow, of the EFF, and crypto-anarchists like Tim May of the Cypherpunks. Developed in the 1990s, not long after the fall of the Berlin Wall. Their ideas are the ideological foundation of what is being called Web3, and infuse the open source and free software movements).

2) Privacy is dead. We don’t need it anymore. (As proclaimed by founder of Sun Microsystems, Scott McNealy, in 1999 and later quoted by Mark Zuckerberg of Facebook (now Meta, the company currently bringing us their version of the metaverse).

The first narrative above is the narrative that is central to most, if not all, of the self-regulatory compliance frameworks, declarations, and other democratic-esque documents in the tech space. Most famously, the Declaration of the Independence of Cyberspace and the Cypherpunk’s Manifesto, both focusing on privacy as an individual right. These documents spread through the nascent tech industry and inform its ethos still today. Reconsidering this narrative might be the place to begin if we want to extract the new worlds of XR from the traps of the Internet’s past.

Reconsidering the narrative

In the individual liberty story of privacy, there was only one other democratic value held in as high a regard by its adherents as was privacy — and that was freedom of speech. In his book, Privacy: A Short History, David Vincent writes about early kinds of privacy laws, dating to the middle ages, that were meant to protect intimacies and punish or prevent gossip from leaking out. Problematic to progressive tech narratives about privacy is that, as evidenced by this history, one way that people protected what we now call “privacy” in the past was by limiting speech — a sort of paradox of liberties.

Privacy and speech laws have often been used to counter or correct the problems created by the other. The “privacy is dead” narrative was an attempt to liberate speech from all constraints. Other narratives soon followed, suggesting that privacy was but an invention of the last 120 years. It was not enough to kill privacy, it had to be erased from history altogether.

It’s true that the most comprehensive definition of privacy we had ever had emerged near the end of the 19th century. In 1890, two young American lawyers, Louis C. Brandeis and Samuel G. Warren, published “The Right to Privacy” in the Harvard Law Review. It was a new and exciting assembly of concepts, one that offered a clear picture of privacy for the modern age. It consolidated and redefined earlier ideas about privacy, but was not, by any means, where privacy began.

Current evolutions of the ‘privacy as an individual liberty’ narrative, can now be found in proposals that suggest that our privacy and data is something each of us can decide to break into bits and sell to the highest bidder. But what about others around us whose privacy is entangled with, and woven into, the fabric of our own?

Privacy is infinitely social. As Dr. Carissa Veliz explains in her recent book Privacy is Power, my privacy relies on the privacy of those around me. Or, in more primitive pre-Internet parlance, “your freedom to swing your fist ends where my nose begins.” We have all instinctively over the last 20 years come to understand this. In the intimate yet public space of the Zoom rooms where we hosted Privy To, this became abundantly clear as I watched myself, watching an audience, watching itself, watching Jason’s brain respond to being watched — all while Jason watched us.

Where do we go from here?

The relationship between ideas of individual liberties like privacy and freedom of speech will need to be more carefully considered as we move forward. XR landscapes, universes or any other future space constructed for social interaction, will intensify that paradox between speech and privacy if we continue to model new frameworks and compliance on logics that view privacy as a matter of individual liberty, without recognizing its importance as a social good.

It might be worth thinking of privacy as a human right rather than as an individual liberty. It might also be worth considering that individual liberties are interdependent and can’t survive in isolation from one another. Instead of alienating people from their rights by encouraging them to sell pieces of them to the highest bidder, as if they were spare parts, could we incentivize the balancing and integration of liberties like speech and privacy?

How can we, and other XR experiences, build in the recognition of privacy as a social good, so that respect for each other is rooted in the fabric of what so far is an ungrounded digital world? How can we magnify this sensitivity in the next draft of our digital existence without distorting it, as the spirit of individual liberties that was built into the Internet at its beginning has been distorted? As we learned from Mary Shelly’s Frankenstein, when you dissect and deconstruct a thing, its spirit can’t be reanimated.

Performing democracy isn’t enough

In presenting Privy To, we did our best to design in privacy by deleting data after performances, collecting only what we had to in the first place, and offering participants care, solidarity and protection through a performative deletion of data at the experience’s end. This was an attempt to demonstrate the value of the most recent articulation of privacy in law — the right to be forgotten. We also asked participants to extend that promise of amnesty and new beginnings to one another — which is what the social contract that underpins the rule of law is anyway — a promise we make to one another.

In the end, the audience response to our effort to construct a Bill of Privacy Rights for XR, was not enthusiastic. One might conclude that the participants weren’t interested in democracy and so we should just drop the concept altogether. It could also be that they didn’t like trying to craft the future of privacy and mankind in an online spreadsheet disco while imbibing 2D pictures of martinis and cocktail weenies. It’s hard to tell. Perhaps we should have posted pictures of whiskey and nuts instead.

All lofty democratic ideals notwithstanding, there was something about the cheapening of rights frameworks and Bills of Rights and Declarations, once critical tools in the fight for democracy, that made me hesitate about this part of our project. Should we really be drafting a bill of rights inside a party in a spreadsheet? I could have taken it a step further and turned the spreadsheet into a supreme farce to demonstrate how absurd the discussions around privacy and democracy have become. After all, If anyone should cheapen democracy and ridicule it — it should be art. I suppose I took either art or democracy too seriously. Instead, I just sort of let this part of the project die. I was conflicted. I didn’t want to be part of the growing contingency that views democracy as a skit to be performed, even if it was fun.

Performing democracy with frameworks and bills of rights outside the frame of XR experiences and adding meditations, prayers and promises inside the diegetic space, as we did in Privy To, just isn’t enough. We have to take privacy in the digital world seriously. It is time to re-imagine, redefine and find a new narrative for privacy and we can do this, as it has been done before, by reassembling the lessons of the past.

I don’t have a manifesto, but I do have a prayer, a wish, a plea, if you will. On behalf of the future, I ask you, of the present to stop breaking us and everyone we know into bits. You, of the past, do not leave us alone. Re-assemble yourself and your histories and meet us here in the present. We are going to need you.

For more news, discourse, and resources on immersive and emerging forms of nonfiction media, sign up for our monthly newsletter.

Immerse is an initiative of the MIT Open DocLab and Dot Connector Studio, and receives funding from Just Films | Ford Foundation, the MacArthur Foundation, and the National Endowment for the Arts. The Gotham Film & Media Institute is our fiscal sponsor. Learn more here. We are committed to exploring and showcasing emerging nonfiction projects that push the boundaries of media and tackle issues of social justice — and rely on friends like you to sustain ourselves and grow. Join us by making a gift today.