My avatar across the web: a photo of my feet in grey-white socks and brown sandals.

Ben Babcock

I read, write, code, and knit.

Your Internet may be monitored for quality control purposes

Poster advertising the surveillance of London Metro stations by CCTV

This is a critical response to David Lyon's "The World Wide Web of Surveillance: The Internet and off-world power-flows," published in the Spring 1998 issue of Information, Communication & Society. Those of you lucky enough to have a university account that has access to such things can find it there; those of you following along at home can read the earlier version presented at a Canadian Association for Information Science meeting in 1997.

That was the single most difficult aspect when considering my response to this reading: it was written in 1997. True, that's only 13 years ago--but the World Wide Web itself is only 20 years old. That is pre-Google, the entity that has, perhaps more than any other Internet-based company, single-handedly changed the way we use the Web--not to mention introduced a suite of privacy and surveillance concerns that weren't around in 1997. So as a technophile upstart who came to the Web in 2004 and writes in HTML5, I had to keep my reservations regarding the article's age in check. After all, despite the changes since Lyon wrote this, most of the article is still valid. There are parts that read as outdated, and I'll point those out when we get there. For now, let's talk about surveillance.

Like everything else online, online surveillance emerges from a tradition of offline surveillance going back to ancient times. Not all surveillance is necessarily sinister or malign: Lyon uses censuses and population statistics (like birth rate) as examples of surveillance we generally consider acceptable (though if the recent debate around the long-form census shows anything, it's that "acceptable" is always a matter of subjective degree). In more recent times, against the backdrop of democracy, surveillance is the turf of an eternal tug-of-war between politicians and law enforcement officers and the freedoms of the citizens of the democracy. Too much surveillance infringes on those freedoms, whereas too little surveillance hinders law enforcement and aids criminals. As always, it is a matter of balance.

Lyon looks at some of the initial fears regarding surveillance back when the Internet really was young, citing concerns that we would have an "Orwellian police states and Kafkaesque faceless bureaucratic machines" (93). He notes that time has not borne those fears out exactly (though sometimes I look askance at the photos of signs I see on UK metro stops). Instead, he says that there are "two major debates … concerning surveillance," the first being the extent to which online surveillance differs qualitatively from offline (paper and bureaucracy) surveillance, the second being the extent to which Foucauldian theories are applicable to online surveillance (94).

If the differences were not as obvious in 1997, I think they are fairly obvious today: the network provides speed and data collation abilities far beyond what analog surveillance could ever achieve. However, it is also decentralized. So instead of having a single entity, like the government or a corporation, spying on the users of the Net, anyone with a computer might be able to spy on anyone else. So do we really have a "panopticon" in Foucault's sense? For a really detailled look at that question, you might be interested in Mark Winokur's article, which we read previously this week. In Lyon's case, the answer is that the panopticon might be part of it, but there is more to the Internet and surveillance as well. Moving beyond the realm of surveillance as a form of discipline, he raises another Foucaldian idea, that of biopower, and proposes that it might fill some of the gaps left by the panoptic consideration of online surveillance.

Citing William Bogard, Lyon delineates a difference between the classical panopticon and what he terms "hyperpanoptics." The former is "an architecture" that deals "with real time and physical space," whereas in the digital world, "time is asynchronous and speed of flows is crucial, and … distance and proximity are blurred…." In the classical panopticon, prisoners couldn't know if they were being watched at all times, but the model was such that they weren't—that is, there would be one guard in the tower watching some prisoner. Online, however, this model strictly ported would break, because it is possible to watch everyone at once, provided your guard is a sophisticated signals intelligence network like Echelon (not to be confused with the fictional artificial intelligence, the Eschaton). Lyon calls this electronic solution to the limitations of surveillance the "mythical goal" of surveillance (101).

He doesn't explicitly go on to connect biopower to this, but it seems like Lyon means for biopower to elevate the theories of online surveillance beyond the notion of surveillance-as-discipline. That is, we aren't just being actively watched or monitored; long-term surveillance collects our data, our patterns and behaviours and habits, and uses that data to build profiles of people and populations. The purpose of such data mining can range from law enforcement to marketing, but it all relates back to biopower, to the focus on human particulars. Facebook, which I'm sure Lyon would have mentioned were it around in 1997, is probably the paradigm case here. We share so much personal information with Facebook, and so it has this massive database of human relationships at its fingertips. It knows who talks to whom, who went to school with whom, who works with whom, etc. Caladan was ruled with sea power, and on Arrakis it was desert power; with the Internet, he or she who has biopower wins the day.

For me, however, the most interesting part of Lyon's article is how he carefully differentiates between surveillance and privacy. The two terms are not synonymous, and privacy is but one concern related to surveillance. Lyon is careful to point out that surveillance can also cause social division and inequality on a scale beyond individual invasions of privacy. He obviously considers these coextensive, for he laments, "some theorists seem so concerned with the one that they ignore or minimize the significance of the other" (99). I myself must confess that often I focus on invasions of privacy to the exclusion of social inequality, probably because as a white middle-class male, I tend not to experience that inequality directly; I mistakenly view my privileged status as the normative experience across society. So it is good to be reminded of such things.

And once reminded, how can you really forget? Look no farther than the Great Firewall of China. This is a country with more people online than the United States (let alone Canada) has in its entirety. Yet owing to the regime's control of access to the larger Web, the population receives an experience online that is fundamentally different from what we see in our countries. It is a little mind-boggling.

When it comes to privacy, Facebook offers us plenty of examples, notably Facebook Beacon. Our own privacy commissioner of Canada has reviewed Facebook's policies and found it wanting. It is important to note that this is not necessarily a sign that Facebook is "being evil," as privacy issues are complex, and Facebook is as much a newcomer to these waters as we are. Nevertheless, it is clear that corporations stand to gain enormous benefits from the data to which they have access.

I should hope that we all have at least a basic understanding of the privacy implications of surfing the Web, more so than the average user might have had in 1997. Lyon's article is understandably a product of its time; the Clipper Chip project he mentions was dead on arrival. Historically, the governments' attempts to mix secrecy with control over encryption have failed miserably (keeping your cryptography standard classified so it can't be peer reviewed is just asking for trouble). Keep in mind that this article also predates the September 11, 2001 terrorist attacks. While the US has not established a One World Encryption, those attacks led to the passing of the USA PATRIOT Act, and our own Anti-terrorism Act here in Canada. In fact, Lakehead University's Faculty Association actually objected to the university's use of Gmail as the basis for our new email system, on the grounds that Google would be subject to US privacy laws. So online surveillance has only become more complicated since 1998, not less.

So here are some links, because links are cool (on the scale of coolness, links are slightly cooler than fezzes but nowhere near as cool as bow ties):

In his conclusion, Lyon says that

until the inequality-reinforcing and personhood-threatening aspects of contemporary surveillance are seen together, and until these dimensions are understood in relation to the virtualizing of surveillance, the real issues of contemporary surveillance will continue to elude us. (103)

This seems like a great starting point for discussion. I happen to agree with Lyon that these two issues (social inequality and invasion of privacy) are related, not disjoint, aspects of online surveillance (feel free to let me know if you think otherwise). If this is the case, how can we see these as a unified issue, and do existing theories (e.g., Foucauldian) allow for this, or do we need something else? Have we made much progress in this since 1997?