Facebook meets its match in… the Talmud?
Actionable Jewish Responses to Privacy in 2020
In 2018, one of the most high-profile data breaches of all time hit the news: the company Cambridge Analytica had scraped millions of Facebook users’ information without their consent using a personality quiz app. The company used this data to create psychometric profiles of users, which it then leveraged to target them with personalized political ads.
In 2019, the Federal Trade Commission issued Facebook a five billion dollar fine for the scandal and other privacy-related violations — according to many experts, a slap on the wrist for such a big company. Facebook’s negligent treatment of user privacy is more of a norm than an aberration in the tech industry, and this broad disregard for consumer rights has disproportionately negative effects on poorer members of society.
It is incumbent upon the Jewish world to face this frightening situation by supporting public policy and social justice initiatives that protect individual privacy and to develop Jewish responses to issues of technology in society. In the balance hangs the quality of our public discourse, the ability of political regimes to surveil the most vulnerable members of society, and our choice as a religious community to opt out of societal practices around technology.
So it is left to us to ask: How much would the rabbis of the Talmud have fined Facebook for its flagrant violation of consumer privacy? Our answer: the rabbis would have fined Facebook at least ten times the FTC’s settlement.
Though both question and answer are tongue-in-cheek, they nevertheless expose how traditional halachic (Jewish legal) and communal discussions on privacy need an update in 2020. That update begins here.
Where do we find ourselves?
The wide-scale violation of privacy that was the Cambridge Analytica scandal is shocking — but more shocking still is the fact that Cambridge Analytica’s actions are barely illegal in the tech world. Indeed, the fine that resulted from Facebook’s wrongdoing in the case was a punishment for deceiving users about its privacy policies, not for having privacy policies that were too lax. This is a crucial point. Theoretically, if users had consented, their data could be sold or given to third parties like Cambridge Analytica for nearly arbitrary use. (See section VII.E.1.a of the court order for the technical details, which now merely requires that Facebook’s third-party vendors “self-certify” that they need the data they receive from users for legitimate purposes.)
Thus, we see a chasm between what US law forbids — deceiving users about what is happening to their data — and what most reasonable people would find disturbing, namely using that data for potentially manipulative political agendas. Post-Cambridge Analytica, Facebook and other companies still live in a world where users’ data can make it around the web with shady consent procedures before you can say “oversight.”
The wide-scale violation of individual privacy by technology companies does not stop with social media profiles. A recent New York Times expose highlighted the ubiquity of location tracking, and the results were nothing short of astonishing. The Times showed how to locate individual celebrities, everyday people, and politicians using supposedly anonymous tracking data — and nearly every person with a cell phone is vulnerable to the same tracking:
“Today, it’s perfectly legal to collect and sell all this information. In the United States, as in most of the world, no federal law limits what has become a vast and lucrative trade in human tracking. Only internal company policies and the decency of individual employees prevent those with access to the data from, say, stalking an estranged spouse or selling the evening commute of an intelligence officer to a hostile foreign power.”
Classical Jewish Responses
Jews and technologists alike are often surprised that halacha (Jewish law) takes a strong stance on issues of privacy. David Golinkin, in his article “The Right to Privacy in Judaism,” writes:
“At first glance, these questions seem trivial. What does it matter if someone distributes my vital statistics and as a result I receive junk mail and junk phone calls? Who does it harm? But on second thought, these practices symbolize a much more serious phenomenon–the inability of modern man to maintain privacy and confidentiality…
…there is no doubt that the halakhah [sic] forbids disclosure of vital statistics or confidential information about anyone without the express permission of the person in question.”
Maybe the oldest privacy-related injunction in halacha is the biblical commandment “Do not be a tale-bearer amongst your people” (Lev. 19:16). The famous Torah commentator Rashi writes regarding this verse that tale-bearers refer to people who go around to friends’ houses to see what evil they can find there. Based on this verse, the Chofetz Chaim forbids spreading information that was shared in confidence. The early exegetic text Bamidbar Rabba cites secret-keeping as one of the reasons that the Israelites were redeemed from Egypt.
The Talmud provides us with other informative perspectives that contemporary scholars recognize as falling under the privacy umbrella. Chief among these is the legal concept of “the damage of being seen,” especially by a neighbor while in one’s own house. In particular, a Jewish court can force a neighbor to pay for half of a wall that blocks them from being able to see into another’s home. “Damage of being seen” is no minor concern to the rabbis: they choose to open the entire section on property law, Bava Batra, with this discussion.
As Sharon Aharoni-Goldenberg writes in her monograph פרטיות באינטרנט בפריזמה הלכתית (“Internet Privacy Through a Halachic Prism”), the damage caused by sight is not simply a moral directive, but rather rises to the level of legal damage (222.) Although classical sources differ on the exact parameters of this damage, they all agree to some extent with its existence (ibid. footnote 244.)
Bava Batra also references the famous aggadah that Israelite tents were constructed so that one could not see from one tent into another, and rules that one may not open a private entrance across from another private entrance (or window across from window) in a shared courtyard.
Bava Batra clearly considers privacy to be an issue of public policy, in contrast with the digital native who too-often sees privacy violation as a purely personal cost of living in a digital world. Although the Talmud never cites a non-aggadic proof text for the damage of being seen, the silence of our tradition’s most verbose text speaks wonders: the damage of being seen, it appears, it self-evident. The discomfort of being watched needs no justification.
One exception to the prohibition on facing windows stands out, as Aharoni-Goldenberg points out. It is permissible to have facing windows that both point out to a public thoroughfare (Mishna Bava Batra 3:7.) Obviously, one does not expect privacy through such a window and thus one is careful. We glean a lesson for contemporary digital privacy: A is culpable for violating the privacy of B in all but the most obvious case in which B should expect no privacy at all.
The laws of Eruv and carrying on Shabbat (Hotza’ah) serve as another voice on issues of privacy, since they primarily deal with delineations of individual and public spaces. (I do not know of a place where this connection is explicitly made; for example, it does not seem to appear in Aharoni-Goldenberg’s work.) Of course, we must initially be careful not to translate individual space (“reshut hayachid”) as private space, since the idea of individual and public space for the purposes of Eruv may not be related to any sense of privacy that you or I have. Yet the delineation laid out by halacha is indeed related to a contemporary concept of privacy.
This parallel may seem counterintuitive — contemporary Eruv practice converts manifestly public space into a reshut hayachid, after all! However, the truth remains that the original factors for determining the status of a space are first, how enclosed the space is, and second, how many people travel through the space. Both factors clearly align with a contemporary notion of private versus public space. Furthermore, Rav Samson Raphael Hirsch, a modern voice, interpreted the prohibition on carrying from private to public space on Shabbat as revolving fundamentally around interaction between the individual and society. For him, Eruv was about the mastery of God even over social interactions.
Rather than stop at mere conceptual similarity, we can find concrete guidance in the laws of Eruv. For example, the Talmud shares the following discussion by Rav Anan: Do the doors of a private space have to be locked in order to be considered private? In the contemporary frame: Do I have to actively guard myself from exploitation in order to expect privacy?
The Talmud answers that just having a lock makes a space private, regardless of whether the lock is actually engaged at all. Thus there is a basic expectation of privacy — my house does not have to be locked in order to be private. Technology companies would do well to learn from Rav Anan by assuming that consumers expect basic privacy. Yet eight-in-ten Americans feel that they have no control over who can access their online searches.
The Problems with Classical Analyses
While these classical sources (and the contemporary psak based on them) establish that some concept of privacy pervades halacha, they leave us with a problem. Namely, they do not meaningfully address a huge part of the contemporary data economy, in which we voluntarily exchange our data for services. I log onto Youtube, and I’m not being spied upon — I choose to exchange my data for digital products.
Rabbis Eliot Dorff and Elie Kaplan Spitz inched out of the classical paradigm and into voluntary exchanges of data in their 2001 responsum “Computer Privacy and the Modern Workplace.” In the second half of their analysis, entitled “Disclosure,” they rule as follows.
In order to comply with Jewish law, a business may disclose information to a third party gleaned from individuals’ registration forms or their use of its web-site only if the consumer provided informed consent with an opt-in declaration to the gathering and specific use of the information. In addition, a company has a duty to provide a consumer with access to the private information it collects about him or her and to provide an easily usable means to correct inaccurate information, thereby protecting the consumer against the use of false and harmful information. The presumption of privacy protection is rebutted by a legitimate communal need… Informed consent for disclosure helps assure greater control over the private facts in our lives, a control that offers us greater dignity and the opportunity to lead holy lives. (9)
Some parts of the Dorff and Spitz analysis are radical, and some make little sense in the contemporary data economy. One radical suggestion is the access to and correction of inaccurate information about individuals. Take, for example, the issue of online harassment. A common harassing technique is to post such a deluge of defamatory information about the victim that the defamatory material is first in any Google search of the victim’s name. Aside from obvious emotional distress, this abuse can cost victims their jobs and friendships. (For many examples, see Danielle Keats Citron, “Cyber Civil Rights.”) In an ideal world, Google would be able to filter out all such results at the request of victims, but how could it realistically do so given its gargantuan size? Such proposals are radical, very difficult to implement legally due to free speech considerations, and yet sorely needed.
On the other hand, when Dorff and Spitz emphasize informed consent, one wonders if their 2001 analysis has any bearing on the digital world of 2020. After all, what does “informed” mean? If a social media company changes its Terms and Conditions once I am already a member, do I not have a disturbingly outsized incentive to consent to these changes? We discuss these questions below, but suffice it to say that even Dorff and Spitz’s modern halachic take on privacy leaves untouched some of the most basic concerns of our time.
In short, then, any framework that treats privacy solely in terms of unwanted intrusion and consenting disclosure is inadequate for today’s privacy questions. As Mark Warshofsky writes in “The Internet, Privacy, and Progressive Halachah,”
Any cogent and coherent halakhic discussion of privacy in the age of the Internet will accordingly have to advance beyond the conceptual boundaries that have heretofore defined the subject. The current halakhic discourse on privacy, much like that in Western law, speaks mostly to the protection of the individual from damage caused by others invading his personal realm. The new discussion of which I speak will have to focus upon protecting the individual from the damage that he brings upon himself. (60)
Fortunately, there are a number of halachic approaches that can help us make sense out of our world of murky privacy policies and “free” Internet services.
Voluntary exchanges of data
One approach to the voluntary exchange of data lies in the laws of tzniut, or modesty. This approach is presented by Warshofsky, for example, but again we seek explicit communal consequences beyond theoretical analysis.
The relationship between tzniut and contemporary privacy law is best reflected by Louis Brandeis and Samuel Warren in their seminal article on the right to privacy in American law. They write, “…the protection afforded to thoughts, sentiments, and emotions, expressed through the medium of writing or of the arts, so far as it consists in preventing publication, is merely an instance of the enforcement of the more general right of the individual to be let alone.” (14) Whereas American law uses the language of rights, Jewish law is more likely to use the language of obligations. We can thus view Tzniut as an obligation-framed version of Brandeis and Warren’s “right of the individual to be let alone.”
Indeed, whereas Warren and Brandeis assert that an individual has the right to keep certain matters private, Tzniut says that the individual has an obligation to keep certain matters private. The Talmud writes regarding Tzniut: “If, with regard to matters that tend to be conducted in public, as the multitudes participate in funerals and weddings, the Torah says: Walk humbly, then in matters that tend to be conducted in private, e.g., giving charity and studying Torah, all the more so should they be conducted privately.” (Sukkah 49b)
The Talmud is pleading for that same privacy that Warren and Brandeis outline; the two texts, written fifteen hundred years apart, complement each other. Without the right to privacy, individuals cannot exercise their innate drive toward it; without the obligation to privacy, the right to privacy preaches to empty pews.
Since nearly everyone who uses the internet uses it for non-public purposes, for example finding personal medical information or having personal conversations with friends and family, we cannot help but conclude that one has, at the very least, a halachic obligation to reduce the visibility of one’s private actions on the Internet.
This obligation is especially strong given that we know how little of our internet activity is actually private. For example, 64.5% of traffic to the top 6000 sites on the web contain trackers which are by definition designed to record and analyze user behavior.
Browsers such as Firefox (created by the non-profit Mozilla Foundation) block such trackers. The rabbinic establishment in every denomination might consider: Is there a halachic obligation to use Firefox, or another privacy-enhancing browser?
Enforcement Difficulties
Some prominent privacy legislation proposals would allow class action suits in response to privacy violations. Halachic decisors have been far from enamored with class action suits, however, and for good reasons. (See Michael Vigoda’s essay here for a complete discussion.) From a practical perspective, class action lawsuits can provide pitiful compensations to defendants while hardly representing the defendants’ own interests. From a halachic viewpoint, a class action lawsuit is similar to appointing a messenger to sue — an action which is generally frowned upon. Rambam writes:
If a man has a piece of land in the care of another person, or if he has movables deposited, and he wishes to appoint an agent to enter a lawsuit against that person and to take the land or the deposited object away from him, he should write an authorization for him. This authorization should be confirmed by the symbolical transfer of some article, referred to as kinyan, and he should address him in writing with these words: “Plead, acquire, and dispossess for yourself,” or something like this. If he has not written such an authorization for the agent, the latter cannot enter a suit against the other, who can say to him: “You are not entitled to sue me.”
Since class action lawsuits are usually undertaken without the knowledge of the defendant, they would seem illegitimate at first glance.
This concern may seem technical. On the contrary, it cuts to the core of the matter: When our rights are violated, when we are harmed, who will defend us? Is it our own responsibility, or can a community organization or government defend us without our knowledge or input?
One of the few cases where a messenger is allowed by halacha is when the defendant is likely to flee or disappear before the injured party could sue, or if the messenger believes irreparable harm is likely without intervention (see point א, referencing the Trumat HaDeshen, of Vigoda’s essay.) The Torah’s dictum “lo ta’amod al dam rei’echa” — do not stand idly by the blood of your neighbor — further suggests that action on the part of government agencies, batei din, and communities against privacy violators might be permissible, especially in time-sensitive situations, even if those affected are not aware of the action. Digital privacy violations often consist of wide-ranging and permanent spread of one’s personal information, and thus may constitute an irreparable harm in line with the halachic standard for class action.
In other words, when governments and communities have a birds-eye view of the damage caused by privacy violations, they are obligated to take actions that any given individual might not take on her own. It seems, given the growing concerns about privacy that we detailed earlier, community leaders should consider how they might organize around issues of privacy as we move into the 2020s.
Moving Beyond Privacy
Since the data economy is a fact of life, we might argue that it is somewhat of a moot point to nitpick an exact standard of privacy for our lives. Instead, we are called upon to ask some genuinely new halachic questions: What is the halachic status of data as an economic and personal good? What might the Jewish tradition say about ethical and unethical ways to use data once it is acquired? What is the status of data acquired with only “moderate consent,” for example if a website that we need to use gives us no option but to accept the privacy policy?
These are difficult questions, but the tradition still has much to teach us. For example, consider the act of instinctively checking a “terms and conditions” box, an action by which we resign so many digital rights. (Eight-in-ten U.S. adults say they are asked to agree to a privacy policy at least once a month.)
The gemara relates the story of a man who swears in a court case that he has never seen a certain pillar (he is accused of accepting a loan by that same pillar). Witnesses are brought forward who say that they saw him urinating by the pillar, and charges of lying to the court are levied upon the man. But Rava asserts that “any matter that is not incumbent upon a person to remember, he performs it and it is not on his mind.” In other words, the man is not a liar: he simply forgot that he did something so normal as urinate on a pillar (more common in those days, I guess.)
If a person checks a privacy policy out of habit, does their digital signature hold any halachic weight? Rava’s ruling hints that people may not be legally liable for things they might easily forget doing.
The situation gets even more murky when we realize that most privacy policies in the US tell consumers almost nothing about what is being done with their data. It seems that one basic digital norm demanded by halacha is that privacy policies be transparent and not take advantage of instinctive agreement. The EU’s General Data Protection Regulation goes a long way towards satisfying this halachic demand, and its wording is an eerily direct response to Rava:
“Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her[…] Silence, pre-ticked boxes or inactivity should not therefore constitute consent.”
Once the user has already agreed to share data, what ethical norms might halacha reveal for the use of personal information? Furthermore, is it reasonable to demand that consumers be fairly compensated for use of their data?
Maybe personal data should be considered the same as any economic good, like a house or a sandwich. There are key differences, however, since selling someone a sandwich does not put you at future risk of harm in the same way as selling your own personal data might.
One alternative and seemingly novel interpretation of the data exchange between digital services providers and consumers is as a loan. Many frameworks for digital rights do include the “Right to be Forgotten,” i.e. to have one’s data deleted by a service provider. For example, I can download or delete every bit of data that Facebook carries about me. From this perspective, my choice to give Facebook my data seems like a temporary sale from me to Facebook, like a pawn shop for data. I give Facebook my data, and it loans me its services.
Suddenly, the digital services provider such as Facebook has all of the power. It decides the value of my data for advertisers, how to compensate me for it, and even how much to tell me about where my data is going. That is precisely the “pawn-shop” power dynamic that the rabbis feared — a loan shark with all of the power against the powerless individual.
The rabbis thus prohibit a whole slew of behaviors regarding such loans (Bava Metzia Chapters 5 and 6); for example, they prohibit the loaning party making a profit off of the pawned item when it may be returned, as this counts as taking interest for a loan. American law, to a greater or lesser extent throughout the decades, has also put limits on the behavior of loaning institutions by restricting risky banking behavior and encouraging reserve minimums. Both of these policies constrain the amount of profit that banks can make from customers’ deposits in order to protect those customers.
By analyzing the power dynamics behind the data exchange, we see that halachic norms may put a cap on the reasonable profit that Facebook or Google can make from such a “data loan.”
Of course, there are some obvious limits to this discussion. Strictly speaking, halachic financial restrictions traditionally only hold for exchanges between Jews. Obviously, since much of our discussion is about extracting principles, we largely ignore this question. A more important concern is that not all policy experts think that the definition of data as property would help consumers:
Treating personal information as property to be licensed or sold may induce people to trade away their privacy rights for very little value while injecting enormous friction into free flow of information. The better way to strengthen privacy is to ensure that individual privacy interests are respected as personal information flows to desirable uses, not to reduce personal data to a commodity. (Why data ownership is the wrong approach to protecting privacy, Brookings Institute, 6/26/2019)
Despite these issues, these texts give us the beginning of a set of concrete moral guidelines — which seem to be sorely lacking in Silicon Valley — for what a humane data economy might look like, and for how a Jewish person might try to think about data and privacy in a way that is grounded in Jewish tradition.
Conclusion
I worry that modern Orthodox and progressive Jews alike were so distracted by chareidi rejection of the internet that they forgot to instigate communal discussion of their own around the use of digital technology. So let us begin, together. What would the rabbis have fined Facebook for its violations? What is the very worth of our privacy in the eyes of the tradition of which it was said “turn it and turn it again, for all is in it”?
I do not know of an explicit monetary compensation for the “damage of sight” in halacha, of a fine to be levied if the aforementioned neighbor refused to build a wall or was purposefully looking into another’s house. However, if such compensation did exist, we might expect that a fair damage would be at least the minimal damage for physical violence, such as a punch. These minimal assaults — just like a data breach! — cause more shame than physical destruction. They cost the perpetrator four zuz.
We may estimate that four zuz are at least equal to $600 in 2020, given the Talmudic stipulation that 200 zuz are enough to support a person for a year (see p. 94 here) and assuming a modest living cost of $30,000 per year.
Thus, if such a speculative rabbinic penalty were levied for each of the 87 million victims of the Cambridge Analytica scandal, one would have expected a fine of at least 52 billion US dollars. This rabbinic fine is ten times the actual $5 billion fine that was so pitiful that it actually caused Facebook stock to rise on the day it was levied.
But tongue-in-cheek monetary calculations can only take us so far. The truth is, I am told that the offended party in the case of “damage by sight” forgoes her rights to privacy if she does not build the whole wall herself.
This is the true lesson. If we do not fight for our own digital rights, if we do not take matters into our own hands, no one will.
