Tool Without A Handle: Tools For Vigilantes
“This country is planted thick with laws, from coast to coast, Man's laws, not God's! And if you cut them down, and you're just the man to do it, do you really think you could stand upright in the winds that would blow then? Yes, I'd give the Devil benefit of law, for my own safety's sake!"
― Robert Bolt, A Man for All Seasons.
Whether it’s those wacky kids and their talking Great Dane, a costumed and genetically enhanced savior, or simply just intrepid journalists, extrajudicial surveillance and the use of its fruits is a popular tool for dramatic effect. Entertainment writers, who are paid to push our cognitive buttons, popularly display institutions as bastions of sclerosis, incompetence or worse, cover ups. Absent a vigilante assault on privacy and due process, injustice will prevail, and the public will be duped. Or so the story goes.
And so it goes for Monsignor Jeffrey Burrill, who resigned from his post at the U.S. Conference of Catholic Bishops after The Pillar, a Catholic news source, published allegations that Burrill had been using “hookup apps,” buoyed by evidence that tracked his movements to, among other places, a Las Vegas’ “gay bathhouse.” Even those concerned that Father Burrill failed to honor his promise to observe Catholic rules on celibacy for his vocation, should also be concerned about the publication of those facts in contexts where the harms to privacy outweigh institutional and personal benefits.
Principles to guide the collection and processing of data from smartphone apps are important considerations, particularly for privacy professionals. There’s widespread recognition among industry that privacy needs to be integrated into data processing so datasets can still be useful while minimizing individual privacy harms. This can include steps aggregate unique data elements so that individual data cannot be distinguished. That said, I don’t know enough about the datasets involved here, how they were acquired, or what privacy protections were applied, to be able to comment on that.
It’s in part for that reason that in this blog, though, I focus less on the collection and commercial use of data from social applications, and more on principles to protect privacy when such considering publication of such data or conclusions one can draw from it.
Popular entertainment also tells us that, if one is looking for incriminating evidence, location data is particularly useful. If a given device can be linked to a known address of a person, and that device ID later appears at the address of an affair partner, the work is done. The old-fashioned and more dangerous work of private investigators like Jake Gittes from the film Chinatown, personally stalking suspected unfaithful spouses until they can be photographed in compromising positions, is unnecessary.
Importantly, though, Jake Gittes is distressed when, to his surprise, photos he provided to a client are published in the news media. While not necessarily an ethical model, Gittes intended his work to right a wrong privately, not to involve the figures involved in a public scandal. So too, the ethical framework guiding the Pillar’s use of the dataset to publish a news article makes all the difference as to the impact data tools may work on human beings.
As this blog has noted frequently, networked information tools can be particularly useful for promoting an agenda, whether for violence or for justice. To best promote principles of justice, actions taken to promote justice should themselves be just. That is, one should uphold whatever principle it is one seeks to promote. So, for example, actions aimed at promoting respect for the human person should respect the human person. The aim of promoting respect is itself noble, of course, but ethical aims do not always guarantee ethical outcomes.
In a statement on Twitter, JD Flynn of the Pillar explained their reasoning thusly: church leaders have pointed out that inconsistency between actual behavior and doctrinal expectations of celibacy can contribute to a ‘culture of secrecy’ – i.e., a culture conducive to covering up child abuse. Therefore ‘outing’ this church leader’s behavior serves the greater good by warning church figures secrets may not hold. The Pillar also says it’s not insinuating Msgr. Burrill was involved in inappropriate contact with minors, but it alludes to connections between use of “hookup apps” and the abuse of minors.
Other commentators supported the Pillar’s actions on the basis that persons in a sensitive vocation deserve less privacy, given the interests of the people they serve in knowing if their priest is indeed struggling or in violation of his commitments. Janet Smith, writing in Crisis magazine, argues the disclosure of information was akin to the right of a spouse to know if their partner is being unfaithful.
I think both the Pillar and Janet Smith’s arguments fail, and fail decisively, for at least three reasons:
First, to the extent one justifies the disclosure of a person’s movements as beneficial to an institution, more is needed to justify disclosure to the public rather than simply to the institution itself. The Crisis article elaborates why a supervising Bishop would want to know - and act on - such information, but makes little or no case defending the disclosure to the public. Similarly, the Pillar explains the data was brought to the attention of Msgr. Burrill’s employer in confidence for purposes of an internal response, after which Msgr. Burrill resigned that employment.
Second, Christian teaching on sin and privacy cautions against public shaming of those in error. In the Gospel of Matthew, Chapter 18, Jesus counsels: “And if your brother sins, go and reprove him in private.” Ongoing wrongdoing with no sign of change can be dealt with via escalations, including publication to the community, but the first ethical principle is to approach the matter humbly (recognizing no accuser is themselves without sin), and with the goal of reconciliation.
Third, the arguments in favor of publication assume the party in the wrong has lost certain rights. The analogy to surveillance and disclosure of marital infidelity is telling. A cold truth, but if your spouse is cheating (or you suspect that’s the case) you do not gain any additional rights to know which supersede their rights to privacy. Vigilante invasion of privacy is not an entitlement to the betrayed.
Indeed, engaging in such secret surveillance is a fairly clear example of the point I noted earlier that actions should respect their aims: engaging in excess secrecy is unlikely to be effective at discouraging a spouse from excess secrecy. Moreover, it’s illegal to wiretap a spouse suspected of cheating and publish the findings, just as it’s illegal to wiretap with criminal intent and reveal what you learn.
In this case, accounts are the data was lawfully obtained through purchase from a data broker, but there is still the matter of the public disclosure. The Pillar may, in some sense, rationalize this disclosure with a belief that the fate of mortal souls hangs in the balance unless the church reforms, especially given experiences with child abuse in the institution. But it’s this rationalization for abrogating privacy that poses the most problems, in part because it elides distinctions between different uses of the tools.
Yes, “hook up” relationships can’t really lay claim to being paragons of virtue, and they are wrong if inconsistent with vocational promises of celibacy. But rather than justify publication on the basis it has exposed this Monsignor’s failure at celibacy, the Pillar makes a different argument: that because the tools used here have also been used for child abuse, any use of the tools warrants a response proportionate to the goal of preventing such abuse. This strikes me as a straw man argument.
The ethical question is not if the priest’s failures should be addressed but if they should be publicized. Yes, “hookup apps” may have been used elsewhere, by others, for the “grooming” involved in child abuse. I’m not persuaded the Pillar needed to publicize Burrill’s identity and his failures, in order to point out the risks of such apps. For one, online safety research shows “grooming” can occur through a variety of tools. Moreover, the Pillar hedges by saying it’s not claiming Msgr. Burrill was using technology to make contact with minors. So why does the public need to know of this person’s failure?
It’s no secret the Catholic church is embroiled in a struggle between supporters of its traditional views on same-sex attraction and, on the other hand, both secular civic acceptance of same-sex relationships, and the positions of many Christians who find those traditional teachings absurd, even unsupported by Scripture. It’s not an implausible inference that someone against validating same-sex relationships would link secrecy about such relationships to secrecy about child abuse in the Church, and also seek to expose those within the vocations who, because of Church teachings, must hide their sexual orientation.
The Pillar has not made this rationalization expressly, but those closer to the workings of the Church than I am have done so. It’s not the place of this blog (nor the intent of this author) to comment further on the doctrinal discussions within the Catholic Church (of which I am not a member). I bring this up solely to highlight that when doctrinal and policy battles are waged using weapons of personal attack, both privacy and policy deliberation suffers.
Which is to say this rationalization for publication of Msgr. Burrill’s activities also does not persuade. It is indeed true, as The Pillar observed, that use of location-based “hookup” apps is inconsistent with clerical obligations to continence and chastity. And it is equally true, that such use was pursued in secrecy, just as child abuse was pursued in secrecy. But neither fact on its own justifies the privacy harms inflicted by publication of Msgr. Burrill’s use of such “hookup” apps.
For one, private disclosure of the material may well have been more effective at protecting all the interests involved. For another, seeking same-sex liaisons between adults, even if suffering under secrecy, is not even the same ballpark as criminal abuse of children. One is a wrong solely by virtue of Church doctrine, while the latter is a wrong by any moral standard. Thirdly, as the film “Spotlight” showed with respect to publication of wrongdoing in the church, ethical journalism involves attention to the motives of those who provide information, and a commitment to submit oneself to constraints that serve the public interest.
A principle that “the public should know of private wrongdoing” needs to be carefully balanced against whether that publication is needed for a public purpose, such as safety, or shedding light on institutional failures to act on the information, or where an individual persists in resisting accountability. To my knowledge, none of those purposes existed here. And the fact that publication may have helped promote a particular policy agenda is not such an offsetting interest, no matter what one’s views on the criticality of that policy agenda.
Others have noted that information technology has caused people to become more polarized, to resist institutional authority in favor of their own judgment, and to feel it essential to expose private matters to public scrutiny. And I suspect this is both cause and effect of a cycle where our ability to live harmoniously with those with whom we disagree has atrophied. I do not need to understand, or even agree with, particular theories about love, human flourishing, gender and identity, in order to believe that those with differing ideas are worthy of respect, kindness, and privacy, especially for their failures.
And I do not need to discount my own judgment in order to recognize vigilantism is fraught with peril. In the 1983 film “The Star Chamber,” Michael Douglas is invited into a secret group of judges who hire an assassin to take out criminals who slip through the justice system, only to rue his extra-judicial abandonment of the official criminal justice system. Yes, the official criminal justice system has failures. And yet the system can also function to balance accountability with privacy. Moreover, The Star Chamber teaches the old ethical adage “two wrongs don’t make a right” – even if the system is imperfect, that’s not a justification for extra-legal vigilantism, much less murder. One can certainly act ethically and act outside the system and, at times, outside the law (particularly when the law is unjust). What doesn’t compute is acting in ways that produce privacy harm with no more justification than that it possibly advances one side of an argument about a matter which is itself ethically contested.
There are reasons grand juries weigh evidence in private, and those reasons apply equally so to journalism. If we wish to promote justice, we must attempt to do so justly. If we wish to promote respect for persons, we must aim to do so respectfully. If we wish to secure action in response to wrongdoing, we should not do wrong ourselves. And if we wish to weaken the ability of others to rationalize a wrong, we should be highly attentive to our own predilections for rationalization of that which serves our own agenda.
See, e.g., https://www.washingtonpost.com/religion/2021/07/21/catholic-official-grindr-reaction/ (quoting Mike Lewis, Catholic commentator, noting that while Burrill did need to step down for violating his commitments, this practice “ruined a man’s life,” rather than bringing truth to light.
See, e.g., Yves-Alexandre de Montjoye, César A. Hidalgo, Michel Verleysen & Vincent D. Blondel, “Unique in the Crowd: The Privacy Bounds of Human Mobility,” Scientific Reports, (2013). online at: https://doi.org/10.1038/srep01376; Alex Berke, Dan Calacci, Kent Larson, Alex (Sandy) Pentland, "The Tradeoff Between the Utility and Risk of Location Data and Implications for Public Good," arXiv.org, 2019, online at: https://www.media.mit.edu/publications/the-tradeoff-between-the-utility-and-risk-of-location-data-and-implications-for-public-good/
See Pierangela Samarati and Latanya Sweeney, "Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression" (1998), https://dataprivacylab.org/dataprivacy/projects/kanonymity/paper3.pdf; see also Latanya Sweeney, “K-anonymity: A Model for Protecting Privacy,” International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, (2002); online at: http://dataprivacylab.org/dataprivacy/projects/kanonymity/kanonymity.pdf
See “Tool Without A Handle: Tools for Terror, Tools for Peace,” March 6, 2016, online at: https://cyberlaw.stanford.edu/blog/2016/03/tool-without-handle-tools-terror-tools-peace# (“Illiberal constraints on privacy and expression do not bode well for discouraging an illiberal political and social agenda”).
Again, this is on its face not a matter involving child abuse, where public identification of the abuser could have ethical benefits, including encouraging other witnesses to come forward, protection of those associating with the abuser, and additional pressure to ensure accountability (including criminal investigations).
Matthew 18:15 ("If your brother or sister sins ,go and point out their fault, just between the two of you. If they listen to you, you have won them over.")
John 8:7 (“When they kept on questioning him, he straightened up and said to them, “Let any one of you who is without sin be the first to throw a stone at her.”)
An article on this matter quotes Daniella Zsupan-Jerome, the director of ministerial formation at St. John’s University School of Theology and Seminary in Collegeville, Minn., “more and more surveillance and tracking technology will not produce righteous men fit for ministry. Instead, she said, it will contribute to a culture of suspicion and perpetuate the lack of trust in the Catholic Church.” See Michael O’Laughlin, “What we do and don’t know about the methods used to track the Grindr habits of a top USCCB priest,” July 23, 2021, online at: https://www.americamagazine.org/politics-society/2021/07/23/grindr-data-privacy-catholic-burrill-241111 (“O’Laughlin”).
The Electronic Communications Privacy Act (“ECPA”) prohibits intentional, unauthorized interception, disclosure, or use of electronic communications in which there is an expectation of privacy. And a spouse has an expectation of privacy in their emails, text messages, and other correspondence (and subjectively, cheating spouses have higher expectations of privacy). See 18 U.S. Code § 2701
I would pointedly disagree with the Catholic Church, though, in that I’d argue “hook ups” are no worse if pursued between adult persons of the same sex.
See, e.g., “Ohio priest’s plea raises tech accountability concerns,” online at: https://www.pillarcatholic.com/p/ohio-priests-plea-raises-technology
See, e.g., Sonia Livingstone; Julia Davidson, Joanne Bryce, Saqba Batool, “Children's online activities, risks and safety,” London School of Economics (2017), online at: http://www.lse.ac.uk/business-and-consultancy/consulting/assets/documents/childrens-online-activities-risks-and-safety.pdf. This literature review of studies in online safety notes (p. 49) we still don’t have full data on online “grooming” in that understandably those who have experienced it often feel shame, and so strongly wish to keep those matters private. At the same time, studies have modeled the grooming process and the proposition that it involves frequent intense contact and manipulation over time is borne out by views of other authorities. See, e.g., “What is Grooming?,” National Society for the Prevention of Cruelty to Children, online at: https://www.nspcc.org.uk/what-is-child-abuse/types-of-abuse/grooming/; “Unwanted Contact and Grooming,” Australia’s E-Safety Commission, online at: https://www.esafety.gov.au/parents/big-issues/unwanted-contact
See, e.g., O’Laughlin, supra n.11.
That’s not to say, of course, that such practices are unusual. See, e.g., Elaine Kamarck, “A Short History of Campaign Dirty Tricks Before Twitter and Facebook,” Brookings, July 2019, online at: https://www.brookings.edu/blog/fixgov/2019/07/11/a-short-history-of-campaign-dirty-tricks-before-twitter-and-facebook/
I’d written earlier about use of information tools for confessions, noting that privacy is often an enabler of transparency where it protects disclosed information from broader disclosure, beyond the sphere of those in a position to make constructive use of it. See “Tool Without a Handle: Online Confessions,” online at: https://cyberlaw.stanford.edu/blog/2018/03/tool-without-handle-online-confessions So as to whether a private disclosure of this to church authorities would have been more effective at protecting all the interests involved, the Catholic tradition of a confidential confession (as distinct from a public show of penitence) is instructive.
By my reasoning, too, publication of the “Pentagon Papers” would not have been justified if the sole basis to publish was an attempt to change the direction of US policy in Vietnam. What did justify publication was to alert the public to the deceptions carried out by several administrations, and the refusal of such administrations to relate to the public the actual facts, so that democratic processes could function properly. And when the information is primarily personal, rather than institutional, the test for publication should be even more rigorous.
There isn’t room in this footnote to catalogue the examples. This study on the role of race in death penalty sentencing is sufficiently illustrative: Katherine Beckert and Heather Evans, “The Role of Race in Washington State Capital Sentencing, 1981-2014,” online at: https://files.deathpenaltyinfo.org/legacy/documents/WashRaceStudy2014.pdf